[secdir] 答复: SecDir review of draft-ietf-avtcore-rfc5285-bis-09
"Xialiang (Frank)" <frank.xialiang@huawei.com> Thu, 27 April 2017 01:22 UTC
Return-Path: <frank.xialiang@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DA9E129443; Wed, 26 Apr 2017 18:22:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tEQCQRl4rvsq; Wed, 26 Apr 2017 18:22:02 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76113124281; Wed, 26 Apr 2017 18:22:01 -0700 (PDT)
Received: from 172.18.7.190 (EHLO LHREML710-CAH.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DFO71096; Thu, 27 Apr 2017 01:21:59 +0000 (GMT)
Received: from DGGEML404-HUB.china.huawei.com (10.3.17.39) by LHREML710-CAH.china.huawei.com (10.201.108.33) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 27 Apr 2017 02:21:57 +0100
Received: from DGGEML502-MBS.china.huawei.com ([169.254.3.93]) by DGGEML404-HUB.china.huawei.com ([fe80::b177:a243:7a69:5ab8%31]) with mapi id 14.03.0301.000; Thu, 27 Apr 2017 09:21:47 +0800
From: "Xialiang (Frank)" <frank.xialiang@huawei.com>
To: Roni Even <roni.even@huawei.com>
CC: "draft-ietf-avtcore-rfc5285-bis.all@ietf.org" <draft-ietf-avtcore-rfc5285-bis.all@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, The IESG <iesg@ietf.org>
Thread-Topic: SecDir review of draft-ietf-avtcore-rfc5285-bis-09
Thread-Index: AdK380Ap/PwmSJJsR8uigrJB3Hee4aHUfwoAocZ9B8A=
Date: Thu, 27 Apr 2017 01:21:47 +0000
Message-ID: <C02846B1344F344EB4FAA6FA7AF481F12BAC3D94@DGGEML502-MBS.china.huawei.com>
References: <C02846B1344F344EB4FAA6FA7AF481F12BAC050F@DGGEML502-MBS.china.huawei.com> <A808BA27-B79E-4089-812F-A20F249A492B@nostrum.com> <6E58094ECC8D8344914996DAD28F1CCD7B09F9@DGGEMM506-MBX.china.huawei.com>
In-Reply-To: <6E58094ECC8D8344914996DAD28F1CCD7B09F9@DGGEMM506-MBX.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.134.159.76]
Content-Type: multipart/alternative; boundary="_000_C02846B1344F344EB4FAA6FA7AF481F12BAC3D94DGGEML502MBSchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.590147B7.0139, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.3.93, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 38b9cd9a157f7e9a014f4506617451c8
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/18RX_4ydyMVaaWTFP7W00Q2UhOU>
Subject: [secdir] 答复: SecDir review of draft-ietf-avtcore-rfc5285-bis-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Apr 2017 01:22:05 -0000
Hi Roni, Thanks for your response. They make sense to me. B.R. Frank 发件人: Roni Even 发送时间: 2017年4月24日 21:29 收件人: Xialiang (Frank) 抄送: draft-ietf-avtcore-rfc5285-bis.all@ietf.org; secdir@ietf.org; The IESG 主题: RE: SecDir review of draft-ietf-avtcore-rfc5285-bis-09 Hi Frank, Thanks for the review See the response in-line Thanks Roni Even Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document provides a general mechanism to use the header extension feature of RTP (the Real-Time Transport Protocol). It provides the option to use a small number of small extensions in each RTP packet, where the universe of possible extensions is large and registration is de-centralized. The actual extensions in use in a session are signaled in the setup information for that session. This document obsoletes RFC5285. The document appears in reasonably good shape. As a whole, the Security Considerations section analyzes the possible threats to the RTP header extension mechanism, and gives the suitable solutions well. But, there are still several open issues (TBDs) in the document that need to be completed before publication. Below a series of my own comments, questions for your consideration. Comments about the Security Considerations Section: In fact, [RFC3264] also considers packet confidential protection by encrypting the packet bodies to protect against eavesdropping. This point is missed here. [Roni Even] The text says that “The security considerations of [RFC3264<https://tools.ietf.org/html/rfc3264>] MUST be followed, to prevent, for example, extension usage blocking.” While Secure Real-time Transport Protocol (SRTP) [RFC3711] covers the same security requirements and measures of RTP header extension mechanism of this draft, but some of its cryptographic algorithms are old and not updated, such as its default and mandatory-to-implement algorithms like: AES-CM and NULL for Encryption, HMAC-SHA1 for Message Authentication/Integrity and so on. Would you please consider to mention this issue in your draft and suggest to use the up to date and secure algorithms to adopt to internet of today. For example, AES-CCM/AES-GCM and HMAC-SHA2_256_128/HMAC-SHA2_512_256? [Roni Even] I do not think that discussing general SRTP ciphers relative merit in the general header extension document is the appropriate place for it. What is relevant is the RTP Header extension Encryption part, and thus one can consider if this comment applies towards RFC6904. The integrity protection can be considered relevant, but maybe not appropriate for this document. I do note that when using RFC 6904, the stream cipher used for header extension encryption is defined by the ciphers themselves to ensure similar strength. It is the application profiles that has to mandate ciphers for SRTP. And that is happening and are considering the security needs. If the default ciphers in RFC 3711 becomes totally broken, then we clearly should revise 3711 to address that issue. I think one needs to consider the arguments in RFC 7202 and RFC7201 when writing any discussion of which ciphers to use. I would think we should keep it non specific and maybe we can add the following text: “The RTP application designer needs to consider their security needs, that includes cipher strength for SRTP packets in general and what that means for the integrity and confidentiality of the RTP header extensions. As defined by RFC6904 the encryption stream cipher for the header extension is dependent on the chosen SRTP cipher. It can be noted that the default SRTP ciphers (AES CM 128 bits with HMAC-SHA1) are relative weak and more modern ciphers are stronger and should be considered.” Editorial suggestions: Title of section 6: it does not comply with the rule that the first alphabet is capital. [Roni Even] I am not sure which one, this section starts with SDP Setion 1: the last paragraph misses a ending "." [Roni Even] OK A section of Terminology is missed, since there are several words in the draft need this part. [Roni Even] This is a bis draft so we did not add any new terms. I can look at creating a new section but do we really need it. Section 4.1.2: in third paragraph, there is a wrong word "dp", which should be "do". [Roni Even] Thanks, OK Section 6: suggest to use "SDP Offer/Answer [RFC3264]" to replace "offer/answer [RFC3264]". [Roni Even] I noticed inconsistency in the document some time with SDP some without and even one with SIP. I can fix this to be “SDP Offer/Answer [RFC3264]” in all the document. Thank you. B.R. Frank
- [secdir] SecDir review of draft-ietf-avtcore-rfc5… Xialiang (Frank)
- Re: [secdir] SecDir review of draft-ietf-avtcore-… Roni Even
- [secdir] 答复: SecDir review of draft-ietf-avtcore-… Xialiang (Frank)
- Re: [secdir] SecDir review of draft-ietf-avtcore-… Roni Even