Re: [secdir] Secdir review of draft-ietf-avtcore-monarch-17
Qin Wu <bill.wu@huawei.com> Wed, 22 August 2012 06:54 UTC
Return-Path: <bill.wu@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FFEA21F852C; Tue, 21 Aug 2012 23:54:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.342
X-Spam-Level:
X-Spam-Status: No, score=-4.342 tagged_above=-999 required=5 tests=[AWL=0.503, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_BASE64_TEXT=1.753, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y2CUz1-GjQKn; Tue, 21 Aug 2012 23:54:46 -0700 (PDT)
Received: from dfwrgout.huawei.com (dfwrgout.huawei.com [206.16.17.72]) by ietfa.amsl.com (Postfix) with ESMTP id CE58721F8534; Tue, 21 Aug 2012 23:54:45 -0700 (PDT)
Received: from 172.18.9.243 (EHLO dfweml202-edg.china.huawei.com) ([172.18.9.243]) by dfwrg01-dlp.huawei.com (MOS 4.3.5-GA FastPath) with ESMTP id AJU00149; Tue, 21 Aug 2012 22:54:45 -0800 (PST)
Received: from DFWEML403-HUB.china.huawei.com (10.193.5.151) by dfweml202-edg.china.huawei.com (172.18.9.108) with Microsoft SMTP Server (TLS) id 14.1.323.3; Tue, 21 Aug 2012 23:46:59 -0700
Received: from SZXEML421-HUB.china.huawei.com (10.82.67.160) by dfweml403-hub.china.huawei.com (10.193.5.151) with Microsoft SMTP Server (TLS) id 14.1.323.3; Tue, 21 Aug 2012 23:46:57 -0700
Received: from w53375 (10.138.41.149) by szxeml421-hub.china.huawei.com (10.82.67.160) with Microsoft SMTP Server (TLS) id 14.1.323.3; Wed, 22 Aug 2012 14:46:48 +0800
Message-ID: <F28317B9B6B74C169E15A3C800BBFC21@china.huawei.com>
From: Qin Wu <bill.wu@huawei.com>
To: Tina TSOU <Tina.Tsou.Zouting@huawei.com>
References: <D9F20FFCA69244C59DB1F3E69C2F48EB@china.huawei.com> <58D08DCC-37CD-4DE9-A574-719F5409153C@huawei.com>
Date: Wed, 22 Aug 2012 14:46:48 +0800
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_01F4_01CD8074.F5318F80"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6109
X-Originating-IP: [10.138.41.149]
X-CFilter-Loop: Reflected
Cc: The IESG <iesg@ietf.org>, draft-ietf-avtcore-monarch@tools.ietf.org, secdir@ietf.org
Subject: Re: [secdir] Secdir review of draft-ietf-avtcore-monarch-17
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Aug 2012 06:54:47 -0000
----- Original Message ----- From: Tina TSOU To: Qin Wu Cc: draft-ietf-avtcore-monarch@tools.ietf.org ; secdir@ietf.org ; The IESG Sent: Wednesday, August 22, 2012 12:39 PM Subject: Re: [secdir] Secdir review of draft-ietf-avtcore-monarch-17 Here is what I meant: which parties trust each other? The other parties will be excluded from receiving the measurements. What does each case imply in terms of requirements for key management? [Qin]: If the other parties are allowed to receive the measurement, they should be authenticated using SRTP in RFC3711. If the parties that are trusted access to some RTCP flows but not other, authentication using SRTP in RFC3711 also can be used. Regarding key managment requirement, RFC 3711 has already pointed out what key management standards can be used to establish an SRTP cryptographic context.