[secdir] Secdir review of draft-ietf-payload-rtp-aptx-04
Tero Kivinen <kivinen@iki.fi> Thu, 05 December 2013 12:47 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08C101ADFAE; Thu, 5 Dec 2013 04:47:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mD5WamAW-co9; Thu, 5 Dec 2013 04:47:20 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.kivinen.iki.fi [IPv6:2001:1bc8:100d::2]) by ietfa.amsl.com (Postfix) with ESMTP id F04C31ADFA1; Thu, 5 Dec 2013 04:47:19 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.7/8.14.5) with ESMTP id rB5ClEP9008511 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 5 Dec 2013 14:47:14 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.7/8.12.11) id rB5ClDQx006664; Thu, 5 Dec 2013 14:47:13 +0200 (EET)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <21152.30161.542379.749064@fireball.kivinen.iki.fi>
Date: Thu, 05 Dec 2013 14:47:13 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-payload-rtp-aptx.all@tools.ietf.org
X-Edit-Time: 5 min
X-Total-Time: 4 min
Subject: [secdir] Secdir review of draft-ietf-payload-rtp-aptx-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Dec 2013 12:47:22 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes how to transmit proprietary audio codec algorithms standard apt-X and enchanced apt-X in the RTP. The document has security considerations section which seems to be OK. If I have understood correctly the codec is constant bit rate codec, thus it is not vulnerable to the traffic analysis attacks described for example in the draft-ietf-avtcore-srtp-vbr-audio document. Perhaps the security considerations section could note that these codecs are not vulnerable to those attacks (if that is in deed true). -- kivinen@iki.fi
- [secdir] Secdir review of draft-ietf-payload-rtp-… Tero Kivinen
- Re: [secdir] Secdir review of draft-ietf-payload-… John Lindsay
- Re: [secdir] Secdir review of draft-ietf-payload-… Tero Kivinen