IETF Logo Mail Archive

Re: [secdir] draft-ietf-avt-rtp-g719-04, RTP Payload format for G.719

Russ Housley <housley@vigilsec.com> Tue, 09 December 2008 15:26 UTC

Return-Path: <secdir-bounces@ietf.org>
X-Original-To: secdir-archive@ietf.org
Delivered-To: ietfarch-secdir-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7B09E3A6B2A; Tue, 9 Dec 2008 07:26:54 -0800 (PST)
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F414D3A6B2A for <secdir@core3.amsl.com>; Tue, 9 Dec 2008 07:26:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.607
X-Spam-Level:
X-Spam-Status: No, score=-104.607 tagged_above=-999 required=5 tests=[AWL=1.992, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lo7NL5FB+lhq for <secdir@core3.amsl.com>; Tue, 9 Dec 2008 07:26:53 -0800 (PST)
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by core3.amsl.com (Postfix) with ESMTP id E35093A68F1 for <secdir@ietf.org>; Tue, 9 Dec 2008 07:26:52 -0800 (PST)
Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id mB9FQkHZ000859 for <secdir@ietf.org>; Tue, 9 Dec 2008 10:26:47 -0500
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id mB9FQfE0000842 for <secdir@PCH.mit.edu>; Tue, 9 Dec 2008 10:26:41 -0500
Received: from mit.edu (W92-130-BARRACUDA-2.MIT.EDU [18.7.21.223]) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id mB9FQVqN020643 for <secdir@mit.edu>; Tue, 9 Dec 2008 10:26:32 -0500 (EST)
Received: from woodstock.binhost.com (woodstock.binhost.com [8.8.40.152]) by mit.edu (Spam Firewall) with SMTP id 0B87D113643E for <secdir@mit.edu>; Tue, 9 Dec 2008 10:26:07 -0500 (EST)
Received: (qmail 25118 invoked by uid 0); 9 Dec 2008 15:26:03 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (96.255.143.189) by woodstock.binhost.com with SMTP; 9 Dec 2008 15:26:03 -0000
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Tue, 09 Dec 2008 10:13:48 -0500
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <493E3657.1020204@ericsson.com>
References: <200812080137.mB81bm2G027217@localhost.localdomain> <493CE19D.3020107@ericsson.com> <20081208172732.8EAED500003@mailgw2.ericsson.se> <493E3657.1020204@ericsson.com>
Mime-Version: 1.0
Message-Id: <20081209152607.0B87D113643E@mit.edu>
X-Scanned-By: MIMEDefang 2.42
X-BeenThere: secdir@mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
Cc: fluffy@cisco.com, jon.peterson@neustar.biz, secdir@mit.edu, ingemar.s.johansson@ericsson.com, iesg@ietf.org, csp@csperkins.org, avt-chairs@tools.ietf.org
Subject: Re: [secdir] draft-ietf-avt-rtp-g719-04, RTP Payload format for G.719
X-BeenThere: secdir@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: secdir-bounces@ietf.org
Errors-To: secdir-bounces@ietf.org

I'm happy to see the draft-ietf-avt-srtp-not-mandatory coming 
along.  I do not want to hold this document to wait for it. I do not 
know what others think, but either 3 or 5 would work for me.

Russ


At 04:11 AM 12/9/2008, Magnus Westerlund wrote:
>Hi,
>
>I will add both the AVT chairs and my co-author on
>draft-ietf-avt-srtp-not-mandatory into this thread. Because it does
>concern the greater discussion on how to do RTP payload format security
>consideration sections.
>
>Russ Housley skrev:
> > I do not see this as a complete solution.  I'd like to see a bit of
> > discussion about where this mechanism is defined.  Is there an example
> > of a media stream format that includes authentication?
>
>I would basically say go read
>http://tools.ietf.org/wg/avt/draft-ietf-avt-srtp-not-mandatory/
>why this turns into a 200-500 word essay assignment. I can do this but
>the above document has been created to avoid having this happening.
>
>So SRTP provides authentication in the sense that you can determine if
>the sender is in the group or outside of it based on if it is keyed or
>not. If you needed true source authentication then to my knowledge we
>end up in IPsec or for point to point case TLS/DTLS with or without SRTP
>  do also work. For RTP mixer and multi-point use cases there is no
>solution due to that the mixer repackages the material. So the possible
>trust models prevents true source authentication in this case.
>
>And to my knowledge there are no format that include authentication,
>there is one hach by ISMA that provides ADU level encryption in an
>attempt to do DRM. But they use RTP packet level authentication and I
>don't think anyone has suggested that you do it at a finer level. If the
>current text is read to mean that then I would definitely change it.
>Because I don't think the payload format is the right place to do
>authentication.
>
> From my perspective we can resolve this in several ways:
>
>1. Leave as it is and basically say go find a suitable solution.
>
>2. Point to possible solutions in draft-ietf-avt-srtp-not-mandatory with
>an informative reference.
>
>3. List explicitly what potential solutions there are without going into
>detail, simple provide a list and not comment on when or when they do
>work. I would also put a disclaimer saying that there might be
>additional solutions that also can meet the threat model one has.
>
>4. Make the essay that tries to provide an overview of the IETF
>solutions that exist. The big issue is how far into different threat
>models one can go. If one starts discussing this it is soon a multi-page
>document in itself.
>
>5. I actually uses the template text from
>http://tools.ietf.org/wg/avt/draft-ietf-avt-rtp-howto/
>as that seems to work fine and not be raising objections. At least it
>went straight through for draft-ietf-avt-rtp-g711wb. The only thing
>don't covered by the template in my mind is the interleaving issue which
>is a very minor one.
>
>I do seem to get some security discussion every time I bring an RTP
>payload format onto the table. Maybe if I was better at following my own
>advice in draft-ietf-avt-rtp-howto I would get less issues. It would be
>good if we could get at least some current agreement about what the
>right level to discuss issues at are and what additional documentation
>that do needs to be published so that people doesn't have to repeat it
>all the time. Even if it needs to be repeated that we agree on some
>wording that we can put into the template in
>http://tools.ietf.org/wg/avt/draft-ietf-avt-rtp-howto/
>
>Cheers
>
>Magnus Westerlund
>
>IETF Transport Area Director & TSVWG Chair
>----------------------------------------------------------------------
>Multimedia Technologies, Ericsson Research EAB/TVM
>----------------------------------------------------------------------
>Ericsson AB                | Phone  +46 10 7148287
>Färögatan 6                | Mobile +46 73 0949079
>SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
>----------------------------------------------------------------------

_______________________________________________
secdir mailing list
secdir@mit.edu
https://mailman.mit.edu/mailman/listinfo/secdir
_______________________________________________
secdir mailing list
secdir@ietf.org
https://www.ietf.org/mailman/listinfo/secdir

v2.23.0 | Report a Bug | By Email