Re: [secdir] Review of draft-ietf-simple-msrp-cema-03
Christer Holmberg <christer.holmberg@ericsson.com> Wed, 14 December 2011 06:24 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F38C1F0C49 for <secdir@ietfa.amsl.com>; Tue, 13 Dec 2011 22:24:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.517
X-Spam-Level:
X-Spam-Status: No, score=-6.517 tagged_above=-999 required=5 tests=[AWL=0.082, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0-drPEcb5D1z for <secdir@ietfa.amsl.com>; Tue, 13 Dec 2011 22:24:42 -0800 (PST)
Received: from mailgw9.se.ericsson.net (mailgw9.se.ericsson.net [193.180.251.57]) by ietfa.amsl.com (Postfix) with ESMTP id 37BDD1F0C38 for <secdir@ietf.org>; Tue, 13 Dec 2011 22:24:42 -0800 (PST)
X-AuditID: c1b4fb39-b7b3eae00000252a-51-4ee84128adc1
Received: from esessmw0237.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw9.se.ericsson.net (Symantec Mail Security) with SMTP id 2A.AE.09514.82148EE4; Wed, 14 Dec 2011 07:24:40 +0100 (CET)
Received: from ESESSCMS0356.eemea.ericsson.se ([169.254.1.67]) by esessmw0237.eemea.ericsson.se ([153.88.115.90]) with mapi; Wed, 14 Dec 2011 07:24:40 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Nico Williams <nico@cryptonector.com>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-simple-msrp-cema.all@tools.ietf.org" <draft-ietf-simple-msrp-cema.all@tools.ietf.org>
Date: Wed, 14 Dec 2011 07:24:39 +0100
Thread-Topic: Review of draft-ietf-simple-msrp-cema-03
Thread-Index: Acy6JJBh+6vecEo3Q6+XMEEATrCrRAABHC7Q
Message-ID: <7F2072F1E0DE894DA4B517B93C6A05852C3BD4D2D7@ESESSCMS0356.eemea.ericsson.se>
References: <CAK3OfOgGTbzo6=Ob=iRabkA=Sr-botD=2TfcvDeg5=m8iGA2pA@mail.gmail.com>
In-Reply-To: <CAK3OfOgGTbzo6=Ob=iRabkA=Sr-botD=2TfcvDeg5=m8iGA2pA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAA==
Subject: Re: [secdir] Review of draft-ietf-simple-msrp-cema-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Dec 2011 06:24:43 -0000
Thank You very much for the review, Nico! Regards, Christer > -----Original Message----- > From: Nico Williams [mailto:nico@cryptonector.com] > Sent: 14. joulukuuta 2011 7:51 > To: secdir@ietf.org; draft-ietf-simple-msrp-cema.all@tools.ietf.org > Subject: Review of draft-ietf-simple-msrp-cema-03 > > I have reviewed this document as part of the security > directorate's ongoing effort to review all IETF documents > being processed by the IESG. These comments were written > primarily for the benefit of the security area directors. > Document editors and WG chairs should treat these comments > just like any other last call comments. > > CEMA is an SDP/MSRP extension that enables the "anchoring" of > MSRP traffic through middleboxes that do not act as MITMs. > This is a good thing if such anchoring is needed at all. > > The security considerations seems complete enough to me, and > I believe it matches the media anchoring mechanism described > in section 4, though I'm not sufficiently familiar with MSRP > to say so for certain. > In general it seems that CEMA improves security here (by > allowing proxies to anchor media without having to act as > MITMs) without making it worse in any way: in particular > security generally depends on signaling security in SIP. > > Nico > -- >
- [secdir] Review of draft-ietf-simple-msrp-cema-03 Nico Williams
- Re: [secdir] Review of draft-ietf-simple-msrp-cem… Christer Holmberg