[secdir] sec-dir review of draft-ietf-payload-rtp-opus-08
Derek Atkins <derek@ihtfp.com> Tue, 17 February 2015 19:54 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8F0D1A1B49; Tue, 17 Feb 2015 11:54:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.289
X-Spam-Level:
X-Spam-Status: No, score=-1.289 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_ORG=0.611] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H_capRv6gOHW; Tue, 17 Feb 2015 11:54:32 -0800 (PST)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 774891A1ABE; Tue, 17 Feb 2015 11:54:32 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 4204BE2036; Tue, 17 Feb 2015 14:54:31 -0500 (EST)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 03249-08; Tue, 17 Feb 2015 14:54:29 -0500 (EST)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id EDDB1E2035; Tue, 17 Feb 2015 14:54:28 -0500 (EST)
Received: (from warlord@localhost) by securerf.ihtfp.org (8.14.8/8.14.8/Submit) id t1HJsRu1012059; Tue, 17 Feb 2015 14:54:27 -0500
From: Derek Atkins <derek@ihtfp.com>
To: iesg@ietf.org, secdir@ietf.org
Date: Tue, 17 Feb 2015 14:54:26 -0500
Message-ID: <sjmoaosz53h.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/bKdMMLSYcS6AndXsxrGH1dHr-C0>
Cc: koenvos74@gmail.com, jspittka@gmail.com, jmvalin@jmvalin.ca, payload-chairs@tools.ietf.org
Subject: [secdir] sec-dir review of draft-ietf-payload-rtp-opus-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Feb 2015 19:54:34 -0000
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: Ready to publish with a question: I question why the use of SRTP is a MAY and not a SHOULD (as detailed in the Security Considerations section). Considering PERPASS I believe this should be a SHOULD; someone should have a very good reason why they are NOT using SRTP. Details: This document defines the Real-time Transport Protocol (RTP) payload format for packetization of Opus encoded speech and audio data necessary to integrate the codec in the most compatible way. Further, it describes media type registrations for the RTP payload format. I have no other comments on this document. -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
- Re: [secdir] [payload] sec-dir review of draft-ie… Kathleen Moriarty
- Re: [secdir] [payload] sec-dir review of draft-ie… Stephen Farrell
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-payload… Ben Campbell
- Re: [secdir] sec-dir review of draft-ietf-payload… Jean-Marc Valin
- Re: [secdir] sec-dir review of draft-ietf-payload… Ben Campbell
- Re: [secdir] sec-dir review of draft-ietf-payload… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-payload… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Timothy B. Terriberry
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Robert Sparks
- Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Roni Even
- Re: [secdir] [payload] sec-dir review of draft-ie… Jean-Marc Valin
- Re: [secdir] [payload] sec-dir review of draft-ie… Roni Even
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Stephen Farrell
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Stephen Farrell
- Re: [secdir] [payload] sec-dir review of draft-ie… DRAGE, Keith (Keith)
- Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Kathleen Moriarty
- Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Roni Even
- Re: [secdir] [payload] sec-dir review of draft-ie… Stephen Farrell
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Jean-Marc Valin
- Re: [secdir] [payload] sec-dir review of draft-ie… Kathleen Moriarty
- Re: [secdir] [payload] sec-dir review of draft-ie… Ben Campbell
- Re: [secdir] [payload] sec-dir review of draft-ie… Derek Atkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Colin Perkins
- Re: [secdir] [payload] sec-dir review of draft-ie… Magnus Westerlund
- Re: [secdir] [payload] sec-dir review of draft-ie… Magnus Westerlund
- [secdir] sec-dir review of draft-ietf-payload-rtp… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-payload… Roni Even
- Re: [secdir] sec-dir review of draft-ietf-payload… Derek Atkins