IETF Logo Mail Archive

Re: [MMUSIC] 4572 update: forbid weak hashes?

Martin Thomson <martin.thomson@gmail.com> Thu, 07 April 2016 21:13 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C49012D6E9 for <mmusic@ietfa.amsl.com>; Thu, 7 Apr 2016 14:13:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GHrTmkpL9Gup for <mmusic@ietfa.amsl.com>; Thu, 7 Apr 2016 14:13:35 -0700 (PDT)
Received: from mail-io0-x22f.google.com (mail-io0-x22f.google.com [IPv6:2607:f8b0:4001:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23C4912D10C for <mmusic@ietf.org>; Thu, 7 Apr 2016 14:13:35 -0700 (PDT)
Received: by mail-io0-x22f.google.com with SMTP id g185so109434976ioa.2 for <mmusic@ietf.org>; Thu, 07 Apr 2016 14:13:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=QsJgDRdL30EsoGYEVtwaMt9q9PFYbVy47fKeowiv3aA=; b=HGaUB5/mVvVYuYmrGy3lMJcou5gaWsxtrtPnP/p0sovkhq4kN3gilKSfPFC+DE+3JE 621VbCmp8MkqPtLjDlQrW2Schmjk1UMXD7yK8xbT3VC9tPdcby1TGGtSnVzKszLRvpYF 5GLsqL6IxgIVc0n/d6xXqyZBkzf2saVvC7x7UNFsc5QDSTYLDpYt3z0usgKdM+AX7TH1 2WnXxU7pf2BS+uXfcRqEOnWcvn1SdCWV7WjAwivlqeouFuLnxPsaP4jjBD46JhdI5ACQ r8Z4BRpK60qkmx5BfeXfAKX+dKwTe8psmomyh/9GrKUMDCQ4t5uZAnpdkOdvSWkO0kqV cT6w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=QsJgDRdL30EsoGYEVtwaMt9q9PFYbVy47fKeowiv3aA=; b=PLA74zumae7G3D02k9GOF1nPD4OQOgz5o5ACW9wgxg7wz1U+9yQB2qNwTigViMJolV X2RYf+ZZkAXhqNWRfpBfdDdw4OcoNXBxBJWi0+ZMj0UNLFicafMR0KGXXgr3e3Vb6q0N N4fkRQO2czbfkNCN2jwunkxI9NSiMzy58rlEOr1zCNbxxGgQ3yO6ODPguypWJNTDLN/s 8qB3M1ToXVw/NIS7d2hUz1OeS1JQJOqL+fHt+HyY46ilHpYlmhq2KK9OIYWwnd525cvl fhq92Tk5eH0NVfcWwI4V6PY2MYcxYz42OSc34lOUX8NDEIB350BRBs6flIP/2PVI6cc9 MYOg==
X-Gm-Message-State: AD7BkJIbZwewd+h7GYub+Kzp3WnmmcO6yDoqtvy/9dqS2ue5r7jiERihlgY2M3aSn63m9uR48H/WlR827lDBQA==
MIME-Version: 1.0
X-Received: by 10.107.166.72 with SMTP id p69mr5757762ioe.100.1460063614477; Thu, 07 Apr 2016 14:13:34 -0700 (PDT)
Received: by 10.36.43.5 with HTTP; Thu, 7 Apr 2016 14:13:34 -0700 (PDT)
In-Reply-To: <CAD5OKxsQZe_nNGF421sAw1tr5qeEuxG7SBmAaY7oo8E0U-GvCQ@mail.gmail.com>
References: <4D60EE45-BECA-4A46-98EF-FF4AA482B42E@vidyo.com> <7594FB04B1934943A5C02806D1A2204B37F27B70@ESESSMB209.ericsson.se> <CABkgnnU0qwkUGLv4rkax3hbat9Fb6kXDH9TKZv3MukepN7PkmQ@mail.gmail.com> <57067AFE.9070704@alum.mit.edu> <CAD5OKxtX9HLWJJgKsG7hNJbRB1muS+fe8Pnnm=g4+=ryPyMN+A@mail.gmail.com> <5706B499.9030209@alum.mit.edu> <CAD5OKxu_Ok2Cpb6Zvim4RtOpab3UY1xMWrJtODVHiqJBR_vfJA@mail.gmail.com> <CABkgnnWS030+7xLMdbd+p0bh3805UtRB5fYkOmGuxPcdHLh-1w@mail.gmail.com> <CAD5OKxsVZqOj-HG7_vN4KS+E6=mKurGew=kkRv10u=CJe6QZwQ@mail.gmail.com> <CABkgnnXApcn6K0fEEgrTNCOtdPDJeWJnhkmMzm+7b2jUt1nN+A@mail.gmail.com> <CAD5OKxsQZe_nNGF421sAw1tr5qeEuxG7SBmAaY7oo8E0U-GvCQ@mail.gmail.com>
Date: Thu, 07 Apr 2016 18:13:34 -0300
Message-ID: <CABkgnnWQY+eMaJ1a2VwJQFSD7XGSto1PP89uutq8eL5M12iuJQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Roman Shpount <roman@telurix.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/mmusic/xeYbYcj3jspsjg6fv-9KuRoAny0>
Cc: "mmusic@ietf.org" <mmusic@ietf.org>, Paul Kyzivat <pkyzivat@alum.mit.edu>
Subject: Re: [MMUSIC] 4572 update: forbid weak hashes?
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Apr 2016 21:13:37 -0000

On 7 April 2016 at 17:55, Roman Shpount <roman@telurix.com> wrote:
> If I understand your proposal correctly this will cause DTLS association for
> RTCP to be rejected since it did not match a single SHA-256 fingerprint.
> This is definitely undesirable.

Well, the entity generating the SDP is not constrained by the hashes
that the two devices support, is it?

But, assuming that it is, then my original text did have the property
you describe.

v2.23.0 | Report a Bug | By Email