IETF Logo Mail Archive

Re: [Perc] I-D Action: draft-ietf-perc-srtp-ekt-diet-09.txt

Richard Barnes <rlb@ipv.sx> Thu, 18 October 2018 18:50 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 502031286D9 for <perc@ietfa.amsl.com>; Thu, 18 Oct 2018 11:50:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z0F5craKKTMb for <perc@ietfa.amsl.com>; Thu, 18 Oct 2018 11:50:24 -0700 (PDT)
Received: from mail-oi1-x22c.google.com (mail-oi1-x22c.google.com [IPv6:2607:f8b0:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99898127333 for <perc@ietf.org>; Thu, 18 Oct 2018 11:50:24 -0700 (PDT)
Received: by mail-oi1-x22c.google.com with SMTP id v69-v6so24899512oif.1 for <perc@ietf.org>; Thu, 18 Oct 2018 11:50:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+8Mo1KGVrpqYh7M0RIAI5AuBotN1Ksrg24LbXjz/+SQ=; b=ujT4f3Y/iwybu9KPAnY2cjzuvKgAuNLF31H442Lj41bZ5dJxrtEAe/io2qupGMG3K9 xp6ZhbWheDLlvBDrmGy+mwc+TUEhpGKXMaw+GlngtCRKgkdsAjQG6uhnYW2UVNgGxSWM IpN8mPmPuXEarUU2PppVFZQEhpLsEjEbIrr+afoSD4XJGDxXLVbKVPdk6Ulij0765XZ5 GaQpH3zIyhhePSU7jSTWFB9bWlwL3rFg4Oq52n0UXUNtT1XP7M5GxflcyAaH/23LvD3C 6QwStH/LB5AXsGHV2Q43Fzei4fPHgCqnyz2ISVitElFOyZhRekUHZUV8a7cXgG3PM9sg ENlg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+8Mo1KGVrpqYh7M0RIAI5AuBotN1Ksrg24LbXjz/+SQ=; b=oktL8NFXy3MwxOMBBcDTcEfmi4DwNl2sGCvlFrXHmZ1uf3OHDPz0W+7ibELwIqn2L2 7ZIlhnAzjP2cd00CcETZtrwQnaxj8PLB8P2zDmf8Rsd6Sv6mMxkjBehQ9xPqhlyjagbM chQ+TM68j/YpmkiO5rLg2afqjPXc1/JhQ/O9BKOjS9HlxmkivsGureS5iJez8DtL7dG/ NHkxzYADEjPfYbu7f+EFRFzLF+P2FDrzFeS6XSh9WlpdnjLcE8DSRJfhlIGuPv/N75eG nEmq8i32vp1VyUDKXAN2gM7OaTE4iektUGRgZv9ZAjZMy7XB28U3BXr0Klv0wjLRUGQd cb5Q==
X-Gm-Message-State: ABuFfoiZBO7jrwaPXow36lktwf5hGtBvo/YwHskbMRyFhRF9xtU0RMq7 1jgVd9UG4SIjNiY5OD22IGUw0eQR1Moj8VboSY1hpPbAhPE=
X-Google-Smtp-Source: ACcGV63oJVyIEl3QIrLlk7RCKyFWWDfVLSMbamb3EJUzOWxH/r4YsoZg3H+Av4tKkGL/I8ISucTRRynYc0RjOmubb+Q=
X-Received: by 2002:aca:d05c:: with SMTP id h89-v6mr16263760oig.199.1539888623697; Thu, 18 Oct 2018 11:50:23 -0700 (PDT)
MIME-Version: 1.0
References: <153981205687.27640.17992942799834135678@ietfa.amsl.com> <CAL02cgQzNNrEbxK6YzTSzc+yc2zjU2fM=BT0pc_sb4dCx4N92Q@mail.gmail.com> <DEDB0733-C023-49B5-9964-9C01BBC6B1AB@nostrum.com>
In-Reply-To: <DEDB0733-C023-49B5-9964-9C01BBC6B1AB@nostrum.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Thu, 18 Oct 2018 14:50:00 -0400
Message-ID: <CAL02cgSGMNbq2dhCbm3GJ8-GqY4zCOkJ88uvpaHcbF0k3_OwLA@mail.gmail.com>
To: Ben Campbell <ben@nostrum.com>
Cc: perc@ietf.org
Content-Type: multipart/alternative; boundary="00000000000068d51e05788542b4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/Caa4NYwqFKcE3WEqVU5YjEDR3NA>
Subject: Re: [Perc] I-D Action: draft-ietf-perc-srtp-ekt-diet-09.txt
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Oct 2018 18:50:27 -0000

Thanks for requesting LC for double and EKT.

