Re: [rtcweb] 答复: 答复: Fwd: I-D Action: draft-westerlund-rtcweb-codec-control-00.txt
Magnus Westerlund <magnus.westerlund@ericsson.com> Tue, 22 May 2012 06:43 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B74B9E8015 for <rtcweb@ietfa.amsl.com>; Mon, 21 May 2012 23:43:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.91
X-Spam-Level:
X-Spam-Status: No, score=-105.91 tagged_above=-999 required=5 tests=[AWL=-0.113, BAYES_00=-2.599, HELO_EQ_SE=0.35, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, SARE_SUB_ENC_UTF8=0.152, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PWO2fdkOnGnw for <rtcweb@ietfa.amsl.com>; Mon, 21 May 2012 23:43:21 -0700 (PDT)
Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id A44FF9E8013 for <rtcweb@ietf.org>; Mon, 21 May 2012 23:43:20 -0700 (PDT)
X-AuditID: c1b4fb2d-b7fac6d000002e89-92-4fbb3587b8ba
Received: from esessmw0247.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id B4.F1.11913.7853BBF4; Tue, 22 May 2012 08:43:19 +0200 (CEST)
Received: from [127.0.0.1] (153.88.115.8) by esessmw0247.eemea.ericsson.se (153.88.115.94) with Microsoft SMTP Server id 8.3.213.0; Tue, 22 May 2012 08:43:18 +0200
Message-ID: <4FBB3586.4050902@ericsson.com>
Date: Tue, 22 May 2012 08:43:18 +0200
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: 邓灵莉/denglingli <denglingli@chinamobile.com>
References: <20120516140228.4049.34228.idtracker@ietfa.amsl.com> <4FB3B55F.3080607@ericsson.com> <003f01cd36f3$5302aed0$f9080c70$@chinamobile.com> <4FB9E79C.1050300@ericsson.com> <CABkgnnUs4K3aP7Ge4+sQ7e6UDEwx-hGJi50Tn6hG4rEwiz98HQ@mail.gmail.com> <001901cd37b9$d66c9490$8345bdb0$@chinamobile.com>
In-Reply-To: <001901cd37b9$d66c9490$8345bdb0$@chinamobile.com>
X-Enigmail-Version: 1.4.1
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrOLMWRmVeSWpSXmKPExsUyM+JvrW676W5/g6OXJCwenn/CbHHtzD9G i7X/2tkdmD3mXVjI5rFz1l12jyVLfjIFMEdx2aSk5mSWpRbp2yVwZdxaYlTwjKfi9fQ1bA2M 27m6GDk5JARMJA4daGKCsMUkLtxbz9bFyMUhJHCKUeL8hu2sEM5yRomfe+YxdjFycPAKaEvs mOwN0sAioCqxcOY+VhCbTcBC4uaPRjYQW1QgWOLFnitgcV4BQYmTM5+wgNgiAp4Si7ZPZASx mQXCJY58amcBmS8ssJ5R4uGifYwQy1YySbx6txBsEqeAncTNC+vYIM6TlDj47xo7RLemROv2 31C2vETz1tnMILYQ0HENTR2sExiFZiFZPgtJyywkLQsYmVcxCucmZuaklxvqpRZlJhcX5+fp FaduYgQG9sEtv3V3MJ46J3KIUZqDRUmcd7PBLn8hgfTEktTs1NSC1KL4otKc1OJDjEwcnFIN jMVrmf8teCrlL9l5Ty/OU8Lx+fOs266fbIXO8ziEqPF0M1ZnzzP58NNwSodj1M7uMLdrOSvL pl6Z0X9iwdWwy84L8zUWab0506hYZcrB+2HNEwfdnKeSE/hvGf9b/P3O9RNqvpefpB3cf2BR 2pJJTEtSl3RJzPnhcMPIuPnSjgxT/bYvvhP8vJVYijMSDbWYi4oTAdAmWYI6AgAA
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] 答复: 答复: Fwd: I-D Action: draft-westerlund-rtcweb-codec-control-00.txt
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 May 2012 06:43:21 -0000
On 2012-05-22 03:25, 邓灵莉/denglingli wrote: > Hi, Martin > > You are right. According to the current discussion, I would suggest two options about the security threat statement: > 1, remove the item c from Section 8; or I don't think this is an appropriate choice. The reason is that it applies to multi-party cases where an given end-point targets the other participants. Mitigation in the media plane central node for this attack is something the implementation should have. > 2, add a few words to notify what is left out and may be of concern in the field and people would know what to expect in reality. > Would you agree? I would like to make it clear that this documents security consideration is a short summary of the most important attacks. The COP drafts security consideration is not existing and that will be addressed in the next version. That will clearly discuss the SDP angle and at least point out the need for protection between the nodes. But also that in multi-party there exist a potential for down-grading the general constraints. I will consider adding the SDP based downgrade into this document also. Cheers Magnus Westerlund ---------------------------------------------------------------------- Multimedia Technologies, Ericsson Research EAB/TVM ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Färögatan 6 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com ----------------------------------------------------------------------
- [rtcweb] Fwd: I-D Action: draft-westerlund-rtcweb… Magnus Westerlund
- Re: [rtcweb] 答复: Fwd: I-D Action: draft-westerlun… Magnus Westerlund
- [rtcweb] 答复: 答复: Fwd: I-D Action: draft-westerlun… 邓灵莉/denglingli
- Re: [rtcweb] 答复: Fwd: I-D Action: draft-westerlun… Martin Thomson
- [rtcweb] 答复: 答复: Fwd: I-D Action: draft-westerlun… 邓灵莉/denglingli
- Re: [rtcweb] 答复: 答复: Fwd: I-D Action: draft-weste… Martin Thomson
- [rtcweb] 答复: 答复: 答复: Fwd: I-D Action: draft-weste… 邓灵莉/denglingli
- Re: [rtcweb] 答复: 答复: Fwd: I-D Action: draft-weste… Magnus Westerlund
- [rtcweb] 答复: 答复: 答复: Fwd: I-D Action: draft-weste… 邓灵莉/denglingli