Return-Path: X-Original-To: speechsc@core3.amsl.com Delivered-To: speechsc@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EFA6C3A68F3; Tue, 14 Jul 2009 13:56:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.12 X-Spam-Level: X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[AWL=0.478, BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9H75WHTzQNi6; Tue, 14 Jul 2009 13:56:55 -0700 (PDT) Received: from mail-bw0-f228.google.com (mail-bw0-f228.google.com [209.85.218.228]) by core3.amsl.com (Postfix) with ESMTP id 541A73A6851; Tue, 14 Jul 2009 13:56:53 -0700 (PDT) Received: by bwz28 with SMTP id 28so1034595bwz.37 for ; Tue, 14 Jul 2009 13:55:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:cc:references :in-reply-to:subject:date:message-id:mime-version:content-type :x-mailer:thread-index:content-language; bh=JXBuGNY13Nyu1sy0p+Wp+49jE5Gkdyp/do+/prc/r2A=; b=hiYsj2q4nLgbmfLoJBdnn/N+QPbZA8W4H3ECq5yEpo0wEHMizUgCUikGUODvtODG2Z G+lp04JAPEl4+2xaQNlnJa2EAcdBNZGiYAaGg/FbDpUQOvYzGErRwfI3EFM2QEIrpGM5 0PSsVWsdRu1W9f8EIcgYceM+lWdolRA5XpCdA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-type:x-mailer:thread-index:content-language; b=w19DpgoWUL7PFQEVQvVlHyJ2VdCvI7hQSBkrc6/jkm7gLdRqDp8/KRhBazipYD3j+q 9THXVKs4koAwBxOdeyMaN+l/zhRsgrV9/fzDAHG8oyuMw3EieLhTuyHA3GUA0ZSX2wbj kBMW406u7SLdbjMvU9bRh2aRQ0NDy2jKR+Wqs= Received: by 10.103.233.11 with SMTP id k11mr3670845mur.42.1247604955582; Tue, 14 Jul 2009 13:55:55 -0700 (PDT) Received: from windows8d787f9 (bzq-79-179-66-37.red.bezeqint.net [79.179.66.37]) by mx.google.com with ESMTPS id 25sm23845825mul.20.2009.07.14.13.55.53 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 14 Jul 2009 13:55:54 -0700 (PDT) From: "Roni Even" To: "'Dan York'" , "'Roni Even'" References: <033101c9ff3a$cbe33160$63a99420$%roni@huawei.com> <05e101ca00d7$bc996aa0$35cc3fe0$%roni@huawei.com> <53ADC9B8-F9D2-4B27-A6D8-96B507911343@voxeo.com> In-Reply-To: <53ADC9B8-F9D2-4B27-A6D8-96B507911343@voxeo.com> Date: Tue, 14 Jul 2009 23:55:27 +0300 Message-ID: <4a5cf0da.190c660a.3ec0.58fa@mx.google.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0A5D_01CA04DE.90AD2E80" X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcoEwZDrIBeDdtFURVOXNaXHDHQ5wQAA1HiA Content-Language: en-us X-Mailman-Approved-At: Wed, 15 Jul 2009 08:14:53 -0700 Cc: speechsc@ietf.org, 'Saravanan Shanmugham' , rai@ietf.org Subject: Re: [Speechsc] [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19 X-BeenThere: speechsc@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Speech Services Control Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2009 20:56:57 -0000 This is a multi-part message in MIME format. ------=_NextPart_000_0A5D_01CA04DE.90AD2E80 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Dan, This is the general idea. The major reason is that there are various ways to protect the data and if you are not mandating one for interoperability then it can be more general For example we have the following text when discussing security in the RTP payloads specifications. RTP packets using the payload format defined in this specification are subject to the security considerations discussed in the RTP specification [RFC3550] and any appropriate RTP profile. The main security considerations for the RTP packet carrying the RTP payload format defined within this memo are confidentiality, integrity, and source authenticity. Confidentiality is achieved by encryption of the RTP payload. Integrity of the RTP packets is achieved through a suitable cryptographic integrity protection mechanism. Such a cryptographic system may also allow the authentication of the source of the payload. A suitable security mechanism for this RTP payload format should provide confidentiality, integrity protection, and at least source authentication capable of determining if an RTP packet is from a member of the RTP session. Note that the appropriate mechanism to provide security to RTP and payloads following this memo may vary. It is dependent on the application, the transport, and