IETF Logo Mail Archive

Re: [secdir] draft-ietf-avt-rtp-g719-04, RTP Payload format for G.719

"Ingemar Johansson S" <ingemar.s.johansson@ericsson.com> Tue, 09 December 2008 12:52 UTC

Return-Path: <secdir-bounces@ietf.org>
X-Original-To: secdir-archive@ietf.org
Delivered-To: ietfarch-secdir-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7DC943A69AD; Tue, 9 Dec 2008 04:52:06 -0800 (PST)
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 482A828C13A for <secdir@core3.amsl.com>; Tue, 9 Dec 2008 04:48:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.92
X-Spam-Level:
X-Spam-Status: No, score=-5.92 tagged_above=-999 required=5 tests=[AWL=0.679, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ouMYUGWNatnC for <secdir@core3.amsl.com>; Tue, 9 Dec 2008 04:48:58 -0800 (PST)
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by core3.amsl.com (Postfix) with ESMTP id 0A58528C12C for <secdir@ietf.org>; Tue, 9 Dec 2008 04:48:57 -0800 (PST)
Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id mB9CmqMO013546 for <secdir@ietf.org>; Tue, 9 Dec 2008 07:48:52 -0500
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id mB9CmjIs013510 for <secdir@PCH.mit.edu>; Tue, 9 Dec 2008 07:48:45 -0500
Received: from mit.edu (W92-130-BARRACUDA-2.MIT.EDU [18.7.21.223]) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id mB9Cmaf2020137 for <secdir@mit.edu>; Tue, 9 Dec 2008 07:48:36 -0500 (EST)
Received: from mailgw3.ericsson.se (mailgw3.ericsson.se [193.180.251.60]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mit.edu (Spam Firewall) with ESMTP id 418341163083 for <secdir@mit.edu>; Tue, 9 Dec 2008 07:48:12 -0500 (EST)
Received: from mailgw3.ericsson.se (unknown [127.0.0.1]) by mailgw3.ericsson.se (Symantec Mail Security) with ESMTP id C4F9B20AB0; Tue, 9 Dec 2008 13:48:10 +0100 (CET)
X-AuditID: c1b4fb3c-aef60bb00000304c-b2-493e690acc0b
Received: from esealmw128.eemea.ericsson.se (unknown [153.88.254.121]) by mailgw3.ericsson.se (Symantec Mail Security) with ESMTP id 950B7209F3; Tue, 9 Dec 2008 13:48:10 +0100 (CET)
Received: from esealmw109.eemea.ericsson.se ([153.88.200.2]) by esealmw128.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Tue, 9 Dec 2008 13:48:10 +0100
x-mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Tue, 09 Dec 2008 13:48:09 +0100
Message-ID: <026F8EEDAD2C4342A993203088C1FC0508EF115B@esealmw109.eemea.ericsson.se>
In-Reply-To: <493E3657.1020204@ericsson.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [secdir] draft-ietf-avt-rtp-g719-04, RTP Payload format for G.719
Thread-Index: AclZ3jCs18H2StPTSIyWOH+Q2bfL7wAHAJaQ
References: <200812080137.mB81bm2G027217@localhost.localdomain> <493CE19D.3020107@ericsson.com> <20081208172732.8EAED500003@mailgw2.ericsson.se> <493E3657.1020204@ericsson.com>
From: Ingemar Johansson S <ingemar.s.johansson@ericsson.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, Russ Housley <housley@vigilsec.com>
X-OriginalArrivalTime: 09 Dec 2008 12:48:10.0759 (UTC) FILETIME=[6462B170:01C959FC]
X-Brightmail-Tracker: AAAAAA==
X-Scanned-By: MIMEDefang 2.42
X-MIME-Autoconverted: from quoted-printable to 8bit by pch.mit.edu id mB9CmjIs013510
X-BeenThere: secdir@mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
X-Mailman-Approved-At: Tue, 09 Dec 2008 04:52:05 -0800
Cc: fluffy@cisco.com, jon.peterson@neustar.biz, secdir@mit.edu, Ingemar Johansson S <ingemar.s.johansson@ericsson.com>, iesg@ietf.org, csp@csperkins.org, avt-chairs@tools.ietf.org
Subject: Re: [secdir] draft-ietf-avt-rtp-g719-04, RTP Payload format for G.719
X-BeenThere: secdir@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: secdir-bounces@ietf.org
Errors-To: secdir-bounces@ietf.org

Hi

I would spend my 99 cents on alternative 2 below. 

This because I believe it is asking too much from the payload format author to provide with a detailed analysis of threat models and countermeasures (I would not be able to provide with this info).
The drawback with requiring too much of this in each payload format spec is also that people will in the end only copy-paste the text from older specs with the risk that the information is stale or not applicable to the particular codec or usecase. 

