Re: [MMUSIC] Review: draft-ietf-mmusic-sdp-uks
Martin Thomson <martin.thomson@gmail.com> Wed, 31 October 2018 00:06 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9EF0130DE9 for <mmusic@ietfa.amsl.com>; Tue, 30 Oct 2018 17:06:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eA4jmZaipM3f for <mmusic@ietfa.amsl.com>; Tue, 30 Oct 2018 17:06:05 -0700 (PDT)
Received: from mail-oi1-x229.google.com (mail-oi1-x229.google.com [IPv6:2607:f8b0:4864:20::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BBEB71277CC for <mmusic@ietf.org>; Tue, 30 Oct 2018 17:06:05 -0700 (PDT)
Received: by mail-oi1-x229.google.com with SMTP id v198-v6so9342446oif.2 for <mmusic@ietf.org>; Tue, 30 Oct 2018 17:06:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hCQb2g4xd5eJ2n7xHjpBgkm8LhOTqadxMywsaCGNenY=; b=lcDSY8yxvLK00V/kvtjdguinQ/7Ycz3AhZDSxgIsMyVuf39Fo1PhcSFZXNp9oSYxUg kEzf8JYYfDdOYWc+WaWlBmJuIRWjF+pa4Baqusd9F8wGOjOmzxIHrSXXg1/bqpzSJ7ZF E16dZElmgt8acN2jf5lNxMSabDtIXhr1UqMqB/AjxZ5Dml1pRyMuLax1rgsjJLKuqkyl GkaItMVxl5eofRUkSLAPkrdBTA0jyzSuoCE93XcEHkIETJT5q+ndprZtHPsfKghTzimA MIS/X4N1OKtjAStjgW+EfEJXdksj3ve1uQL672sWNNyWStaQcaBcs7gPXZe3V2KqGMGP vNFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hCQb2g4xd5eJ2n7xHjpBgkm8LhOTqadxMywsaCGNenY=; b=KH7/UFJHYP3Zd9Tbhi22mKAzKSYHkz3ATmdCzfFTfaVcoreVxsOiyND7lyGo2efQcd 5Y49oYSIhi0lblcU+gB0VUGwUM/ngEEueHLY0IjN5EENdfDaoqG739ULqZ8z3Dyk20sr +ubT6sswrfi0/Fs0SfkfA6btujkOD8ulcG/VCECQOZ9I/kNWsC2H5LrGay/ssorELDFe zOkQXb4ddvGBn7mjugXZPjECdpJJNEvtQbrZzCPAC1nzFwQTVuQkVHhenyNf87UP3R4A rONDGYfkoERhj97WHBr5u2u6m98c5lJZYj6cghLXNsSze9MH7y8W3ffGZo70K9HIRr8Y Y2iw==
X-Gm-Message-State: AGRZ1gLfLpsfo2zuF7TBxkdXTq7E/mX0SYf/BvZMqiITSMCzAiLPi7Kf UMTEdNc/Jf0gYQZhOBR7tuOyNoK5TkZWEvGmtMCf3/TGUmM=
X-Google-Smtp-Source: AJdET5eCbaPA/OAI0tjP8OYbTIvf5shve5RyJ7jpLPQdMhDkjpwawO+Bklt9KiS3lT6KoW+8hCph7Devepic4bXHjQs=
X-Received: by 2002:aca:905:: with SMTP id 5-v6mr328503oij.163.1540944364988; Tue, 30 Oct 2018 17:06:04 -0700 (PDT)
MIME-Version: 1.0
References: <deaaef8c-3cb9-ede3-c94b-1774f7c4c880@nostrum.com> <CABkgnnVkAdf0+Drz7xh3Q39AY_YjcdykgkV31OAyzBRTQsHSaA@mail.gmail.com> <f5cda451-fb30-c080-5fd0-d2629c0a6ec1@nostrum.com>
In-Reply-To: <f5cda451-fb30-c080-5fd0-d2629c0a6ec1@nostrum.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 31 Oct 2018 11:05:56 +1100
Message-ID: <CABkgnnVpHLyd4Nq1R5vbD46bv_7GSu9iKBxMpXJSx6HZFncy0A@mail.gmail.com>
To: Adam Roach <adam@nostrum.com>
Cc: mmusic@ietf.org, draft-ietf-mmusic-sdp-uks@tools.ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/cj2BFX2MdADqujoC377SG_taTSo>
Subject: Re: [MMUSIC] Review: draft-ietf-mmusic-sdp-uks
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2018 00:06:08 -0000
Thanks Adam, I realize that I failed to push the update, but you should be able to preview the changes here: https://martinthomson.github.io/sdp-uks/draft-ietf-mmusic-sdp-uks.html Thanks for clarifying on the signaling integrity point. That helps a lot. On Wed, Oct 31, 2018 at 6:00 AM Adam Roach <adam@nostrum.com> wrote: > That's the headline point, and why I suggest a move from session ID to > PASSPoRT. This might be asking for a bigger change that what I've implemented, and I might not be able to do that sort of change quickly. Are you suggesting that the identity bindings stuff (WebRTC and PASSPoRT) be made the primary focus of the document? I think that I agree, but I'll need a bit more time to knock this into shape. I've taken ill, so I'm working at reduced capacity, even if there weren't the usual pre-meeting deluge to deal with. I can tweak things to shift the emphasis more if that helps. > (Are these bits of institutional knowledge being collected anywhere? I > reviewed TLS 1.3, and don't recall seeing this principle described.) No, this design choice is an extension of the ideas from https://tools.ietf.org/html/draft-thomson-use-it-or-lose-it-00 and other places. I should be less trite in my explanation. Cryptographic agility is still hugely important. Being able to deploy new crypto is a critical design consideration. However, the view is that where existing, well-tested mechanisms can be used to deploy new crypto, we should rely on that as much as possible rather than adding new secondary points of articulation that might fail when we need them. In this case, I expect SHA-256 to remain in use a very long time. If we added a new field for the hash algorithm, that would be a new extension point. That extension point is unlikely to see any use in the foreseeable future (it's SHA-256 all the time!). Come the time we want to change it to Kangaroo Twelve or whatever the next hot thing is, we might find that implementations choke. That makes a new extension point more of a liability than an asset. In this particular case, new extension codepoints aren't scarce enough to worry about having to burn another one when the time comes to update the algorithm. So that's the best option. Sadly, RFC 7696 doesn't capture this idea well, it even seems to discourage the practice. But there you go. (Sorry, that was long. Hot-button topic, I guess.)
- [MMUSIC] Review: draft-ietf-mmusic-sdp-uks Adam Roach
- Re: [MMUSIC] Review: draft-ietf-mmusic-sdp-uks Flemming Andreasen
- Re: [MMUSIC] Review: draft-ietf-mmusic-sdp-uks Martin Thomson
- Re: [MMUSIC] Review: draft-ietf-mmusic-sdp-uks Adam Roach
- Re: [MMUSIC] Review: draft-ietf-mmusic-sdp-uks Martin Thomson
- Re: [MMUSIC] Review: draft-ietf-mmusic-sdp-uks Adam Roach
- Re: [MMUSIC] Review: draft-ietf-mmusic-sdp-uks Martin Thomson