[secdir] secdir review of draft-ietf-mmusic-delayed-duplication
Radia Perlman <radiaperlman@gmail.com> Wed, 18 September 2013 06:20 UTC
Return-Path: <radiaperlman@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C86611E8129; Tue, 17 Sep 2013 23:20:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GVpX1y5Cm4x6; Tue, 17 Sep 2013 23:20:44 -0700 (PDT)
Received: from mail-lb0-x22d.google.com (mail-lb0-x22d.google.com [IPv6:2a00:1450:4010:c04::22d]) by ietfa.amsl.com (Postfix) with ESMTP id DEB0011E8125; Tue, 17 Sep 2013 23:20:43 -0700 (PDT)
Received: by mail-lb0-f173.google.com with SMTP id o14so6177526lbi.4 for <multiple recipients>; Tue, 17 Sep 2013 23:20:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=35Jl2gO0do3e2NpIozUwz+yZqGGHn9ZQs8QVtOb34Iw=; b=0KecTctL7JVyjYWJJ/1lm8UV/G1wWYYdUlZKfTU0AXCQPUIGzY0n4c1HsdkScuwBZ4 Hy+S29bEQtXL+U8tnhb1vNdMotftt4/MouYRqJ/q6nxArtnbxeT+SbxZRUpoCEYUGmVU YeGptFRGOsRqDymU0SEusQAHwyJWY9VoAx8DayDEzmyQGKzY/tNwaSHdN868n35hr3PM u4w0XLBpVQ7ivPKlsX986Y6bui3I1mNw4iUL9oq+MF6qVV9l8r8Hoyms6WFyPM+do6UE 5ayrmcQBNrCLdvFXtAg5g+J9VGTqsgfiN28pvQjbvS4Mnic2HNN8qW9PmmvknXPCgV/Z S+PA==
MIME-Version: 1.0
X-Received: by 10.112.167.3 with SMTP id zk3mr14221497lbb.23.1379485241594; Tue, 17 Sep 2013 23:20:41 -0700 (PDT)
Received: by 10.112.188.197 with HTTP; Tue, 17 Sep 2013 23:20:41 -0700 (PDT)
Date: Tue, 17 Sep 2013 23:20:41 -0700
Message-ID: <CAFOuuo4cZLF28nyc9=_sPBsb-CeQvcNVjq6Bj=98ShLy7Du3yw@mail.gmail.com>
From: Radia Perlman <radiaperlman@gmail.com>
To: The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-mmusic-delayed-duplication.all@tools.ietf.org
Content-Type: multipart/alternative; boundary="001a11c264a4cc576404e6a26fc0"
Subject: [secdir] secdir review of draft-ietf-mmusic-delayed-duplication
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2013 06:20:45 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document is about allowing a sender of a multicast stream to advertise that it will be sending duplicate streams offset in time, so that receivers can receive multiple copies...so that if packets are lost they will hopefully receive it from the later stream(s). >From a security point of view, there's no reason to complain. However, I'm really dubious about what this will be used for, and whether this is the best way to solve the problem. How does one cope with loss? For instance... a) request retransmissions of specific missing pieces, perhaps not from the original source, but from a redistribution point (e.g., zillions of scalable reliable multicast protocols that were talked about/published years ago) b) send forward error correction so that the data can be reconstructed (e.g., Digital Fountain) c) cope with glitches on your video when in rare cases, e.g., network topology changes, some data gets lost I'm not sure multicast is used so much anyway. What are the applications today? It seems like most video is individual on-demand rather than multicast. And if there were some sort of multicast thing (like a sporting event), it seems like any combination of a), b), and c) above would be preferable to multicasting everything multiple times. A specific comment: In the security considerations section it says "the SDP description needs to be integrity protected..." Is this MUST be? SHOULD be? Radia
- [secdir] secdir review of draft-ietf-mmusic-delay… Radia Perlman
- Re: [secdir] secdir review of draft-ietf-mmusic-d… Ali C. Begen (abegen)