[Sframe] RFC Feedback
Bret Lorimore <bretlorimore@gmail.com> Thu, 02 March 2023 15:58 UTC
Return-Path: <bretlorimore@gmail.com>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55C74C15DF54 for <sframe@ietfa.amsl.com>; Thu, 2 Mar 2023 07:58:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.083
X-Spam-Level:
X-Spam-Status: No, score=-2.083 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vz9QTyVsL0tU for <sframe@ietfa.amsl.com>; Thu, 2 Mar 2023 07:58:20 -0800 (PST)
Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 908AEC159A24 for <sframe@ietf.org>; Thu, 2 Mar 2023 07:58:20 -0800 (PST)
Received: by mail-ed1-x536.google.com with SMTP id da10so69551648edb.3 for <sframe@ietf.org>; Thu, 02 Mar 2023 07:58:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=ORCcduwJ+uMteOqUt4XV+wnmWaKgXmVGmkY64uWiD6s=; b=bei99o/dKIPQkluMyG56B+FFSQDC58DpRlKuslAkb8y7KYlU/+MgBQKRIaj44/fmzC dZsFlfYT5fKyJciaUr7+oaEmmHL6R7YQ80H13S/gK2rO5taHkK1rjhk6P7asNN1C4itU 8lWyvAy5JCO7wVwxsGajY94uGlN55L/n8x4g+vJBksvoJ5CndrSG7Lw9DwnbrpqeX6Md G9XDKFDfB9ia/kfcVKJGyA7UrWkGoIxSiZ/LbciXsahdbcl9xMe6+HF/4L+b1EUAqccJ jRgZNmMcndEB1OpkPM1kLwtK555o/PlglU+CqshbNzSti6CXA0kcw2Qo3Sn8vUSPaaxi Ph7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=ORCcduwJ+uMteOqUt4XV+wnmWaKgXmVGmkY64uWiD6s=; b=tlvqVgVWTqeSjm1edCGrJUfSRnJmXgaD6BdB68IMbrC7/sOb423T8hXWmyJMOLYKww gFOrugzOH6ypiLATnwFZXMo/+p1eVxWM8h8qSuvTh2iFCDpyxE0XlnW7f64H5FChTrUO neYhTBl5AC6pcLKocHYueAsqccC03A2Lq57Quky08m+5cBO7FUdL6sKPkanoY2iI6vjO c5GdXlUgonWqPGUOEHIkia1V+f5WuzfJVjM3peUixpZWx2T6Icdun7/Qxs+rjzvdGoh7 XUxYiatDP0F27gZCv5BocxBZfdS9k1AhnvfmYejH6Znmw5bnfyi7ozdla2FpUtFxi4KO 5sFw==
X-Gm-Message-State: AO0yUKWomEIkhlA2TeXkYgeo10IqRy6N+B3vDfQ221zZuNHyS4ImH2Cg mCEmNCHPqn609ygPCjZKorM68iHRbG3Hg5Jrdhitsu59TEM=
X-Google-Smtp-Source: AK7set+fXfNUv5+bYMah7X6EXWjeagrJcXdy0jGdog2y6ToStzRaD15xtdkCZCb8rPmbRilzv/ovVr/aXglfXwqC4PM=
X-Received: by 2002:a17:906:1751:b0:8e3:da0f:f9b7 with SMTP id d17-20020a170906175100b008e3da0ff9b7mr5621816eje.4.1677772697970; Thu, 02 Mar 2023 07:58:17 -0800 (PST)
MIME-Version: 1.0
From: Bret Lorimore <bretlorimore@gmail.com>
Date: Thu, 02 Mar 2023 07:58:06 -0800
Message-ID: <CACy95dyUCUc41xycxTbCKWJQTqSKqdmDEP-n_Na4KqC=Hcax-Q@mail.gmail.com>
To: sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000ad2dcd05f5ece50a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/e9-ZqTTrh_eL6vK2y7OovHt0740>
Subject: [Sframe] RFC Feedback
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2023 15:58:24 -0000
Hey all, I know a couple folks here, but not many. My name is Bret. I am a SWE at Meta and have been working on calling E2EE for some time. Per Bobo’s request, I wanted to share my thoughts on the latest RFC draft ( https://sframe-wg.github.io/sframe/draft-ietf-sframe-enc.html). I think the doc makes sense generally, but have several thoughts, of both a technical and editorial nature: Technical: 1. The notion and semantics of SFrame “streams” are alluded to throughout the document without being well defined. Does the RFC need to define the notion of an SFrame “stream”, consisting of media encrypted all with the same key and cipher suite? It seems like managing such streams is a requirement of the application, but the exact requirements are not spelled out. Here are examples where the notion of a stream comes up: 1. In section 4.3 it describes a scenario where KIDs are unique to each sender, sort of implying that given an SFrame payload (including the SFrame header) a receiver should be able to decrypt it. 2. Then in section 4.5 it describes how “In a session that uses multiple media streams, different ciphersuites might be configured for different media streams”, of course implying that if KIDs are per sender, there would need to be some other mechanism to demux from KID → stream, as there could be multiple cipher suites per stream. 3. This is mentioned head on in section 5.1, where the draft states “In this scheme, it is assumed that receivers have a signal outside of SFrame for which client has sent a given frame, for example the RTP SSRC” 2. It might be worth adding more details to section 5.1 to more clearly spell out how sender keys should (or could) work. For example, it states that “A receiver who receives from a sender with a new KID computes the new key as above [using an HKDF ratchet]”, yet later on says that “Evicting a participant requires each sender to send a fresh sender key to all receivers.”. Given both of these, it is not clear how a sender would signal a receiver that a frame is using a “fresh sender key” as opposed to a ratchet (or multiple) of a previously received key. 3. Question: In section 4.3, is KLEN the actual key id length, or key id length minus one, as LEN is Editorial: 1. Throughout the doc there are numerous sections (e.g. 4.4.3, 6) which are very RTP specific, despite a stated goal of the RFC being that SFrame is transport agnostic. 2. Section 7.2 states that key exchange is out of scope for this doc, yet it states that clients “MUST change their keys when new clients joins or leaves the call”. IMO if this is an absolute requirement of the RFC, as per the definition of an all caps MUST, then the exact requirements of this should be spelled out more, and possibly a reference protocol given. Thanks, all. I am really excited for this RFC to land. I hope these notes are somewhat helpful. Best, Bret
- [Sframe] RFC Feedback Bret Lorimore
- Re: [Sframe] RFC Feedback Youenn Fablet
- Re: [Sframe] RFC Feedback Bret Lorimore