IETF Logo Mail Archive

Re: [Sipbrandy] AD Evaluation of draft-ietf-sipbrandy-osrtp-07

Gonzalo Camarillo <gonzalo.camarillo@ericsson.com> Tue, 23 April 2019 09:33 UTC

Return-Path: <gonzalo.camarillo@ericsson.com>
X-Original-To: sipbrandy@ietfa.amsl.com
Delivered-To: sipbrandy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69EF812023C; Tue, 23 Apr 2019 02:33:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oKysTCGA8MdB; Tue, 23 Apr 2019 02:32:58 -0700 (PDT)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150082.outbound.protection.outlook.com [40.107.15.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27EFB12004D; Tue, 23 Apr 2019 02:32:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HptMC+r+1pdQ0TV/MKVIQltrJp/I1rLsRR/V5fsK2JY=; b=YHvJdNAUGEbfNRvcYDwaNPQcvrUk5dqUbiGotZOd8TNeehtsMDMKoy4f6YSNrZTBoelB06mB4IW53o/d+ShCoqPnA8f8F3KJ5KQh+h1fa0JRPfts9kQHonyRJUdVe8LLzNGu/v5pHuJbCskEMOdFKqXeBGOJyf7IR7KvU7GLCAk=
Received: from AM6PR0702MB3688.eurprd07.prod.outlook.com (52.133.24.141) by AM6PR0702MB3590.eurprd07.prod.outlook.com (52.133.24.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1835.6; Tue, 23 Apr 2019 09:32:54 +0000
Received: from AM6PR0702MB3688.eurprd07.prod.outlook.com ([fe80::b42f:1195:9967:b99f]) by AM6PR0702MB3688.eurprd07.prod.outlook.com ([fe80::b42f:1195:9967:b99f%7]) with mapi id 15.20.1835.010; Tue, 23 Apr 2019 09:32:54 +0000
From: Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>
To: Andy Hutton <andyhutton.ietf@gmail.com>
CC: Ben Campbell <ben@nostrum.com>, "sipbrandy@ietf.org" <sipbrandy@ietf.org>, "draft-ietf-sipbrandy-osrtp.all@ietf.org" <draft-ietf-sipbrandy-osrtp.all@ietf.org>, Alexey Melnikov <Alexey.Melnikov@isode.com>
Thread-Topic: [Sipbrandy] AD Evaluation of draft-ietf-sipbrandy-osrtp-07
Thread-Index: AQHU+beGpGJNJYZf0Uqf4kmSWBC/zg==
Date: Tue, 23 Apr 2019 09:32:54 +0000
Message-ID: <AM6PR0702MB3688AADB0C621BCD446D44D583230@AM6PR0702MB3688.eurprd07.prod.outlook.com>
References: <72C42C63-D5C4-403D-A895-429CB2238AC3@nostrum.com> <e6724bd0-1ea0-3014-8836-60dc454c2982@ericsson.com> <CAB7PXwTUXUa1Euar+hXY4EzOqZ0_U-eru=e1ApjTy4a2FCBYJg@mail.gmail.com> <CAB7PXwRSFXcB5zGdNP_zqyKWUJqZAK+bKsxeyWhK6eeogqJ8dw@mail.gmail.com> <A7A08115-5B69-4931-8C89-0EBDF3A76D10@nostrum.com> <c28ee3c0-b91d-3a12-e83b-4d3b727fc908@ericsson.com> <CAB7PXwRtAd1OC6r0AGJZ66km=ei_fq80QYUUuNbZuQGT4HmPkQ@mail.gmail.com> <741719ee-bbc6-adaf-a036-8fdd655e470f@ericsson.com> <CAB7PXwTkkN0905aHREPyoCX0YY1+adr9sbrVnGuPFp-Rgk3ONw@mail.gmail.com> <2e599cba-8f58-d1e5-3387-28013b26302d@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=gonzalo.camarillo@ericsson.com;