the signaling protocol employed. Therefore, a single mechanism is not sufficient, although if suitable, usage of the Secure Real-time Transport Protocol (SRTP) [RFC3711] recommended. Other mechanisms that may be used are IPsec [RFC4301] Transport Layer Security (TLS) [RFC5246] (RTP over TCP); other alternatives may exist. Roni Even From: rai-bounces@ietf.org [mailto:rai-bounces@ietf.org] On Behalf Of Dan York Sent: Tuesday, July 14, 2009 11:16 PM To: Roni Even Cc: 'Daniel Burnett'; speechsc@ietf.org; 'Saravanan Shanmugham'; rai@ietf.org Subject: Re: [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19 Roni, The current text at http://tools.ietf.org/html/draft-ietf-speechsc-mrcpv2-19#section-12.3 is: ------ 12.3. Media session protection Sensitive data is also carried on media sessions terminating on MRCPv2 servers (the other end of a media channel may or may not be on the MRCPv2 client). This data includes the user's spoken utterances and the output of text-to-speech operations. MRCPv2 servers MUST support SRTP for protection of audio media sessions. MRCPv2 clients that originate or consume audio similarly MUST support SRTP. Alternative media channel protection MAY be used if desired (e.g. IPSEC). ------ Based on your comments and the srtp-not-mandatory draft (which was just revised to http://tools.ietf.org/html/draft-ietf-avt-srtp-not-mandatory-03 ), my understanding would be that you are advocating something more like this: ------ 12.3. Media session protection Sensitive data is also carried on media sessions terminating on MRCPv2 servers (the other end of a media channel may or may not be on the MRCPv2 client). This data includes the user's spoken utterances and the output of text-to-speech operations. MRCPv2 servers MUST support a security mechanism for protection of audio media sessions. MRCPv2 clients that originate or consume audio similarly MUST support a security mechanism for protection of the audio. ------ Is that an accurate summary of your feedback? Would that text be acceptable? Regards, Dan On Jul 9, 2009, at 4:56 PM, Roni Even wrote: Eric, My comment is that in this case in AVT we say that you do not need to mandate SRTP but mandate a security mechanism that can be not only SRTP but in a different layer like ipsec. This is why I gave a reference to the srtp-not-mandatory draft Roni -----Original Message----- From: Eric Burger [mailto:eburger@standardstrack.com] Sent: Thursday, July 09, 2009 11:28 PM To: Roni Even Cc: Saravanan Shanmugham; Daniel Burnett; speechsc@ietf.org; rai@ietf.org Subject: Re: RAI review of draft-ietf-speechsc-mrcpv2-19 The reality is that NO ONE has implemented any security to date. The GENART reviewer raised the same issue, and so far the work group has the same response: MRCPv2 (the speechsc work group) is not planning on figuring out which of the seven key exchange mechanisms to use in SIP. We are counting on the community publishing something, and people using it. After all, we are the "using SIP for media resource control" work group, not the "media resource control work group using something like SIP for control." Does this work for you? On Jul 7, 2009, at 3:40 PM, Roni Even wrote: [snip] 18. In section 12.3 the suggestion is to use SRTP as the mandatory interoperability mode. If the reason for mandating SRTP is for a common mode you should also decide on a key exchange mechanism. I suggest you look athttp://tools.ietf.org/html/draft-ietf-avt-srtp- not-mandatory-02 for discussion on media security. _______________________________________________ RAI mailing list RAI@ietf.org https://www.ietf.org/mailman/listinfo/rai -- Dan York, Director of Conversations Voxeo Corporation http://www.voxeo.com dyork@voxeo.com Phone: +1-407-455-5859 Skype: danyork Join the Voxeo conversation: Blogs: http://blogs.voxeo.com Twitter: http://twitter.com/voxeo http://twitter.com/danyork Facebook: http://www.facebook.com/voxeo ------=_NextPart_000_0A5D_01CA04DE.90AD2E80 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Dan,

