Re: [MMUSIC] WGLC on draft-ietf-mmusic-dtls-sdp-06.txt

[Paul Kyzivat <pkyzivat@alum.mit.edu>]

On 2/24/16 5:01 PM, Martin Thomson wrote:
> On 24 February 2016 at 13:47, Paul Kyzivat <pkyzivat@alum.mit.edu> wrote:
>> If we are going to make normative references to multiple fingerprints we
>> need some place authoritative to reference for the details.
>
> I recommend judicious use of copy and paste.  Feel free to steal text
> that I wrote.

First I think it is necessary to decide which document needs this. Then 
the copy/paste can proceed. If it belongs in the body of dtls-sdp then I 
guess it is straightforward to proceed.

If it is in one of the documents that dtls-sdp updates (5763 or 7345) 
then I guess the changes can still be tucked into sdp-dtls.

If it requires something else then it may get more messy.

> FWIW, my reading of 4572 is that it permits multiple fingerprints: one
> for each certificate that might be used.

It doesn't say there *can't* be multiple fingerprints. But I see nothing 
obvious that suggests that is a possibility. There is a lot of usage of 
"the fingerprint" in the text. If it is intended, then ISTM that more 
explanation is needed.

> Its failing is that a) it
> doesn't allow for hash agility, and b) it's unclear, perhaps in the
> extreme.

Yup.

> However, I see this:
>
>     Endpoints MUST support SHA-256 for generating and verifying the
>     fingerprint value associated with the DTLS association.  The use of
>     SHA-256 is preferred.
>
> Which doesn't mention that this requires an update of 4572.

rfc7345 has some similar (not identical) text about this. It is unclear 
to me if that overrides 4572, or supplements it.

Then dtls-sdp updates 7345, removing that text, and replacing it it with 
a reference to itself. Then again similar text is included in section 4.1.

After all those changes I don't know where we stand. But none of those 
places are clear about multiple fingerprints. And I don't know which of 
them ought to be authoritative about that subject.

I don't know what the fix is. I only know there is a problem.

	Thanks,
	Paul

> And this:
>
>     The certificate received during the DTLS handshake MUST match the
>     fingerprint received in the SDP "fingerprint" attribute.
>
> Which should say '*a* fingerprint', to allow for there being multiple.
>
> And this:
>
>     [...]  In addition, the offerer
>     MUST insert an SDP 'setup' attribute according to the procedures in
>     [RFC4145], and an SDP 'fingerprint' attribute according to the
>     procedures in [RFC4572], in the offer.
>
> Which doesn't deal with multiple certificates.
>
> I also see:
>
>     The
>     subjectAltName is not an important component of the certificate
>     verification.
>
> Which is true but insufficient; the text can simply say that the
> certificate is only a receptacle for a public key and authentication
> is tied to an a=fingerprint line in the SDP.
>
> And this:
>
>     This offer includes, as part of the SDP payload, the fingerprint of
>     the certificate that the endpoint wants to use.  The endpoint SHOULD
>
> Which should be plural fingerprint*s*.
>
> The pattern repeats throughout.
>