Re: [Sframe] WGLC for draft-ietf-sframe-enc-04
Richard Barnes <rlb@ipv.sx> Tue, 07 November 2023 16:31 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F6C8C17C51D for <sframe@ietfa.amsl.com>; Tue, 7 Nov 2023 08:31:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Level:
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k2DmdveRoYp2 for <sframe@ietfa.amsl.com>; Tue, 7 Nov 2023 08:31:29 -0800 (PST)
Received: from mail-ed1-x530.google.com (mail-ed1-x530.google.com [IPv6:2a00:1450:4864:20::530]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51433C0A856F for <sframe@ietf.org>; Tue, 7 Nov 2023 08:30:53 -0800 (PST)
Received: by mail-ed1-x530.google.com with SMTP id 4fb4d7f45d1cf-52bd9ddb741so9929894a12.0 for <sframe@ietf.org>; Tue, 07 Nov 2023 08:30:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20230601.gappssmtp.com; s=20230601; t=1699374651; x=1699979451; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=803cdhJ+H5xucdrayFOPav+gcm+qExYlwgJZcjOoGww=; b=esF1IJUzKGkGHs+njZczUNEWv7BWPUIFD0NPvvwACygNRAaVcKlMqeO6KnSZ963rpz SbplKj2ppjJ77Cs5Ed7e0hPvGgSRQzYEV4O/FU8LL96GTIHWPjNWW2+S3gaJMsJovLaD YPCYA0S983O/4vpn44/YhzDwEwDMl+l9l59SVE+huSjxN10l7XaNNqxq9tRWPeqjmdBF WOUZYheMK0tQo9Q6aIQhs8TfLxuIXaQa45DOPa4UN+KtgPhmFcaRyu63gMhvVxgKngSv KPagabLh0x5nw65iA1JyuDtGEox82QQ1HgBxLWnJNydpzg8/41eyzz9QBCwtq8Xw/Ts7 bOsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699374651; x=1699979451; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=803cdhJ+H5xucdrayFOPav+gcm+qExYlwgJZcjOoGww=; b=V6eU8e0X+uA6LpnewzEEM5hhlssvUwH4bjKnGrpv9aq5VXo20Bi0fqWklDQy/qESyu l0CJtt+3/nXxvoDHn+tOcDm/rkmtXQ+lwJdu8ATERst++7RS40OcuIntKz3kGKyJ0SoS xIZMiDGjV1rO5BY8c4ttI7FRWQ5QmhbQ0Rb+EQcVehLuczobp1ihOqAgc05u7cgJjUmH Mc6mi5M72hyuoJSphNFDftPzbEg8wZnaJYINpcFq0Tk97TKi6ht0W9ZqlR/f43WuoY+v EGjpxN4gpF0qp5KE1Q7ib5CebNSslrMsAnwYuw9urIa69CJ0JjfVlIoqMQ4XNEZ/d0TI ytig==
X-Gm-Message-State: AOJu0YynMtvIMkm+fKUBNZ//wGyW8q5ktfIea0fG5G0NOcPYnc6DUQSV E56TyLngcF0/gzFpIc590B00duFE2WypwV8XrRo3MLVVnhG7j2nDvQw=
X-Google-Smtp-Source: AGHT+IHg8ZLHYEjuU6PyjDB1AMSJ/HACNN6zHCniwCfMyAhczgNK6tZc/quUjsYFD4Rj3+D7tefQwT3xYn4U6wkgsMs=
X-Received: by 2002:a17:906:3b94:b0:9c3:cd12:1929 with SMTP id u20-20020a1709063b9400b009c3cd121929mr13309757ejf.60.1699374650910; Tue, 07 Nov 2023 08:30:50 -0800 (PST)
MIME-Version: 1.0
References: <c2a02556-0009-4932-a939-e923bc07d202@betaapp.fastmail.com> <9FCC4D15-2335-4296-B428-A0A2FB310989@apple.com> <CAL02cgTZVCJGw3Eaeitnwr1no1yi-rS0f0ZngQzhd0_reQF0tg@mail.gmail.com> <5D35DD47-788D-4BEF-B035-54E7168D061F@apple.com>
In-Reply-To: <5D35DD47-788D-4BEF-B035-54E7168D061F@apple.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Tue, 07 Nov 2023 11:30:40 -0500
Message-ID: <CAL02cgSfTh8fW4jo2JKmrtnW2d2F1jHMJHPex+ELTV70Og60Bg@mail.gmail.com>
To: Youenn Fablet <youenn@apple.com>
Cc: Martin Thomson <mt@lowentropy.net>, sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000687bbd0609927e08"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/LMt8b27AV33-pxPRjt9_Ukdup1k>
Subject: Re: [Sframe] WGLC for draft-ietf-sframe-enc-04
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Nov 2023 16:31:33 -0000
Inline. On Tue, Nov 7, 2023 at 3:30 AM Youenn Fablet <youenn@apple.com> wrote: > The minimum bar to me is to have one implementation and a test suite > including the feature, which is currently met with the reference > implementation I think. > Do you know of any additional implementation that supports it? > I'm not aware of any production implementations. FWIW, I have been experimenting some with applying SFrame to MOQ and have found it useful there to bind in some MOQ context. > W3C SFrameTransform does not seem a blocker as we could probably extend > the API to support it, should there be a need in the future. > Agreed, we could have SFrameTransform supply empty metadata for now, and specify a way to add it later. > I do not see any blocker that would strongly indicate to remove it (nor a > strong indicator we should keep it). > I agree with this assessment. I'm just slightly in favor of keeping it because it seems like a useful extension point (as