[Perc] Roman Danyliw's Discuss on draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Thu, 16 May 2019 01:52 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-perc-private-media-framework@ietf.org, Nils Ohlmeier <nohlmeier@mozilla.com>, perc-chairs@ietf.org, nohlmeier@mozilla.com, perc@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <155797155680.30599.3634623355394252682.idtracker@ietfa.amsl.com>
Date: Wed, 15 May 2019 18:52:36 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/KG6BWznZPr9lnY8t5ZP91VP9xGs>
Subject: [Perc] Roman Danyliw's Discuss on draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)

Roman Danyliw has entered the following ballot position for
draft-ietf-perc-private-media-framework-10: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-perc-private-media-framework/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

I support Magnus’s DISCUSS about the need to further discuss the impact of a
compromised/rogue end-point.  In addition to the impersonation of others in the
conference, I am wondering about the impact (perhaps a DoS?) of rogue client
flooding the conference with EKT Key updates.


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

(1) Section 1.  Per “Virtualized public cloud environments have been viewed as
less secure since resources are not always physically controlled by those who
use them and since there are usually several ports open to the public.  This
document aims to improve security so as to lower the barrier to taking
advantage of those environments”, I stumbled over these sentences.  Improve
security relative to what – self hosted environments?  Is the security target
have fewer open ports and secure in the face of an adversary with physical
access to the system?  The latter seems like a very high bar and the
corresponding Security Considerations doesn’t seem to rise to that.

(2) Section 6.1.  “Endpoints have to retain old keys for a period of time to
ensure they can properly decrypt late-arriving or out-of-order packets” seems
to restate what is stated in 4.5.2 using RFC2119 language.  Here “endpoints
have to retain”.  In Section 4.5.2, “endpoints SHOULD retain”.  Which one is
correct?

(3) Section 8.1. Per “Off-path attackers could try connecting to different PERC
entities and send specifically crafted packets”, could you be more specific on
the threat.  Is this something different than any service being exposed on the
Internet?

(4) Editorial Nits:
** Section 3. Typo. s/the the/the/

[Perc] Roman Danyliw's Discuss on draft-ietf-perc… Roman Danyliw via Datatracker
Re: [Perc] Roman Danyliw's Discuss on draft-ietf-… Paul E. Jones
Re: [Perc] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw
Re: [Perc] Roman Danyliw's Discuss on draft-ietf-… Paul E. Jones