IETF Logo Mail Archive

Re: [MMUSIC] WGLC on draft-ietf-mmusic-dtls-sdp-06.txt

Roman Shpount <roman@telurix.com> Wed, 24 February 2016 21:22 UTC

Return-Path: <roman@telurix.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 163241B2EE0 for <mmusic@ietfa.amsl.com>; Wed, 24 Feb 2016 13:22:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pvZJyWHG9sxo for <mmusic@ietfa.amsl.com>; Wed, 24 Feb 2016 13:22:04 -0800 (PST)
Received: from mail-ig0-x231.google.com (mail-ig0-x231.google.com [IPv6:2607:f8b0:4001:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDA121A8A68 for <mmusic@ietf.org>; Wed, 24 Feb 2016 13:22:03 -0800 (PST)
Received: by mail-ig0-x231.google.com with SMTP id y8so129355igp.1 for <mmusic@ietf.org>; Wed, 24 Feb 2016 13:22:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=+Bp+1HzxFaw8JIO7QAW16btQfOjMX4ukFpezrWQ7Ni0=; b=Co+ByyKYcfy7NIlbQJlH/5Gyyk7YossF8IRKss7d1eJmTx8N+p05edDpBd2dPrqRvy 0cITbMEnYOdDacegGDMzqUGLTYT1MtLFeWSgaVtwEcgeffp5w+GXJ2YbjBJZlAi/DHFQ rqmEUt9S8kys5S+szODpejXmNmEfHkcXfnITMC04d0FHY31obA+JRsyhGotnlgxpgDPb XTmPnSMTTK7u6wYdimIzvnVDR68OSFws+Fogp+N60dDrEyXRLanV8NAhCX1njU0KHDWr 3a7FL9dRbIN9XSA3zS28X7tEhvMJhmDif24Qq0TDdSFwNX6aPw2P6yRHtty57c6rSwas YAAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=+Bp+1HzxFaw8JIO7QAW16btQfOjMX4ukFpezrWQ7Ni0=; b=J+h5QFRgJU0lLtdKt9R6+2x6CWzYWg2VW0ran3KToMz6k5/W1r4smp1GN2ErZVquRx CyQoDTfQtx8NEQ+Ha9anyom6TZIMIXu9OPUbmNoZxyURYP/+QYZdWyfRx2ZSRZsVmpiN Oiubj3FFVBt2DQrQ/FAwvC7qLTzFSQfmHSYAHupEtn+Vu0GJvCzDRGimypRmG9sBpeu7 wkj6r8GA2tOg0sAFEDxxYtuHUtJ45k39pEmw/87nEbnrE9mvP1AVrB4D1azMnaX1NtVa 2VK0g697JloIN2fwpQc5DfnA3WOaEkkR75N/qJWL9cP8gZ4T4pAYaQwRVkfxh+u9cMC6 F1sQ==
X-Gm-Message-State: AG10YOT4JrDr2cho9N88Ao+XDD0m/BC0KtG7vM7sXz4fE24AqpThSedRoyEAvuP41Plp+A==
X-Received: by 10.50.66.203 with SMTP id h11mr68937igt.72.1456348923239; Wed, 24 Feb 2016 13:22:03 -0800 (PST)
Received: from mail-ig0-f182.google.com (mail-ig0-f182.google.com. [209.85.213.182]) by smtp.gmail.com with ESMTPSA id ys7sm15881igb.21.2016.02.24.13.22.01 for <mmusic@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Wed, 24 Feb 2016 13:22:01 -0800 (PST)
Received: by mail-ig0-f182.google.com with SMTP id y8so128641igp.1 for <mmusic@ietf.org>; Wed, 24 Feb 2016 13:22:01 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.50.109.196 with SMTP id hu4mr21997igb.24.1456348921194; Wed, 24 Feb 2016 13:22:01 -0800 (PST)
Received: by 10.36.105.77 with HTTP; Wed, 24 Feb 2016 13:22:01 -0800 (PST)
In-Reply-To: <56CE1CBD.70504@alum.mit.edu>
References: <56B4CDCF.4080100@cisco.com> <56CA320D.9050306@cisco.com> <7594FB04B1934943A5C02806D1A2204B37E389BF@ESESSMB209.ericsson.se> <56CCBE6A.7090709@alum.mit.edu> <7594FB04B1934943A5C02806D1A2204B37E3E3AB@ESESSMB209.ericsson.se> <56CDE4FB.6090002@alum.mit.edu> <7594FB04B1934943A5C02806D1A2204B37E400B7@ESESSMB209.ericsson.se> <56CE145F.5090903@alum.mit.edu> <CAD5OKxsUGZRCJack7d2bTZhssh3YSHX=OvyNX_D0GT7+q7Zqnw@mail.gmail.com> <56CE1CBD.70504@alum.mit.edu>
Date: Wed, 24 Feb 2016 16:22:01 -0500
X-Gmail-Original-Message-ID: <CAD5OKxsGLvCpNnwcgFsEKMrmvfUrTfKXE9EzJqfTqPCo-=-sXA@mail.gmail.com>
Message-ID: <CAD5OKxsGLvCpNnwcgFsEKMrmvfUrTfKXE9EzJqfTqPCo-=-sXA@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Paul Kyzivat <pkyzivat@alum.mit.edu>
Content-Type: multipart/alternative; boundary="089e011605a21e0305052c8aa8bf"
Archived-At: <http://mailarchive.ietf.org/arch/msg/mmusic/vko5A9r8ELv913vgl3lVFHgetB4>
Cc: "mmusic@ietf.org" <mmusic@ietf.org>
Subject: Re: [MMUSIC] WGLC on draft-ietf-mmusic-dtls-sdp-06.txt
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2016 21:22:05 -0000

On Wed, Feb 24, 2016 at 4:12 PM, Paul Kyzivat <pkyzivat@alum.mit.edu> wrote:

>
> But rfc4572 says:
>
>    A certificate fingerprint MUST be computed using the same one-way
>    hash function as is used in the certificate's signature algorithm.
>    (This ensures that the security properties required for the
>    certificate also apply for the fingerprint.  It also guarantees that
>    the fingerprint will be usable by the other endpoint, so long as the
>    certificate itself is.)
>
> That seems to exclude creating fingerprints with multiple algorithms, or
> any need to do so.
>
> Looking deeper, I find OLD TEXT (from 7345) that talks about multiple
> fingerprints, for differing cipher suites. So I guess in that case multiple
> certificates will also be presented, with a fingerprint for each, and it is
> only necessary to verify one of them.
>
> But the NEW TEXT removes all of this, changing it to refer to *this*
> draft. But equivalent text isn't present in this draft!!!
>

I was talking about using multiple fingerprints to offer multiple cipher
suites. I am not sure what draft this is present in, but this is what EKR
explained to me in on the list.

Can you send the reference to this OLD TEXT you mentioned so that it can be
added to this draft?

Thank You,
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email