x-originating-ip: [185.188.8.213]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a6a1cec4-1b1a-47c3-ee78-08d6c7ceaa0a
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:AM6PR0702MB3590;
x-ms-traffictypediagnostic: AM6PR0702MB3590:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <AM6PR0702MB3590948E572ACCC0F726034183230@AM6PR0702MB3590.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0016DEFF96
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(39860400002)(376002)(396003)(366004)(346002)(189003)(199004)(51914003)(3846002)(55016002)(71200400001)(86362001)(71190400001)(2906002)(6116002)(76116006)(9686003)(54906003)(6916009)(76176011)(73956011)(66446008)(66946007)(91956017)(44832011)(66476007)(64756008)(66556008)(6306002)(486006)(229853002)(8936002)(8676002)(476003)(6436002)(53936002)(7696005)(305945005)(81156014)(81166006)(74316002)(7736002)(256004)(14444005)(52536014)(102836004)(66066001)(446003)(478600001)(186003)(14454004)(316002)(93886005)(68736007)(26005)(966005)(4326008)(25786009)(6506007)(99286004)(6246003)(97736004)(53546011)(5660300002)(33656002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR0702MB3590; H:AM6PR0702MB3688.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: BFdG/T+SWihIUKcgclJXwFbCRsxCI1fVzGA5rSmlw2cfyXQPpU7358JBIu9+05syV2bNDCvk851KDB+zU+79wZGvwNUzGegmq0l5K2Tb+Y80aI4N6diTPxDJyHjgfmV6Xl3Y55x9YGrwpxM1WzeL7rFJGEoZ82SNC6wpuM5JckxzI8EAq/h/IFoBfHRNwI+cmBOkaQIxsjiXHa/JvO2PYSAn29D0dcxmIfoydIq4MmXnbjgXnDsLfPr+WXprrVnTAZsRNaKWlmRBHbzDbzSbqVm5MHe5ofJU9ixfyBXN0gbpV6BUBSXVjZNX14tIUQG6cy8PmmMGa4a1TaOzIPsyk9aTiFFU1E+WnWbJvrueUmsUgKnAuJlyygzepNoj6dRuMIR+GmuppO81o08ZHO5vi3lGFOP88aAMksxFWBQMDbo=
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a6a1cec4-1b1a-47c3-ee78-08d6c7ceaa0a
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Apr 2019 09:32:54.8607 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR0702MB3590
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipbrandy/N6ydYrg81Jldk5lys7KSjagoxTQ>
Subject: Re: [Sipbrandy] AD Evaluation of draft-ietf-sipbrandy-osrtp-07
X-BeenThere: sipbrandy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIPBRANDY working group discussion list <sipbrandy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipbrandy>, <mailto:sipbrandy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipbrandy/>
List-Post: <mailto:sipbrandy@ietf.org>
List-Help: <mailto:sipbrandy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipbrandy>, <mailto:sipbrandy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Apr 2019 09:33:01 -0000

