[MMUSIC] Comments on draft-zhou-mmusic-sdes-keymod-01
Eric Rescorla <ekr@rtfm.com> Mon, 17 September 2012 16:30 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C1F721F846E for <mmusic@ietfa.amsl.com>; Mon, 17 Sep 2012 09:30:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.846
X-Spam-Level:
X-Spam-Status: No, score=-101.846 tagged_above=-999 required=5 tests=[AWL=-0.358, BAYES_05=-1.11, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bvIWtbNVPRea for <mmusic@ietfa.amsl.com>; Mon, 17 Sep 2012 09:30:14 -0700 (PDT)
Received: from mail-ee0-f44.google.com (mail-ee0-f44.google.com [74.125.83.44]) by ietfa.amsl.com (Postfix) with ESMTP id 6512E21F867F for <mmusic@ietf.org>; Mon, 17 Sep 2012 09:30:14 -0700 (PDT)
Received: by eekb45 with SMTP id b45so3582979eek.31 for <mmusic@ietf.org>; Mon, 17 Sep 2012 09:30:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:from:date:message-id:subject:to :content-type:x-gm-message-state; bh=5XLX7nvL1+W7Lg9CWCTPhnKZ16KfMh3k2sZS6hKTPXI=; b=Ltz23cNSseTkzraHxpNItgWuQo9ePqSdYctSGOxuNZWTBFdhAE9mFGOgaS5Ul+lFFP 3oASFq6YRg4OC6m6wHVPkU3qm+NDPqurF+pEXP82OyCiOgMcDsWrdRp7hYoMqecFvnTS brhAqH+iRfGS44ShJjqA8IzgQT2eyUGBBlc2alWC96AuEZUs6qN/tcVm8AVhf8pkE4Z2 Xjjs2kSC/HoXXMduiNzkgbjcLlAvrgLpj8jNdXw0jc/ZGr4hjFGQfSK/BlqFb9Jvtlot KCXXEF9DumzXbGhSCSCN06u9uRF65fFCW/gqLseyoJuIy88fIujuvifwHOMv1KAXG7vI xnRw==
Received: by 10.14.224.4 with SMTP id w4mr14376106eep.21.1347899413545; Mon, 17 Sep 2012 09:30:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.14.187.10 with HTTP; Mon, 17 Sep 2012 09:29:33 -0700 (PDT)
X-Originating-IP: [74.95.2.173]
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 17 Sep 2012 09:29:33 -0700
Message-ID: <CABcZeBOuqNbaB6gqae6G_W1L_4t6kc6uOdAqBCu0SaiyH0e=8Q@mail.gmail.com>
To: mmusic@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
X-Gm-Message-State: ALoCoQlf7ilwwRz1Xc7Cl6FntlPCq16IkoVRN0e42hR0Uzm62Z2ULwrXddx1S7N47pMAzfwZ0XSb
Subject: [MMUSIC] Comments on draft-zhou-mmusic-sdes-keymod-01
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Sep 2012 16:30:15 -0000
This document describes an extension to SDES to address the fact that
in the case of retargeting/forking multiple targets get to see the
SDES key which the offerer will use for sending data. The proposal
here is to add an extension which can be sent by the answerer to
modify the key provided by the offerer.
This whole line of development doesn't seem like a very good idea.
During the RTPSEC work, we considered this problem and a bunch of
related problems with SDES (e.g., early media) and concluded that a
media-plane key establishment protocol was the right approach to
addressing this problem, among others. I don't see a lot of point in
doing piecemeal patches to SDES in an attempt to band-aid it's
fundamental problems.
This particular design seems particularly problematic in that
it allows an on-path proxy to force the offerer into using a
specific key. The general pattern would look like this:
Alice Proxy Bob
OFFER with K1 + keymod --->
OFFER w/ K2 ------------>
<----------------- ANSWER
<- ANSWER with Keymod for K2
With conventional SDES, the proxy gets to see the SDES key but
not to modify it. Obviously, he can change the key in flight,
but the sender will still use the old key. This design would
further weaken even the limited set of protections provided
by SDES.
-Ekr
- [MMUSIC] Comments on draft-zhou-mmusic-sdes-keymo… Eric Rescorla
- Re: [MMUSIC] Comments on draft-zhou-mmusic-sdes-k… Bernard Aboba
- Re: [MMUSIC] Comments on draft-zhou-mmusic-sdes-k… zhou.sujing