Re: [Sframe] Adoption call for draft-omara-sframe-01
Bernard Aboba <bernard.aboba@gmail.com> Thu, 14 October 2021 23:30 UTC
Return-Path: <bernard.aboba@gmail.com>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A7D83A1803 for <sframe@ietfa.amsl.com>; Thu, 14 Oct 2021 16:30:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id upiucyIzMWaM for <sframe@ietfa.amsl.com>; Thu, 14 Oct 2021 16:30:10 -0700 (PDT)
Received: from mail-ua1-x934.google.com (mail-ua1-x934.google.com [IPv6:2607:f8b0:4864:20::934]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 940AE3A1805 for <sframe@ietf.org>; Thu, 14 Oct 2021 16:30:10 -0700 (PDT)
Received: by mail-ua1-x934.google.com with SMTP id f3so14595875uap.6 for <sframe@ietf.org>; Thu, 14 Oct 2021 16:30:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=A9J5p/pUP8xnsQCzZCCprGgGT+MSL3f1HtI/1yGeqj8=; b=fE63rklJOVHxE2I3jIWnhn7eqUAWgOa9BPSgQVPSzLvGk7xBTtZEs6BpIlg+8okm+r c2s+04xPVTzGqjI5Tc4MTpgHcJWvflgPRV7DNI36I6csJ1GVXTuRqRifJVb+aWnVrSCc igkVRT8R2kl2smBPuoi/gzaWJtY1NMWd6EDe4nHkpbD25CRTs6K8rI99lgobcfPwfcvu 9JmY4U4Brz2cjS1UFcpxJ94mUzUvDYLzyZ8ZZLId+JHDcmUDPnfgsKOb2jm9KB8T9pjJ av9BxjEvlvGYkAYDz8VZUeisT5rv6wuhpr4b9Keu65d6g3CYmNDNRWSy/y/0oB61psBW fg6Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=A9J5p/pUP8xnsQCzZCCprGgGT+MSL3f1HtI/1yGeqj8=; b=KP9450T/oiKTikCIPwjjaTEs//Jvk9yIpZtggY31SZK8akZxbwuSHhUuj4G4sykABI Ekz9BTtuKk5yiUP72n72EkjT9+nt412ao507j4Jgx+OQduM6VOrOu7pgOR7VdR4fzbJ5 q044hf5mr0DwmDTZnRTvOnLGUsnO0q6h3g9adDi3TlT7+Z7iojLRORL/Le5EBpSeI0j5 rA2mz4nvubfmcaizK0i460eoXJUbJ6rbtiO8vNqnLEL4gEBnreTZg/YhXpp8laP26u9J kO0+pUqP0wN/PfJfTB+xCz+cG1R9GQrxN1EygW0ZIchoHYXDAipNiSoWiOvIwfD/hOpk 5ZnA==
X-Gm-Message-State: AOAM532j2OTzWGV04ACH9Kqo1MoQcWAirwQRgoKw+kfQXpWRu+/XfxBm z+hYyWTx9VPdRCq4EtTJEqghWgL7Szeo+dbX1bdKspB5chs=
X-Google-Smtp-Source: ABdhPJzBa51q0SSizVd614zzRt9/hXIIaMD5vcVVPVp7BIz3ovp1DOdDz7ZGsuyqdV2fMJl/3oyhwK3bE5ALhLrphCk=
X-Received: by 2002:ab0:540e:: with SMTP id n14mr10231833uaa.73.1634254208558; Thu, 14 Oct 2021 16:30:08 -0700 (PDT)
MIME-Version: 1.0
References: <7e721f57-e7ee-4f47-8663-2b485aeabd1a@www.fastmail.com>
In-Reply-To: <7e721f57-e7ee-4f47-8663-2b485aeabd1a@www.fastmail.com>
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Thu, 14 Oct 2021 16:29:57 -0700
Message-ID: <CAOW+2dsZcx_nbz4QuqcohmRvd-6BX7Z-zfhBLwMZRn9rX1zf9g@mail.gmail.com>
To: Martin Thomson <mt@lowentropy.net>
Cc: sframe@ietf.org
Content-Type: multipart/alternative; boundary="00000000000092e80a05ce5875bf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/G3jC1bqZNqYz0dFr9JBOqni1lB0>
Subject: Re: [Sframe] Adoption call for draft-omara-sframe-01
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Oct 2021 23:30:16 -0000
Here is my review. Overall, I do not feel that this document is ready for adoption. Viewed purely as a document focusing on defining the SFrame format, it is adequate. Currently, the document mixes format considerations with key management concerns while not adequately covering the full range of non-RTP use cases. By trying to do too much, the document falls short enough to be potentially detrimental to long term success. In particular, the goals of the effort, the threat model and the use cases are not articulated well enough. My advice would be to pare the draft down to its bare essentials, spinning off material not directly relevant to the SFrame format into a separate document. The non-RTP use cases (and potential integration with the Web media model) in particular seem like they deserve more attention. Section 1 states: In order for the SFU to work properly though, it needs to be able to access RTP metadata and RTCP feedback messages, which is not possible if all RTP/RTCP traffic is end-to-end encrypted.... This document proposes a new end-to-end encryption mechanism known as SFrame, specifically designed to work in group conference calls with SFUs. Later in Section 1, Figure 1 is included, showing the SRTP packet format. So Section 1 is very RTP (and conferencing) centric. Yet at the same