This is the general idea. The major reason is that there = are various ways to protect the data and if you are not mandating one for interoperability then it can be more general

 

For example we have the following text when discussing = security in the RTP payloads specifications.

 

RTP packets using the payload format defined in this specification

   are subject to the security considerations = discussed in the RTP

   specification [RFC3550] and any appropriate = RTP profile.  The main

   security considerations for the RTP packet = carrying the RTP payload

   format defined within this memo are = confidentiality, integrity, and

   source authenticity.  Confidentiality = is achieved by encryption of

   the RTP payload.  Integrity of the RTP = packets is achieved through a

   suitable cryptographic integrity protection = mechanism.  Such a

   cryptographic system may also allow the = authentication of the source

   of the payload.  A suitable security = mechanism for this RTP payload

   format should provide confidentiality, = integrity protection, and at

   least source authentication capable of = determining if an RTP packet

   is from a member of the RTP = session.

 

   Note that the appropriate mechanism to = provide security to RTP and

   payloads following this memo may vary.  = It is dependent on the

   application, the transport, and the = signaling protocol employed.

   Therefore, a single mechanism is not = sufficient, although if

   suitable, usage of the Secure Real-time = Transport Protocol (SRTP)

   [RFC3711] recommended.  Other = mechanisms that may be used are IPsec

   [RFC4301] Transport Layer Security (TLS) = [RFC5246] (RTP over TCP);

   other alternatives may = exist.

 

Roni Even

 

From:= rai-bounces@ietf.org [mailto:rai-bounces@ietf.org] On Behalf Of = Dan York
Sent: Tuesday, July 14, 2009 11:16 PM
To: Roni Even
Cc: 'Daniel Burnett'; speechsc@ietf.org; 'Saravanan Shanmugham'; rai@ietf.org
Subject: Re: [RAI] RAI review of = draft-ietf-speechsc-mrcpv2-19

 

Roni,

 

------
12.3. =
Media session protection  
Sensitive =
data is also carried on media sessions terminating on MRCPv2 servers =
(the other end of a media channel may or may not be on the MRCPv2 =
client). This data includes the user's spoken utterances and the output =
of text-to-speech operations. MRCPv2 servers MUST support SRTP for =
protection of audio media sessions. MRCPv2 clients that originate or =
consume audio similarly MUST support SRTP. Alternative media channel =
protection MAY be used if desired (e.g. =
IPSEC).

------

 

Based on your comments and the srtp-not-mandatory = draft (which was just revised to = http://tools.ietf.org/html/draft-ietf-avt-srtp-not-mandatory-03 ), my understanding would be that you are advocating something more like = this:

 

------

12.3. Media session =
protection 
Sensitive=
 data is also carried on media sessions terminating on MRCPv2 servers =
(the other end of a media channel may or may not be on the MRCPv2 =
client). This data includes the user's spoken utterances   =
 and the output of text-to-speech operations. MRCPv2 servers MUST =
support a security mechanism for protection of audio media sessions. =
MRCPv2 clients that originate or consume audio similarly MUST support a =
security mechanism for protection of the =
audio. 

------

 

Is that an accurate summary of your feedback? =  Would that text be acceptable?

 

Regards,

Dan

 

On Jul 9, 2009, at 4:56 PM, Roni Even = wrote:



Eric,
My comment is that in this case in AVT we say that you do not need = to
mandate SRTP but mandate a security mechanism that can be  not only = SRTP but
in a different layer like ipsec. This is why I gave a reference to = the
srtp-not-mandatory draft

Roni


-----Original Message-----

From: Eric Burger [mailto:eburger@standardstrack.= com]

Sent: Thursday, July 09, 2009 11:28 = PM

To: Roni Even

Cc: Saravanan Shanmugham; Daniel Burnett; speechsc@ietf.org;

rai@ietf.org

Subject: Re: RAI review of = draft-ietf-speechsc-mrcpv2-19

 

The reality is that NO ONE has implemented any = security to date. The

GENART reviewer raised the same issue, and so far = the work group has

the same response: MRCPv2 (the speechsc work group) = is not planning on

figuring out which of the seven key exchange = mechanisms to use in

SIP.  We are counting on the community = publishing something, and

people using it.  After all, we are the = "using SIP for media resource

control" work group, not the "media = resource control work group using

something like SIP for = control."

 

Does this work for you?

 

On Jul 7, 2009, at 3:40 PM, Roni Even = wrote:

 

[snip]

 

 

18.   In section 12.3 the suggestion is = to use SRTP as the mandatory

interoperability mode. If the reason for mandating = SRTP is for a

common mode you should also decide on a key = exchange mechanism. I

suggest you look athttp://tools.iet= f.org/html/draft-ietf-avt-srtp-

not-mandatory-02

for discussion on media security.



_______________________________________________
RAI mailing list
RAI@ietf.org
https://www.ietf.org/mailman/listinfo/rai

 

-- 

Dan York, Director of Conversations

Voxeo Corporation   http://www.voxeo.com  dyork@voxeo.com

=

Phone: +1-407-455-5859    Skype: danyork  

 

Join the Voxeo conversation:

 



 

 

 

 

 

 

------=_NextPart_000_0A5D_01CA04DE.90AD2E80--