IETF Logo Mail Archive

Re: [Speechsc] [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19

"Roni Even" <ron.even.tlv@gmail.com> Tue, 14 July 2009 22:01 UTC

Return-Path: <ron.even.tlv@gmail.com>
X-Original-To: speechsc@core3.amsl.com
Delivered-To: speechsc@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7DA2F3A635F; Tue, 14 Jul 2009 15:01:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.165
X-Spam-Level:
X-Spam-Status: No, score=-2.165 tagged_above=-999 required=5 tests=[AWL=0.433, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mdfQN+LUIwT3; Tue, 14 Jul 2009 15:01:41 -0700 (PDT)
Received: from mail-fx0-f218.google.com (mail-fx0-f218.google.com [209.85.220.218]) by core3.amsl.com (Postfix) with ESMTP id A6F433A6E60; Tue, 14 Jul 2009 15:01:24 -0700 (PDT)
Received: by fxm18 with SMTP id 18so3101102fxm.37 for <multiple recipients>; Tue, 14 Jul 2009 15:00:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:cc:references :in-reply-to:subject:date:message-id:mime-version:content-type :x-mailer:thread-index:content-language; bh=jKIvUZ2UzofS+UNKUoF/lXaPGvA3D8jZA8LscnDzTUI=; b=a0hN5icK67E/9U7kdht3MmSc2ZNYXfMRUzg/4oXhib0JpwSio3gwQOPg70Kf/5s8H5 YhX9CvijbG7ZNGHMXvFbPX7OzOHplal2wgfudMGArU5oRorX6Az4m1wDXOioTt1s/ArA kS3UNvsSO6tj60ges99fhz2lBp4fKJDx1gnz8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-type:x-mailer:thread-index:content-language; b=GVe0Eanxh9srxlnumxNB/mwvqUlNoZNK1pqnFPbhG2avak2ZqIc4ghzH8pFAQZG2ZI znEJ2Zw+WUVyI7uNeffnNAPFd4uDgEK2LMrzw0zGN/wa8YjDdTb1lKuDNsLWT1Tbr40g 2pyOOffHG2j7zXzLpRe09+rJ5FsPehXdp+JsU=
Received: by 10.103.131.13 with SMTP id i13mr3715652mun.64.1247607397188; Tue, 14 Jul 2009 14:36:37 -0700 (PDT)
Received: from windows8d787f9 (bzq-79-179-66-37.red.bezeqint.net [79.179.66.37]) by mx.google.com with ESMTPS id n10sm30032606mue.17.2009.07.14.14.36.34 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 14 Jul 2009 14:36:36 -0700 (PDT)
From: Roni Even <ron.even.tlv@gmail.com>
To: 'Dan York' <dyork@voxeo.com>
References: <033101c9ff3a$cbe33160$63a99420$%roni@huawei.com> <EE02487B-63DE-4CC6-81A9-7A4FAAD4A76D@standardstrack.com> <05e101ca00d7$bc996aa0$35cc3fe0$%roni@huawei.com> <53ADC9B8-F9D2-4B27-A6D8-96B507911343@voxeo.com> <4a5cf0da.190c660a.3ec0.58fa@mx.google.com> <F692C744-B56F-4053-BD76-4D63B61C2C48@voxeo.com>
In-Reply-To: <F692C744-B56F-4053-BD76-4D63B61C2C48@voxeo.com>
Date: Wed, 15 Jul 2009 00:36:08 +0300
Message-ID: <4a5cfa64.0aa5660a.1918.ffff94d6@mx.google.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0A87_01CA04E4.4014F3D0"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcoEx4wp7NhipJKURgG7lWCJ5mWaSgAAykQQ
Content-Language: en-us
X-Mailman-Approved-At: Wed, 15 Jul 2009 08:14:53 -0700
Cc: speechsc@ietf.org, 'Saravanan Shanmugham' <sarvi@cisco.com>, rai@ietf.org, 'Roni Even' <Even.roni@huawei.com>
Subject: Re: [Speechsc] [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19
X-BeenThere: speechsc@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Speech Services Control Working Group <speechsc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/speechsc>, <mailto:speechsc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/speechsc>
List-Post: <mailto:speechsc@ietf.org>
List-Help: <mailto:speechsc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/speechsc>, <mailto:speechsc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jul 2009 22:01:43 -0000

Dan,

I prefer the text that recommends SRTP (It is a SHOULD and not a MUST). The
text we currently have is based on the security reviews we got for RTP
payload specifications, and as you can see it addresses the issue of why not
to mandate SRTP.

Roni

 

From: Dan York [mailto:dyork@voxeo.com] 
Sent: Wednesday, July 15, 2009 12:11 AM
To: Roni Even
Cc: 'Roni Even'; 'Daniel Burnett'; speechsc@ietf.org; 'Saravanan
Shanmugham'; rai@ietf.org
Subject: Re: [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19

 

Roni,

 

So as the RAI reviewer, are you okay with the text I suggested:

------

12.3. Media session protection 
Sensitive data is also carried on media sessions terminating on MRCPv2
servers (the other end of a media channel may or may not be on the MRCPv2
client). This data includes the user's spoken utterances    and the output
of text-to-speech operations. MRCPv2 servers MUST support a security
mechanism for protection of audio media sessions. MRCPv2 clients that
originate or consume audio similarly MUST support a security mechanism for
protection of the audio. 