time, Section 3 includes the following goals: 2. Decouple media encryption from key management to allow SFrame to be used with an arbitrary KMS. 4. Independence from the underlying transport, including use in non- RTP transports, e.g., WebTransport. Is SFrame serious about these goals? Personally, I hope so - but if so, integration with the existing Web media framework as well as new APIs (such as WebCodecs) needs to be considered. In doing so, use cases will likely expand beyond conferencing, to things like low-latency streaming (for things like events, webinars, game watching, etc.) The existing Web media framework (as embodied by APIs such as MSE and EME) supports both transport and key management independence, so seeking these same goals for SFRAME seems quite natural. For example, today it is possible to transport containerized media for a wide range of codecs using any transport, including WebTransport and RTCData channel. Once transported, the media is decoded and rendered using MSE. And of course, the containerized media can also be protected. Note that the protection model addresses additional classes of attack beyond those that might be executed by an SFU. For example, cleartext media is not accessible to Javascript, mitigating against attacks such as "deep fakes". Why bother to consider these use cases for SFrame? APIs such as WebCodecs do not operate on containerized media, so there is a need to define a format allowing encrypted but non-containerized media to be carried over the wire. If that format is not SFrame, then an equivalent will need to be invented, covering the same codecs that SFrame seeks to support (e.g. Opus, H.264, VP8, VP9, AV1) plus maybe a few others (e.g. AAC). The benefit of working towards integration with the existing Web media framework is that this will be more likely to lead to implementation and deployment. This shouldn't be hard to accommodate within a document that focuses purely on the format, allowing the use cases and threat models to be articulated elsewhere. On Sun, Oct 10, 2021 at 4:36 PM Martin Thomson <mt@lowentropy.net> wrote: > https://datatracker.ietf.org/doc/html/draft-omara-sframe-01 > > Please respond to this email before AOE 31 October 2021 if you support > adopting draft-omara-sframe (currently -01) as a working group item. If > you would prefer we not adopt this work, please respond with an explanation > of why and ideally what you would like to see addressed before we do that. > > We're running this a tiny bit longer than a typical adoption call. Last > time we talked about adoption there were a few concerns raised about the > draft. We want to make sure those concerns are addressed, or at least > those with concerns are satisfied that their concerns could be addressed. > > Martin, for the chairs > > -- > Sframe mailing list > Sframe@ietf.org > https://www.ietf.org/mailman/listinfo/sframe >
- [Sframe] Adoption call for draft-omara-sframe-01 Martin Thomson
- Re: [Sframe] Adoption call for draft-omara-sframe… Saúl Ibarra Corretgé
- Re: [Sframe] Adoption call for draft-omara-sframe… Martin Thomson
- Re: [Sframe] Adoption call for draft-omara-sframe… Bernard Aboba
- Re: [Sframe] Adoption call for draft-omara-sframe… Sergio Garcia Murillo
- Re: [Sframe] Adoption call for draft-omara-sframe… Bernard Aboba
- Re: [Sframe] Adoption call for draft-omara-sframe… Sergio Garcia Murillo
- Re: [Sframe] Adoption call for draft-omara-sframe… Bernard Aboba
- Re: [Sframe] Adoption call for draft-omara-sframe… Sergio Garcia Murillo
- Re: [Sframe] Adoption call for draft-omara-sframe… Richard Barnes
- Re: [Sframe] Adoption call for draft-omara-sframe… Youenn Fablet
- Re: [Sframe] Adoption call for draft-omara-sframe… Emad Omara
- Re: [Sframe] Adoption call for draft-omara-sframe… Benjamin Beurdouche
- Re: [Sframe] Adoption call for draft-omara-sframe… Eric Rescorla
- Re: [Sframe] Adoption call for draft-omara-sframe… Raphael Robert
- Re: [Sframe] Adoption call for draft-omara-sframe… Justin Uberti