Re: [Sipbrandy] Comments on draft-peterson-sipbrandy-rtpsec-00
Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com> Sun, 17 July 2016 10:49 UTC
Return-Path: <gonzalo.camarillo@ericsson.com>
X-Original-To: sipbrandy@ietfa.amsl.com
Delivered-To: sipbrandy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 314F112D516 for <sipbrandy@ietfa.amsl.com>; Sun, 17 Jul 2016 03:49:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.221
X-Spam-Level:
X-Spam-Status: No, score=-104.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QB-BaonXZ_-h for <sipbrandy@ietfa.amsl.com>; Sun, 17 Jul 2016 03:49:06 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14AD312D0B1 for <sipbrandy@ietf.org>; Sun, 17 Jul 2016 03:49:05 -0700 (PDT)
X-AuditID: c1b4fb25-f79f26d00000327e-d5-578b62a02023
Received: from ESESSHC007.ericsson.se (Unknown_Domain [153.88.183.39]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 68.F6.12926.0A26B875; Sun, 17 Jul 2016 12:49:04 +0200 (CEST)
Received: from [131.160.126.84] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.41) with Microsoft SMTP Server id 14.3.294.0; Sun, 17 Jul 2016 12:49:03 +0200
To: Alan Johnston <alan.b.johnston@gmail.com>, sipbrandy@ietf.org
References: <CAKhHsXEpSxpg1KxH8ijORaoOw1_yWEcfK5kCu=w2RsNHvqPu8Q@mail.gmail.com>
From: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
Message-ID: <c9551667-8990-f7a5-74ba-903b7ad8ec36@ericsson.com>
Date: Sun, 17 Jul 2016 12:49:03 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <CAKhHsXEpSxpg1KxH8ijORaoOw1_yWEcfK5kCu=w2RsNHvqPu8Q@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrMLMWRmVeSWpSXmKPExsUyM2K7uu6CpO5wgxON0hYzW1tZLFasO8Xk wOSxc9Zddo8lS34yBTBFcdmkpOZklqUW6dslcGWc2L2ErWCXQMXyI5OYGxj/83QxcnJICJhI TN49kRXCFpO4cG89WxcjF4eQwBFGiTWfpzOBJIQE1jBKHJpaCmILC7hL3NtynxHEFhFwlti1 aTs7RE2AxObLX5hBbDYBC4ktt+6zgNi8AvYSv55/BatnEVCV6F/wDijOwSEqECOxvi8BokRQ 4uTMJ2DlnAKBEhMOLgYbySxgIHFk0RxWCFteYvvbOcwQq7Qllj9rYZnAKDALSfssJC2zkLQs YGRexShanFqclJtuZKyXWpSZXFycn6eXl1qyiREYlAe3/FbdwXj5jeMhRgEORiUe3oR1XeFC rIllxZW5hxglOJiVRHiTErvDhXhTEiurUovy44tKc1KLDzFKc7AoifP6v1QMFxJITyxJzU5N LUgtgskycXBKNTB6yiwIzXvIJPQqvXWC7x//Fw4Vc1K5dWWO/TMyubo9qq1vctbqXcsrAlb2 bl9utGIb8wWdjN/+ajc1mP0n21aobivZf2zS4wLerXf2zNA2OF0195jSXda11zU4/l7R357E qTHnoFfUjG+c4r0JD7u+933dZMhQUbV8vx3DFNaD8s/iz2tumbdciaU4I9FQi7moOBEAplrj KEYCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipbrandy/ecSwjguslvBSWgiQcXLqEf_8nVs>
Subject: Re: [Sipbrandy] Comments on draft-peterson-sipbrandy-rtpsec-00
X-BeenThere: sipbrandy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIPBRANDY working group discussion list <sipbrandy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipbrandy>, <mailto:sipbrandy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipbrandy/>
List-Post: <mailto:sipbrandy@ietf.org>
List-Help: <mailto:sipbrandy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipbrandy>, <mailto:sipbrandy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Jul 2016 10:49:08 -0000
Thanks Alan for getting the discussion started. The mailing list has been very quiet so far. All, it would be useful to start the conversations we need to have by email in preparation for our face-to-face session this week. Cheers, Gonzalo On 17/07/2016 10:55 AM, Alan Johnston wrote: > All, > > I've reviewed draft-peterson-sipbrandy-rtpsec-00 and have a few comments. > > Overall, the content seems OK, although I'm surprised at the number of > open issues and Internet-Drafts referenced. It is hard to believe that > this is our situation after 15 years of SIP (RFC 3261) and 12 years of > SRTP (RFC 3711)... > > Section 3.2 begins with: > > Work is already underway on defining approaches to opportunistic > media security for SIP in [I-D.johnston-dispatch-osrtp], which builds > on the prior efforts of [I-D.kaplan-mmusic-best-effort-srtp]. > > Instead of a reference to the Kaplan draft, which is already referenced > and credited in the OSRTP draft, perhaps it would be better to say: > > Work is already underway on defining approaches to opportunistic > media security for SIP in [I-D.johnston-dispatch-osrtp], which reflects > common industry implementations. > > In Section 5, this statement: > > Both DTLS-SRTP and ZRTP instead provide hashes which are carried in > SDP, and > thus require only integrity protection rather than confidentiality. > > isn't quite accurate, since it implies that ZRTP requires integrity > protected signaling. It would be better to say: > > DTLS-SRTP provides a hash which is carried in SDP, and > thus requires only integrity protection rather than confidentiality. > ZRTP can also provide a hash to make use of integrity protected > signaling, > however, it does not rely on it. > > One nit: The short title seems to be "RTP Security" - probably this > should mention SIP as well. > > - Alan - > > > _______________________________________________ > Sipbrandy mailing list > Sipbrandy@ietf.org > https://www.ietf.org/mailman/listinfo/sipbrandy >
- Re: [Sipbrandy] Comments on draft-peterson-sipbra… Gonzalo Camarillo
- [Sipbrandy] Comments on draft-peterson-sipbrandy-… Alan Johnston