with MLS authenticated_data). > I still find the spec a bit light on when users should use metadata and > when they should not. > The RTP header extension case is a bit unclear to me and section 9.4 does > not provide applicability guidance. > I would be interested to understand better what you're looking for here. (There's no mention of header extension here. Maybe that's the problem?) The most important thing is that the sender and receiver have the same metadata; the current text captures that. If you want to address the idea of RTP extensions explicitly, we could add some "for example..." text. > For example, if SFrame is being carried over RTP, an application might use the metadata field to provide end-to-end authentication to some parts of the RTP header, e.g., the RTP extensions for indicating audio levels or video frame information {{RFC6464}} {{I-D.ietf-avtext-framemarking}}. If the application does this, however, it must ensure that the protected header data is not modified between the SFrame sender and receiver. Otherwise, the SFrame integrity check will fail. > For the record, the past discussion summary is at > https://github.com/sframe-wg/sframe/issues/63#issuecomment-1484641916 which > indicates we should decide what to do at WGLC, now is the time. > > > > On 6 Nov 2023, at 17:17, Richard Barnes <rlb@ipv.sx> wrote: > > Thanks, Youenn. > > With regard to metadata: Given that we're about to finalize the spec, the > time for "feature at risk" has passed. We need to decide whether it's in > or it's out. > > Personally I would be inclined to keep it. This is the classic > "proactively add an extension point" (which inherently leaves it > underspecified) vs. "YAGNI / add the extension point when it's needed" > (thus requiring a code change later) argument. My inclination for the > former is based on this being a very simple extension point that doesn't > change the behavior of the protocol much. And it seems like there are some > things like frame marking that might benefit from being bound into the > metadata. > > A comparable story from MLS/MIMI: We added an `authenticated_data` field > to the MLS encrypted message structure, which has largely the same > trade-offs we have here (except it *also* consumes space in the message). > When it was added, there wasn't an explicit use case for it, but it looks > like MIMI is going to make a fair bit of use. > > On Mon, Nov 6, 2023 at 10:34 AM Youenn Fablet <youenn= > 40apple.com@dmarc.ietf.org> wrote: > >> The document looks ready to advance. >> >> About metadata, it is considered a feature at risk. It might still be a >> bit early to decide whether this is a useful addition. How are we planning >> to deal with it in the future? >> >> Thanks, >> Youenn >> >> On 23 Oct 2023, at 01:08, Martin Thomson <mt@lowentropy.net> wrote: >> >> Hi All, >> >> This starts a 3 week working group last call for draft-ietf-sframe-enc-04. >> >> https://datatracker.ietf.org/doc/draft-ietf-sframe-enc/ >> >> We've been somewhat slow about this, but progress has been steady and the >> discussions have all been very productive. The editors tell me that this >> is ready. Please let us know whether you agree. >> >> This WGLC will end at about the end of the upcoming IETF meeting. >> >> Cheers, >> Martin >> >> -- >> Sframe mailing list >> Sframe@ietf.org >> https://www.ietf.org/mailman/listinfo/sframe >> >> >> -- >> Sframe mailing list >> Sframe@ietf.org >> https://www.ietf.org/mailman/listinfo/sframe >> > >
- [Sframe] WGLC for draft-ietf-sframe-enc-04 Martin Thomson
- Re: [Sframe] WGLC for draft-ietf-sframe-enc-04 Richard Barnes
- Re: [Sframe] WGLC for draft-ietf-sframe-enc-04 Mularczyk, Marta
- Re: [Sframe] WGLC for draft-ietf-sframe-enc-04 Sergio Murillo (CosmoSoftware)
- Re: [Sframe] WGLC for draft-ietf-sframe-enc-04 Youenn Fablet
- Re: [Sframe] WGLC for draft-ietf-sframe-enc-04 Richard Barnes
- Re: [Sframe] WGLC for draft-ietf-sframe-enc-04 Youenn Fablet
- Re: [Sframe] WGLC for draft-ietf-sframe-enc-04 Richard Barnes
- Re: [Sframe] WGLC for draft-ietf-sframe-enc-04 Tomas Rigaux (trigaux)