Hi Ben,

when do you think you will be able to look into this? Thanks!

Cheers,

Gonzalo

On 08-Apr-19 13:49, Gonzalo Camarillo wrote:
> Hi Ben,
> 
> could you please look into what Andy ways and confirm whether or not you
> are happy with the current revision of the draft? Thanks!
> 
> Cheers,
> 
> Gonzalo
> 
> On 08-Apr-19 13:47, Andy Hutton wrote:
>> I looked at this again and I am not convinced that any further changes
>> to the draft are needed but if someone wants to suggest text then I
>> can include it in the draft.
>>
>> In the case of SDES the security considerations states that an
>> encrypted signalling channel must still be used so this draft changes
>> nothing with respect to intermediaries and the SDES (RFC 4568)
>> security considerations still apply.
>>
>> Regards
>> Andy
>>
>> On Tue, 2 Apr 2019 at 14:56, Gonzalo Camarillo
>> <gonzalo.camarillo@ericsson.com> wrote:
>>>
>>> Hi Andy,
>>>
>>> Ben's response below indicates that his main substantive comment was not
>>> addressed in the revision you submitted last week. Could you please look
>>> into it and get back to Ben? Thanks!
>>>
>>>>> With regard to Ben's comment on the relaxing of the authentication
>>>>> requirement then this is consistent with the Opportunistic
>>>>> Security RFC 7435 and I added a reference to this as
>>>>> clarification.
>>>>
>>>> If I recall correctly, RFC 7435 does not discuss scenarios with
>>>> separate signaling and media channels, and how OS applies to each
>>>> channel. I was looking more for something about the impacts of this
>>>> “relaxation” specific to these sorts of scenarios with dtls-srtp and
>>>> sdes, and resulting assurances.
>>>>
>>>> For example, dtls-srtp with no authentication does not give you
>>>> assurances about who you are talking to, but it still allows
>>>> encryption. SDES without encryption lets an eavesdropper potentially
>>>> learn the encryption keys, etc. SDES with transport level protection
>>>> (e.g. SIPS) protects from off-path eavesdroppers, but allows proxies
>>>> and b2bua’s in the signaling path to learn the encryption keys.
>>>
>>>
>>> Cheers,
>>>
>>> Gonzalo
>>>
>>> On 02-Apr-19 16:50, Andy Hutton wrote:
>>>> I believe all Ben's points are addressed in the draft I submitted
>>>> last week https://tools.ietf.org/html/draft-ietf-sipbrandy-osrtp-08
>>>>
>>>> Regards Andy
>>>>
>>>> On Tue, 2 Apr 2019 at 12:03, Gonzalo Camarillo
>>>> <gonzalo.camarillo@ericsson.com> wrote:
>>>>>
>>>>> Hi Andy, authors,
>>>>>
>>>>> could you please let Alexey when he should expect a new revision of
>>>>> this draft that addresses Ben's point below?
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Gonzalo
>>>>>
>>>>> On 26-Mar-19 18:10, Ben Campbell wrote:
>>>>>> (+Alexey, who will take over SIPBRANDY when I step down as AD)
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Thanks for the response. This does not quite address my main
>>>>>> substantive comment. It does address everything else :-)
>>>>>>
>>>>>> Please see comment in line.
>>>>>>
>>>>>> Thanks!
>>>>>>
>>>>>> Ben.
>>>>>>
>>>>>>> On Mar 26, 2019, at 11:58 AM, Andy Hutton
>>>>>>> <andyhutton.ietf@gmail.com> wrote:
>>>>>>>
>>>>>>> I submitted an update in response to Ben's comments -
>>>>>>> https://tools.ietf.org/html/draft-ietf-sipbrandy-osrtp-08
>>>>>>>
>>>>>>> With regard to Ben's comment on the relaxing of the
>>>>>>> authentication requirement then this is consistent with the
>>>>>>> Opportunistic Security RFC 7435 and I added a reference to this
>>>>>>> as clarification.
>>>>>>
>>>>>> If I recall correctly, RFC 7435 does not discuss scenarios with
>>>>>> separate signaling and media channels, and how OS applies to each
>>>>>> channel. I was looking more for something about the impacts of
>>>>>> this “relaxation” specific to these sorts of scenarios with
>>>>>> dtls-srtp and sdes, and resulting assurances.
>>>>>>
>>>>>> For example, dtls-srtp with no authentication does not give you
>>>>>> assurances about who you are talking to, but it still allows
>>>>>> encryption. SDES without encryption lets an eavesdropper
>>>>>> potentially learn the encryption keys, etc. SDES with transport
>>>>>> level protection  (e.g. SIPS) protects from off-path
