IETF Logo Mail Archive

Re: [secdir] [payload] sec-dir review of draft-ietf-payload-rtp-opus-08

Derek Atkins <derek@ihtfp.com> Mon, 06 April 2015 16:09 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B72B01A8AE7; Mon, 6 Apr 2015 09:09:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.61
X-Spam-Level:
X-Spam-Status: No, score=0.61 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, HELO_MISMATCH_ORG=0.611] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KbB4rCQMyTzf; Mon, 6 Apr 2015 09:09:34 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAF501A8AE6; Mon, 6 Apr 2015 09:09:34 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 06E3BE2038; Mon, 6 Apr 2015 12:09:33 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 26889-04; Mon, 6 Apr 2015 12:09:27 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 78BE4E2036; Mon, 6 Apr 2015 12:09:27 -0400 (EDT)
Received: (from warlord@localhost) by securerf.ihtfp.org (8.14.8/8.14.8/Submit) id t36G9Qnk017843; Mon, 6 Apr 2015 12:09:26 -0400
From: Derek Atkins <derek@ihtfp.com>
To: "Timothy B. Terriberry" <tterribe@xiph.org>
References: <sjmoaosz53h.fsf@securerf.ihtfp.org> <54E3A32F.2010008@jmvalin.ca> <760B7D45D1EFF74988DBF5C2122830C24D064CDE@szxpml507-mbx.exmail.huawei.com> <sjmk2zdzv6g.fsf@securerf.ihtfp.org> <916F29B3-E392-481B-A269-FBA58DFEF14D@nostrum.com> <551C612B.4030702@mozilla.com> <C3DD8EE5-B066-4C06-99F4-B9147A128811@nostrum.com> <C17AE3D5-F62D-42A3-9F1F-885BF1B984EB@nostrum.com> <551EFB9C.4040504@xiph.org>
Date: Mon, 06 Apr 2015 12:09:26 -0400
In-Reply-To: <551EFB9C.4040504@xiph.org> (Timothy B. Terriberry's message of "Fri, 03 Apr 2015 13:44:12 -0700")
Message-ID: <sjmy4m5grwp.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/40ammRjrrp6ii0wq-HlGuM-z2Ak>
Cc: Ben Campbell <ben@nostrum.com>, Jean-Marc Valin <jmvalin@mozilla.com>, "secdir@ietf.org" <secdir@ietf.org>, payload@ietf.org, "jspittka@gmail.com" <jspittka@gmail.com>, "iesg@ietf.org" <iesg@ietf.org>, "payload-chairs@tools.ietf.org" <payload-chairs@tools.ietf.org>, "koenvos74@gmail.com" <koenvos74@gmail.com>
Subject: Re: [secdir] [payload] sec-dir review of draft-ietf-payload-rtp-opus-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Apr 2015 16:09:38 -0000

"Timothy B. Terriberry" <tterribe@xiph.org> writes:

> Ben Campbell wrote:
>>> So my suggestion would be something more to the effect of:
>>>
>>> "Opus does not provide any built-in confidentiality or integrity
>>> protection. Protection requirements vary between RTP applications.
>>> See RFC 7201 and RFC 7202 for a discussion.
>
> This seems like reasonable text to me. I agree with the rationale that
> preceded it. As much as I want to see encryption everywhere, a payload
> format is not the right place to mandate it.

As was stated already in this thread, the expected follow up drafts for
MTI security have not been written.

I leave it up to the Security ADs who have the real power here, but I
still prefer my original wording (including the SHOULD).

I understand your reluctance because it's a codec, but it's the first
codec to get through the process since the Perpass work, which basically
says "everything should be encrypted."  Since you cannot go back in time
to modify the existing RFCs, you can augment them going forward by other
additions.

As for the concern about "different security requirements for different
codecs", frankly I don't buy that argument.  Either your RTP application
supports security or it doesn't.  Once it does, it should be able to
negotiate that along side the codec negotitation.  So I don't see the
concern -- we're not mandating a specific security technology, just that
you SHOULD use one.  Well, that's true regardless of the codec, isn't
it?

Or are you really saying "We don't care about security.  We just want to
be able to use this codec in existing, insecure RTP applications without
adding new securty measures"?

-derek
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

v2.30.2 | Report a Bug | By Email | System Status