One must also keep in mind that it is often not the same people who do the codecs that do the security stuff. For that simple reason it would be better to allow (or maybe require ?) the payload format author to reference to a document that handles these issues. This would help the payload draft writing to become more of an automated process and reduce the time lag from first draft to an RFC.

Regards
Ingemar



> -----Original Message-----
> From: Magnus Westerlund 
> Sent: den 9 december 2008 10:12
> To: Russ Housley
> Cc: Hilarie Orman; Ingemar Johansson S; fluffy@cisco.com; 
> secdir@mit.edu; iesg@ietf.org; jon.peterson@neustar.biz; 
> csp@csperkins.org; avt-chairs@tools.ietf.org
> Subject: Re: [secdir] draft-ietf-avt-rtp-g719-04, RTP Payload 
> format for G.719
> 
> Hi,
> 
> I will add both the AVT chairs and my co-author on 
> draft-ietf-avt-srtp-not-mandatory into this thread. Because 
> it does concern the greater discussion on how to do RTP 
> payload format security consideration sections.
> 
> Russ Housley skrev:
> > I do not see this as a complete solution.  I'd like to see a bit of 
> > discussion about where this mechanism is defined.  Is there 
> an example 
> > of a media stream format that includes authentication?
> 
> I would basically say go read
> http://tools.ietf.org/wg/avt/draft-ietf-avt-srtp-not-mandatory/
> why this turns into a 200-500 word essay assignment. I can do 
> this but the above document has been created to avoid having 
> this happening.
> 
> So SRTP provides authentication in the sense that you can 
> determine if the sender is in the group or outside of it 
> based on if it is keyed or not. If you needed true source 
> authentication then to my knowledge we end up in IPsec or for 
> point to point case TLS/DTLS with or without SRTP  do also 
> work. For RTP mixer and multi-point use cases there is no 
> solution due to that the mixer repackages the material. So 
> the possible trust models prevents true source authentication 
> in this case.
> 
> And to my knowledge there are no format that include 
> authentication, there is one hach by ISMA that provides ADU 
> level encryption in an attempt to do DRM. But they use RTP 
> packet level authentication and I don't think anyone has 
> suggested that you do it at a finer level. If the current 
> text is read to mean that then I would definitely change it.
> Because I don't think the payload format is the right place 
> to do authentication.
> 
> From my perspective we can resolve this in several ways:
> 
> 1. Leave as it is and basically say go find a suitable solution.
> 
> 2. Point to possible solutions in 
> draft-ietf-avt-srtp-not-mandatory with an informative reference.
> 
> 3. List explicitly what potential solutions there are without 
> going into detail, simple provide a list and not comment on 
> when or when they do work. I would also put a disclaimer 
> saying that there might be additional solutions that also can 
> meet the threat model one has.
> 
> 4. Make the essay that tries to provide an overview of the 
> IETF solutions that exist. The big issue is how far into 
> different threat models one can go. If one starts discussing 
> this it is soon a multi-page document in itself.
> 
> 5. I actually uses the template text from 
> http://tools.ietf.org/wg/avt/draft-ietf-avt-rtp-howto/
> as that seems to work fine and not be raising objections. At 
> least it went straight through for draft-ietf-avt-rtp-g711wb. 
> The only thing don't covered by the template in my mind is 
> the interleaving issue which is a very minor one.
> 
> I do seem to get some security discussion every time I bring 
> an RTP payload format onto the table. Maybe if I was better 
> at following my own advice in draft-ietf-avt-rtp-howto I 
> would get less issues. It would be good if we could get at 
> least some current agreement about what the right level to 
> discuss issues at are and what additional documentation that 
> do needs to be published so that people doesn't have to 
> repeat it all the time. Even if it needs to be repeated that 
> we agree on some wording that we can put into the template in 
> http://tools.ietf.org/wg/avt/draft-ietf-avt-rtp-howto/
> 
> Cheers
> 
> Magnus Westerlund
> 
> IETF Transport Area Director & TSVWG Chair
> ----------------------------------------------------------------------
> Multimedia Technologies, Ericsson Research EAB/TVM
> ----------------------------------------------------------------------
> Ericsson AB                | Phone  +46 10 7148287
> Färögatan 6                | Mobile +46 73 0949079
> SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
> ----------------------------------------------------------------------
> 

_______________________________________________
secdir mailing list
secdir@mit.edu
https://mailman.mit.edu/mailman/listinfo/secdir
_______________________________________________
secdir mailing list
secdir@ietf.org
https://www.ietf.org/mailman/listinfo/secdir

v2.23.0 | Report a Bug | By Email