>>>>>> eavesdroppers, but allows proxies and b2bua’s in the signaling
>>>>>> path to learn the encryption keys.
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> Hopefully we can get this to RFC status now.
>>>>>>>
>>>>>>> Regards Andy
>>>>>>>
>>>>>>> On Mon, 25 Mar 2019 at 22:26, Andy Hutton
>>>>>>> <andyhutton.ietf@gmail.com> wrote:
>>>>>>>>
>>>>>>>> Sorry about the delay.
>>>>>>>>
>>>>>>>> See below.
>>>>>>>>
>>>>>>>> I will update the draft.
>>>>>>>>
>>>>>>>> Andy
>>>>>>>>
>>>>>>>> On Fri, 15 Feb 2019 at 08:46, Gonzalo Camarillo
>>>>>>>> <gonzalo.camarillo@ericsson.com> wrote:
>>>>>>>>>
>>>>>>>>> Thanks for the quick review, Ben!
>>>>>>>>>
>>>>>>>>> Authors, please address Ben's comments below.
>>>>>>>>>
>>>>>>>>> Cheers,
>>>>>>>>>
>>>>>>>>> Gonzalo
>>>>>>>>>
>>>>>>>>> On 14-Feb-19 22:46, Ben Campbell wrote:
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> This is my AD Evaluation of
>>>>>>>>>> draft-ietf-sipbrandy-osrtp-07.
>>>>>>>>>>
>>>>>>>>>> Thank you for a readable and easy to understand
>>>>>>>>>> document.There is one comment I would like to resolve
>>>>>>>>>> prior to IETF LC. The others can be resolved along with
>>>>>>>>>> any last call feedback.
>>>>>>>>>>
>>>>>>>>>> *** Please resolve prior to IETF LC ***
>>>>>>>>>>
>>>>>>>>>> §4: The relaxation of authentication requirements for
>>>>>>>>>> DTLS-SRTP and SDES could use some elaboration on why this
>>>>>>>>>> acceptable. I _think_ the answer is that, since OSRTP
>>>>>>>>>> doesn’t guaranty authentication, there’s no need for such
>>>>>>>>>> a guaranty from the signaling channel. Is that correct?
>>>>>>>>>>
>>>>>>>>>> OTOH, §1 says "third mode for security between
>>>>>>>>>> "cleartext” and "comprehensive protection" that allows
>>>>>>>>>> encryption and authentication to be used if supported…”.
>>>>>>>>>> That suggests that that authentication is sometimes
>>>>>>>>>> provided. Is there a distinction between the
>>>>>>>>>> authenticated case and unauthenticated case that should
>>>>>>>>>> be mentioned somewhere? (For example, is there a need to
>>>>>>>>>> indicate the distinction to the user?)
>>>>>>>>>>
>>>>>>>>
>>>>>>>> $1 should I think say "allows encryption and authenticated
>>>>>>>> media" but I cannot remember why we said the signalling
>>>>>>>> authentication requirements are relaxed this has been in the
>>>>>>>> draft from day 1 and I guess it is consistent with the best
>>>>>>>> effort approach.
>>>>>>>>
>>>>>>>> Anyone else want to comment?
>>>>>>>>
>>>>>>>>
>>>>>>>>>> *** Other Substantive Comments ***
>>>>>>>>>>
>>>>>>>>>> §2: Please use the new boilerplate from RFC 8174.
>>>>>>>>
>>>>>>>> Will do.
>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> §3.1: Please clarify that that the offer can contain more
>>>>>>>>>> than one key management attribute. This is mentioned in
>>>>>>>>>> §3.1, but not actually in the section on generating the
>>>>>>>>>> offer.
>>>>>>>>
>>>>>>>> Will do.
>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> *** Editorial Comments ***
>>>>>>>>>>
>>>>>>>>>> §3: "As discussed in [RFC7435], this is the
>>>>>>>>>> "comprehensive protection" for media mode.” s/this/that
>>>>>>>>
>>>>>>>> Thanks
>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> §3.4: "meaning that the decision to create an OSRTP type
>>>>>>>>>> offer or something else should not be influenced” That’s
>>>>>>>>>> referring to the decision to create a _new_ offer, right?
>>>>>>>>>> Not the original offer?
>>>>>>>>
>>>>>>>> Correct.
>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________ Sipbrandy
>>>>>>>>>> mailing list Sipbrandy@ietf.org
>>>>>>>>>> https://www.ietf.org/mailman/listinfo/sipbrandy
>>>>>>>>>>
>>>>>>>>> _______________________________________________ Sipbrandy
>>>>>>>>> mailing list Sipbrandy@ietf.org
>>>>>>>>> https://www.ietf.org/mailman/listinfo/sipbrandy
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________ Sipbrandy mailing
>>>> list Sipbrandy@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/sipbrandy
>>>>
>>
>> _______________________________________________
>> Sipbrandy mailing list
>> Sipbrandy@ietf.org
>> https://www.ietf.org/mailman/listinfo/sipbrandy
>>
>

v2.23.0 | Report a Bug | By Email