Re: [Perc] AD Evaluation of draft-ietf-perc-srtp-ekt-diet-08
Ben Campbell <ben@nostrum.com> Mon, 15 October 2018 23:03 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49FD3130F01; Mon, 15 Oct 2018 16:03:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.878
X-Spam-Level:
X-Spam-Status: No, score=-1.878 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id af5RA35HY4y0; Mon, 15 Oct 2018 16:03:23 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D6FC130E25; Mon, 15 Oct 2018 16:03:23 -0700 (PDT)
Received: from [10.0.1.27] (cpe-70-122-203-106.tx.res.rr.com [70.122.203.106]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id w9FN3LLr087754 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 15 Oct 2018 18:03:22 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-122-203-106.tx.res.rr.com [70.122.203.106] claimed to be [10.0.1.27]
From: Ben Campbell <ben@nostrum.com>
Message-Id: <13EEFBA0-C345-4DBE-ADC9-110717CB96E5@nostrum.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_3C0FD83D-162D-4D49-9E03-D70F94781B83"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 12.0 \(3445.100.39\))
Date: Mon, 15 Oct 2018 18:03:20 -0500
In-Reply-To: <CAL02cgS8FL4g0dpRUFQjPUURgZQsMCiq7eeJTw-UM6--6C3u5w@mail.gmail.com>
Cc: draft-ietf-perc-srtp-ekt-diet.all@ietf.org, perc@ietf.org
To: Richard Barnes <rlb@ipv.sx>
References: <CC46EAEA-3588-41E2-B3A2-5A8C547FA410@nostrum.com> <CAL02cgS8FL4g0dpRUFQjPUURgZQsMCiq7eeJTw-UM6--6C3u5w@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.100.39)
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/eB9HXlcl8sjMUTSPAUxAqYwtxr4>
Subject: Re: [Perc] AD Evaluation of draft-ietf-perc-srtp-ekt-diet-08
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Oct 2018 23:03:26 -0000
The PR looks good to me. Once submitted with the PR applied,I think this is ready for IETF LC, subject to coordination with the framework and double drafts. Please submit when you are ready. I do have a few that I do not expect to cause document changes: > On Oct 9, 2018, at 2:06 PM, Richard Barnes <rlb@ipv.sx> wrote: > > Thanks for the review, Ben. I've posted a PR with responses; notes inline below... > > https://github.com/ietf/perc-wg/pull/161 <https://github.com/ietf/perc-wg/pull/161> > [...] > > - “ The receiver may want to have a sliding window to retain old SRTP > Master Keys (and related context) for some brief period of time, so > that out of order packets can be processed as well as packets sent > during the time keys are changing.” > > See comment to §4.2.2, step 6. “may want” seems weak given that the sender SHOULD keep using the old key for a period of time. > > Revised this as noted above, though note that MAY WISH TO is defined in RFC 6919. Sure, put a normative reference to RFC 6919 in there. The resulting downref discussion on the telechat should be fun. ;-) > > > §4.7: “A new sender SHOULD send a packet containing the FullEKTField as soon as possible...” > > Why not MUST? Would it ever make sense not to do this? It seems like the mechanism doesn’t work very well otherwise. > > How would you comply with a "MUST ... as soon as possible"? I don't think we want to dictate a schedule here, but I've added a note that packet loss can result if you don’t. I note that “SHOULD ... as soon as possible” has somewhat the same issue. But adding the note addresses my concern. [...] > > > *** Editorial Comments: *** [...] > > > - Step 6: s/crypto/cryptographic > > Disagree. Really? I’m not going to push the point, but I’m curious why? Especially since the financial industry is doing it’s best to steal “crypto”. But now I wonder if I’ve missed some subtle difference of definition. [...]
- [Perc] AD Evaluation of draft-ietf-perc-srtp-ekt-… Ben Campbell
- Re: [Perc] AD Evaluation of draft-ietf-perc-srtp-… Ben Campbell
- Re: [Perc] AD Evaluation of draft-ietf-perc-srtp-… Richard Barnes
- Re: [Perc] AD Evaluation of draft-ietf-perc-srtp-… Ben Campbell
- Re: [Perc] AD Evaluation of draft-ietf-perc-srtp-… Ben Campbell