[secdir] SecDir review of draft-ietf-bfcpbis-sdp-ws-uri
"Paul Hoffman" <paul.hoffman@vpnc.org> Wed, 04 January 2017 19:23 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9DF3129A81 for <secdir@ietfa.amsl.com>; Wed, 4 Jan 2017 11:23:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U0KQce1wntCT for <secdir@ietfa.amsl.com>; Wed, 4 Jan 2017 11:23:41 -0800 (PST)
Received: from mail.proper.com (Opus1.Proper.COM [207.182.41.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83D451299B3 for <secdir@ietf.org>; Wed, 4 Jan 2017 11:23:41 -0800 (PST)
Received: from [10.32.60.33] (50-1-51-163.dsl.dynamic.fusionbroadband.com [50.1.51.163]) (authenticated bits=0) by mail.proper.com (8.15.2/8.14.9) with ESMTPSA id v04JMqJw013156 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <secdir@ietf.org>; Wed, 4 Jan 2017 12:22:53 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: mail.proper.com: Host 50-1-51-163.dsl.dynamic.fusionbroadband.com [50.1.51.163] claimed to be [10.32.60.33]
From: Paul Hoffman <paul.hoffman@vpnc.org>
To: secdir <secdir@ietf.org>
Date: Wed, 04 Jan 2017 11:23:38 -0800
Message-ID: <164C5B0F-1606-4D8D-BB34-1FF9F8DA7081@vpnc.org>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.6r5319)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/WeLNcFkm6D-J46aPTaUxdOj3hSY>
Subject: [secdir] SecDir review of draft-ietf-bfcpbis-sdp-ws-uri
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2017 19:23:45 -0000
This document specifies extensions to SDP that can be used by application protocols (most likely SIP endpoints) that rely on WebSocket as a transport. For this, they need a URI that will appear in an SDP attribute. The Security Considerations section of the document adequately covers the problems with creating this SDP attribute to carry the URI, namely that SDP can be run either with or without authentication in the message and transport. The security considerations say that the entities SHOULD use S/MIME and TLS for these; this common-sense suggestions apply to all use of SDP, and is no more important here than for other uses of SDP. --Paul Hoffman
- [secdir] SecDir review of draft-ietf-bfcpbis-sdp-… Paul Hoffman