With regard to this issue...

On Wed, Oct 17, 2018 at 5:52 PM Ben Campbell <ben@nostrum.com> wrote:

> Thanks!
>
> I am in the process of reviewing the framework draft. I notice it has some
> normative language may conflict with this draft concerning rekeying. From
> our previous discussion:
>
>
>
>> - Next Sentence: "Outbound packets SHOULD continue to use the old SRTP
>> Master Key for 250 ms after” Does that imply a normative requirement for
>> recipients to keep old keys around for at least that long? There’s
>> currently an implementation suggestion about that, but it doesn’t use MUST
>> or SHOULD.
>> (Editorial: The sentence seems to belong in the “outbound” section, not
>> the “inbound” section.)
>>
>
> Yeah, moved this to the outbound section.  Added MAY-level inbound
> considerations to the implementation notes -- either the receiver can
> accept packet loss or do trial decryption.
>
>
> If I am reading correctly, the framework (§4.5.2)  says senders MUST delay
> before sending media with the new key. Is that a conflict? If so, which is
> correct? Also, the framework does not specify the length of the delay.
>
> Does it make sense for this to be specified in both places?
>

There's sort of a conflict here.  The crux is here:

"""
   Since it may take some time for all of the
   endpoints in conference to finish re-keying, senders MUST delay a
   short period of time before sending media encrypted with the new
   master key, but it MUST be prepared to make use of the information
   from a new inbound EKT Key immediately.
"""

The first part talks about media keys, which conflicts with EKT; it should
probably be deleted.  The second part is about processing EKT tags, and
should be kept.  So we probably end up with something like the following:

"""
   In order to allow time for all endpoints in the conference to receive
the new keys,
   the sender should follow the recommendations in Section XXX of
[I-D.ietf-perc-srtp-ekt-diet].
   On receiving a new EKT Key, endpoints MUST be prepared to decrypt EKT
tags using the
   new key.  The EKT SPI field can be used to differentiate between tags
encrypted with
   the old and new keys.
"""

Would you mind just including this in your review, to maximize the
probability that Paul catches it?

Thanks,
--Richard



>
> Ben.
>
> On Oct 17, 2018, at 4:37 PM, Richard Barnes <rlb@ipv.sx> wrote:
>
> Ben: With this revision, and the one of -double just posted, I think these
> two are ready for LC.
>
> On Wed, Oct 17, 2018, 17:34 <internet-drafts@ietf.org> wrote:
>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> This draft is a work item of the Privacy Enhanced RTP Conferencing  WG of
>> the IETF.
>>
>>         Title           : Encrypted Key Transport for DTLS and Secure RTP
>>         Authors         : Cullen Jennings
>>                           John Mattsson
>>                           David A. McGrew
>>                           Dan Wing
>>                           Flemming Andreason
>>         Filename        : draft-ietf-perc-srtp-ekt-diet-09.txt
>>         Pages           : 24
>>         Date            : 2018-10-17
>>
>> Abstract:
>>    Encrypted Key Transport (EKT) is an extension to DTLS (Datagram
>>    Transport Layer Security) and Secure Real-time Transport Protocol
>>    (SRTP) that provides for the secure transport of SRTP master keys,
>>    rollover counters, and other information within SRTP.  This facility
>>    enables SRTP for decentralized conferences by distributing a common
>>    key to all of the conference endpoints.
>>
>>
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-perc-srtp-ekt-diet/
>>
>> There are also htmlized versions available at:
>> https://tools.ietf.org/html/draft-ietf-perc-srtp-ekt-diet-09
>> https://datatracker.ietf.org/doc/html/draft-ietf-perc-srtp-ekt-diet-09
>>
>> A diff from the previous version is available at:
>> https://www.ietf.org/rfcdiff?url2=draft-ietf-perc-srtp-ekt-diet-09
>>
>>
>> Please note that it may take a couple of minutes from the time of
>> submission
>> until the htmlized version and diff are available at tools.ietf.org.
>>
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>>
>> _______________________________________________
>> Perc mailing list
>> Perc@ietf.org
>> https://www.ietf.org/mailman/listinfo/perc
>>
>
>

v2.23.0 | Report a Bug | By Email