Re: [secdir] [payload] sec-dir review of draft-ietf-payload-rtp-opus-08

Derek Atkins <derek@ihtfp.com> Wed, 08 April 2015 14:24 UTC

From: Derek Atkins <derek@ihtfp.com>
To: Colin Perkins <csp@csperkins.org>
References: <sjmoaosz53h.fsf@securerf.ihtfp.org> <54E3A32F.2010008@jmvalin.ca> <760B7D45D1EFF74988DBF5C2122830C24D064CDE@szxpml507-mbx.exmail.huawei.com> <sjmk2zdzv6g.fsf@securerf.ihtfp.org> <916F29B3-E392-481B-A269-FBA58DFEF14D@nostrum.com> <551C612B.4030702@mozilla.com> <C3DD8EE5-B066-4C06-99F4-B9147A128811@nostrum.com> <C17AE3D5-F62D-42A3-9F1F-885BF1B984EB@nostrum.com> <551EFB9C.4040504@xiph.org> <sjmy4m5grwp.fsf@securerf.ihtfp.org> <269A06E2-6704-4E5E-BBFD-92F157639261@nostrum.com> <5522D40E.8040402@nostrum.com> <73626E80-1EBA-4A85-83DD-32423649DBD1@csperkins.org> <035501d0711a$7856b0a0$690411e0$@gmail.com> <5523C5AE.7040108@mozilla.com> <sjmpp7ggft8.fsf@securerf.ihtfp.org> <CAHbuEH63BtaENfm6-_itp1eLtSCyC8LRvGbGPbKVAR-k6GQdZA@mail.gmail.com> <927CC992-13D7-41B9-A9AF-7F4E31905DF2@csperkins.org>
Date: Wed, 08 Apr 2015 10:24:39 -0400
In-Reply-To: <927CC992-13D7-41B9-A9AF-7F4E31905DF2@csperkins.org> (Colin Perkins's message of "Wed, 8 Apr 2015 10:08:14 +0100")
Message-ID: <sjmd23ehf4o.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/EAniTMeCyK6fZ1Sgk5Jt7MuCQzU>
Cc: Roni Even <ron.even.tlv@gmail.com>, Jean-Marc Valin <jmvalin@mozilla.com>, "secdir@ietf.org" <secdir@ietf.org>, payload@ietf.org, jspittka@gmail.com, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "iesg@ietf.org" <iesg@ietf.org>, payload-chairs@tools.ietf.org, koenvos74@gmail.com, Robert Sparks <rjsparks@nostrum.com>
Subject: Re: [secdir] [payload] sec-dir review of draft-ietf-payload-rtp-opus-08
Precedence: list

Colin, et all,

I suggest you take a closer look at the existing document.  In
particular, I do not accept the argument that this is the wrong place to
recommend security, because the existing draft already does.  See below:

Colin Perkins <csp@csperkins.org> writes:

> On 8 Apr 2015, at 01:12, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
> wrote:
>
>     On Tue, Apr 7, 2015 at 10:42 AM, Derek Atkins <derek@ihtfp.com> wrote:
>    
>         Hi,
>        
>         Jean-Marc Valin <jmvalin@mozilla.com> writes:
>        
>         > Does anyone object to this earlier proposal?
>         >
>         > "Opus does not provide any built-in confidentiality or integrity
>         > protection. Protection requirements vary between RTP applications.
>         See
>         > RFC 7201 and RFC 7202 for a discussion."
>
>     I'm okay with this text and did read the subsequent messages in this
>     thread.  Since there is a MAY already for session encryption, that's why
>     we were inserting a SHOULD.  I'm fine with getting rid of the RFC2119
>     language, but having some generic advice about RTP payloads.  Since there
>     is no draft ready or in the works to fix this problem where it should be
>     fixed, I do think it's a good idea to address the concern here and going
>     forward.  Once it's fixed int eh right place, then references and text
>     changes going forward.
>
> There is some guidance in draft-ietf-payload-rtp-howto-13 sections 7.2 and
> A.13 for payload format text. That draft is in the RFC Editor queue, but I'm
> sure Magnus would be pleased to receive feedback if the suggestions there are
> not clear.

Let me quote a section of the draft, in particular section 8. Security
Considerations:

   This payload format transports Opus encoded speech or audio data.
   Hence, security issues include confidentiality, integrity protection,
   and authentication of the speech or audio itself.  Opus does not
   provide any confidentiality or integrity protection.  Any suitable
   external mechanisms, such as SRTP [RFC3711], MAY be used.

So this draft already DOES make a recommendation about the transport
layer security.  I was saying that you should change this MAY to a
SHOULD, which is where this all started.

You may say "this is the wrong layer", but from where I sit that horse
has already left the barn.  The WG already let it pass with this
recommendation as a MAY.  As a memeber of the Security Area Directorate
I think this MAY should be changed to a SHOULD.

Thanks,

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

Re: [secdir] [payload] sec-dir review of draft-ie… Kathleen Moriarty
Re: [secdir] [payload] sec-dir review of draft-ie… Stephen Farrell
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] sec-dir review of draft-ietf-payload… Ben Campbell
Re: [secdir] sec-dir review of draft-ietf-payload… Jean-Marc Valin
Re: [secdir] sec-dir review of draft-ietf-payload… Ben Campbell
Re: [secdir] sec-dir review of draft-ietf-payload… Derek Atkins
Re: [secdir] sec-dir review of draft-ietf-payload… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Timothy B. Terriberry
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Robert Sparks
Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
Re: [secdir] [payload] sec-dir review of draft-ie… Roni Even
Re: [secdir] [payload] sec-dir review of draft-ie… Jean-Marc Valin
Re: [secdir] [payload] sec-dir review of draft-ie… Roni Even
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] [payload] sec-dir review of draft-ie… Stephen Farrell
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Stephen Farrell
Re: [secdir] [payload] sec-dir review of draft-ie… DRAGE, Keith (Keith)
Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
Re: [secdir] [payload] sec-dir review of draft-ie… Kathleen Moriarty
Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
Re: [secdir] [payload] sec-dir review of draft-ie… Roni Even
Re: [secdir] [payload] sec-dir review of draft-ie… Stephen Farrell
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Jean-Marc Valin
Re: [secdir] [payload] sec-dir review of draft-ie… Kathleen Moriarty
Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
Re: [secdir] [payload] sec-dir review of draft-ie… Magnus Westerlund
Re: [secdir] [payload] sec-dir review of draft-ie… Magnus Westerlund
[secdir] sec-dir review of draft-ietf-payload-rtp… Derek Atkins
Re: [secdir] sec-dir review of draft-ietf-payload… Roni Even
Re: [secdir] sec-dir review of draft-ietf-payload… Derek Atkins