Re: [MMUSIC] Secdir last call review of draft-ietf-mmusic-sdp-uks-05
Adam Roach <adam@nostrum.com> Sun, 09 June 2019 01:15 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8664512011E; Sat, 8 Jun 2019 18:15:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.98
X-Spam-Level:
X-Spam-Status: No, score=-1.98 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oXEvkfmsepVh; Sat, 8 Jun 2019 18:15:45 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B1ED1200B5; Sat, 8 Jun 2019 18:15:45 -0700 (PDT)
Received: from MacBook-Pro.roach.at (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x591FeJp068825 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Sat, 8 Jun 2019 20:15:41 -0500 (CDT) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1560042943; bh=8fMpHMECg3wL4y3Dozi6O9eTsA9TMdQoYgM/JkpVTo0=; h=Subject:To:Cc:References:From:Date:In-Reply-To; b=LN9D0Ay/e7mVwQbRkSe37cGDiMbVRGQkqf07NID38JOuifE3LvjOFlYDnsOjsz3rT fghA4BzXhRSKmTMhOLZIF188fyTeRkLnlZA2vABobx3sAvmim1NGwh4TJAk5LBPOF8 FYYwS/Dymo03Iekmr3M9Zv2t/a39idFz7jimFH/U=
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be MacBook-Pro.roach.at
To: Russ Housley <housley@vigilsec.com>, secdir@ietf.org
Cc: draft-ietf-mmusic-sdp-uks.all@ietf.org, ietf@ietf.org, mmusic@ietf.org
References: <156002574538.10095.7918697870650906635@ietfa.amsl.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <ee60f695-c0bf-39c6-0581-47ca92fcb5db@nostrum.com>
Date: Sat, 08 Jun 2019 20:15:34 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.7.0
MIME-Version: 1.0
In-Reply-To: <156002574538.10095.7918697870650906635@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/PaQiLUkTbJj-_pB5376gEq9zWfk>
Subject: Re: [MMUSIC] Secdir last call review of draft-ietf-mmusic-sdp-uks-05
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Jun 2019 01:15:48 -0000
On 6/8/19 3:29 PM, Russ Housley via Datatracker wrote: > In Section 3.2, SHA-256 is the only supported hash function. In some > manner algorithm agility needs to be provided. This could be done by > using the same hash function as TLS is negotiating elsewhere, by > including a hash algorithm identifier, or explicitly stating that a > new TLS extension will be defined for use with another hash function > if flaws are found in SHA-256. Addressing just this point, as I think it was an oversight. Section 3.2 contains the text: > Note: Should SHA-256 prove to be inadequate at some point in the > future (see [AGILITY]), a new TLS extension can be defined that > uses a different hash function. /a
- [MMUSIC] Secdir last call review of draft-ietf-mm… Russ Housley via Datatracker
- Re: [MMUSIC] Secdir last call review of draft-iet… Adam Roach
- Re: [MMUSIC] Secdir last call review of draft-iet… Adam Roach
- Re: [MMUSIC] Secdir last call review of draft-iet… Martin Thomson