[secdir] secdir review of draft-ietf-avtext-rtp-stream-pause-08
David Mandelberg <david@mandelberg.org> Tue, 11 August 2015 04:45 UTC
Return-Path: <david@mandelberg.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 156C31A004D for <secdir@ietfa.amsl.com>; Mon, 10 Aug 2015 21:45:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8Lcm7k-JJROW for <secdir@ietfa.amsl.com>; Mon, 10 Aug 2015 21:45:28 -0700 (PDT)
Received: from nm16-vm6.access.bullet.mail.gq1.yahoo.com (nm16-vm6.access.bullet.mail.gq1.yahoo.com [216.39.63.164]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0D551A004A for <secdir@ietf.org>; Mon, 10 Aug 2015 21:45:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1439268328; bh=wRc8W/YBNemRBto6FJNLn2vGAB6YEeubzs3bc3Lbyic=; h=Date:From:To:Subject:From:Subject; b=anM5Qr6ZSIDKptuBm97OcLYjyYuJ8KET+Dz1tXmYBWts3a2tG6NImmSzLWd5Bcit/8Q+NFJVekNsf6ZdpglOU3dCTlX2KdYK755d5uhZCzt6sXUxOF2rpTkmEtcAGK6VPZIKYgq0ZXEwKtkMtu8IVCJa3gOPhXdLLfzNYdubAiEqkyqmrLZdjfgczoXuDp49z38I7NhSMcFNY/52dllDpdfOI4lkTMGDl1DzlMxICvrI6hRYFK8swgxHnevbEjNfUqm0w+fErfkCqfsk4nRGtJ3BwVraIlpGfQahYi6Oii1NFE05MS0Icm8Xe0zb1hJOhylULZ+icvwNwmsQkcKEGw==
Received: from [216.39.60.167] by nm16.access.bullet.mail.gq1.yahoo.com with NNFMP; 11 Aug 2015 04:45:28 -0000
Received: from [98.138.104.97] by tm3.access.bullet.mail.gq1.yahoo.com with NNFMP; 11 Aug 2015 04:45:28 -0000
Received: from [127.0.0.1] by smtp117.sbc.mail.ne1.yahoo.com with NNFMP; 11 Aug 2015 04:45:28 -0000
X-Yahoo-Newman-Id: 101622.85767.bm@smtp117.sbc.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: 77_RZ4MVM1mY6XfXrFVKsRECV0LXe7nC2SNWcIX2LTAjf63 vATNNAa5Pekp4byhcl6TXE6GAaot2Oe03dMZMVDzd9bADRmhkAjQtQPcGSDy 2UH8DfL6qgKfLLP0skj6AVT_xMc85DNonRE7JJ05kk7x5T9C1FQKOZp1GlMT xXYmztyh5xUMukKDhrDNrj9kiUkoBec3pOjQeL3.6ZexT.ct.HlsbuKvsXQH ZozWaXw4jd0QLcEYiK0dlOTC0_gNHUaxmjyTh1Kt4lh1l1FVVr2IIYoTFzVn gIbGmCGNwIqUS90aFRaJkC0dSXxAmZVbNOds5HTusJzdOecDpz4eLyfQ1iQf HOt_eUfOXRgx6CiTIME90dg4eiS2EVDVi29aqcCNxya1sNu17iKQBEIOMfUm z2qufjvchOIAbzxFIAWzaowDG5FPrnu7QCcX.ONy82.SxbcnYaSvA6qh4XJ7 XjTOb.vBPa_j_j9vfUm2DI8O4f9Myv5hlC_SHhpDpQyBDrsHWMP.bTGHynCe OaCf7RVO2h_ZUb7c9GnzP8WQxud4GNHQJYIQT2g--
X-Yahoo-SMTP: 4kJJK.qswBDPuwyc5wW.BPAQqNXdy5j09UNyeAS0pyOQ708-
Received: from secure.mandelberg.org (c-76-24-31-176.hsd1.ma.comcast.net [76.24.31.176]) by uriel.mandelberg.org (Postfix) with ESMTPSA id 17D891C6052; Tue, 11 Aug 2015 00:45:26 -0400 (EDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Date: Tue, 11 Aug 2015 00:45:25 -0400
From: David Mandelberg <david@mandelberg.org>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-avtext-rtp-stream-pause.all@tools.ietf.org
Message-ID: <063cc84fb1eb8fbef30eda11ea7d8199@mail.mandelberg.org>
X-Sender: david@mandelberg.org
User-Agent: Roundcube Webmail/0.7.2
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/858TyccE-GOZ913QX70pDB9RN4Q>
Subject: [secdir] secdir review of draft-ietf-avtext-rtp-stream-pause-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 04:45:30 -0000
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. I think this draft is Ready with issues, though the two issues are relatively minor: 1. The Security Considerations section talks about protecting against injection of PAUSE requests: The way of protecting the RTP session from these injections is to perform source authentication combined with message integrity, to prevent other than intended session participants from sending these messages. I think this paragraph should also mention replay protection, which is needed if the 16-bit PauseID wraps around and the attacker has access to old PAUSE requests. 2. The next paragraph in Security Considerations talks about protecting the multi-party use case against a single malicious participant by individually authenticating participants. In addition to per-participant authentication, I think there also needs to be a requirement for attempted delivery of PAUSE requests to all participants. Without that requirement, an attacker could cause the session to cycle through the Playing, Pausing, and Paused states. To do that, the attacker would send PAUSE requests only to the stream sender, instead of to the whole group. Since no other participants receive the PAUSE request, they do not know to send disapproving RESUMEs until after the stream sender has already paused the stream. (I should note that I'm not particularly familiar with multicast network operations. If it's infeasible for one participant to send a message to another participant without the rest of the group also receiving the message, then I apologize for bringing up a non-issue.) ----- I also have a few nits: Abstract: The RTCP initialism is used without definition. Section 5.4: The SR initialism is used without definition. Section 6.4: I'd suggest changing "As for Paused State" to "As with Paused State". That sentence could also be split up for better readability. -- David Eric Mandelberg / dseomn http://david.mandelberg.org/
- [secdir] secdir review of draft-ietf-avtext-rtp-s… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-avtext-r… Magnus Westerlund
- Re: [secdir] secdir review of draft-ietf-avtext-r… David Mandelberg