------

 

Or would you prefer this text that includes the recommendation of SRTP?
(Which I noticed you did in the RTP payloads spec - and it makes sense to me
to provide some basic guidance.):

------

12.3. Media session protection 
Sensitive data is also carried on media sessions terminating on MRCPv2
servers (the other end of a media channel may or may not be on the MRCPv2
client). This data includes the user's spoken utterances    and the output
of text-to-speech operations. MRCPv2 servers MUST support a security
mechanism for protection of audio media sessions. MRCPv2 clients that
originate or consume audio similarly MUST support a security mechanism for
protection of the audio. If appropriate, usage of the Secure Real-time
Transport Protocol (SRTP) [RFC3711] is recommended.

------

 

Regards,

Dan

 

Regards,

Dan

 

On Jul 14, 2009, at 4:55 PM, Roni Even wrote:





Dan,

This is the general idea. The major reason is that there are various ways to
protect the data and if you are not mandating one for interoperability then
it can be more general

 

For example we have the following text when discussing security in the RTP
payloads specifications.

 

RTP packets using the payload format defined in this specification

   are subject to the security considerations discussed in the RTP

   specification [RFC3550] and any appropriate RTP profile.  The main

   security considerations for the RTP packet carrying the RTP payload

   format defined within this memo are confidentiality, integrity, and

   source authenticity.  Confidentiality is achieved by encryption of

   the RTP payload.  Integrity of the RTP packets is achieved through a

   suitable cryptographic integrity protection mechanism.  Such a

   cryptographic system may also allow the authentication of the source

   of the payload.  A suitable security mechanism for this RTP payload

   format should provide confidentiality, integrity protection, and at

   least source authentication capable of determining if an RTP packet

   is from a member of the RTP session.

 

   Note that the appropriate mechanism to provide security to RTP and

   payloads following this memo may vary.  It is dependent on the

   application, the transport, and the signaling protocol employed.

   Therefore, a single mechanism is not sufficient, although if

   suitable, usage of the Secure Real-time Transport Protocol (SRTP)

   [RFC3711] recommended.  Other mechanisms that may be used are IPsec

   [RFC4301] Transport Layer Security (TLS) [RFC5246] (RTP over TCP);

   other alternatives may exist.

 

Roni Even

 

From: rai-bounces@ietf.org [mailto:rai-bounces@ietf.org] On Behalf Of Dan
York
Sent: Tuesday, July 14, 2009 11:16 PM
To: Roni Even
Cc: 'Daniel Burnett'; speechsc@ietf.org; 'Saravanan Shanmugham';
rai@ietf.org
Subject: Re: [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19

 

Roni,

 

The current text at
http://tools.ietf.org/html/draft-ietf-speechsc-mrcpv2-19#section-12.3 is:

------
12.3. Media session protection  
Sensitive data is also carried on media sessions terminating on MRCPv2
servers (the other end of a media channel may or may not be on the MRCPv2
client). This data includes the user's spoken utterances and the output of
text-to-speech operations. MRCPv2 servers MUST support SRTP for protection
of audio media sessions. MRCPv2 clients that originate or consume audio
similarly MUST support SRTP. Alternative media channel protection MAY be
used if desired (e.g. IPSEC).

------

 

Based on your comments and the srtp-not-mandatory draft (which was just
revised to http://tools.ietf.org/html/draft-ietf-avt-srtp-not-mandatory-03
), my understanding would be that you are advocating something more like
this:

 

------

12.3. Media session protection 
Sensitive data is also carried on media sessions terminating on MRCPv2
servers (the other end of a media channel may or may not be on the MRCPv2
client). This data includes the user's spoken utterances    and the output
of text-to-speech operations. MRCPv2 servers MUST support a security
mechanism for protection of audio media sessions. MRCPv2 clients that
originate or consume audio similarly MUST support a security mechanism for
protection of the audio. 

------

 

Is that an accurate summary of your feedback?  Would that text be
acceptable?

 

Regards,

Dan

 

On Jul 9, 2009, at 4:56 PM, Roni Even wrote:






Eric,
My comment is that in this case in AVT we say that you do not need to
mandate SRTP but mandate a security mechanism that can be  not only SRTP but
in a different layer like ipsec. This is why I gave a reference to the
srtp-not-mandatory draft

Roni





-----Original Message-----

From: Eric Burger [mailto:eburger@standardstrack.com]

Sent: Thursday, July 09, 2009 11:28 PM

To: Roni Even

Cc: Saravanan Shanmugham; Daniel Burnett; speechsc@ietf.org;

rai@ietf.org

Subject: Re: RAI review of draft-ietf-speechsc-mrcpv2-19

 

The reality is that NO ONE has implemented any security to date. The

GENART reviewer raised the same issue, and so far the work group has

the same response: MRCPv2 (the speechsc work group) is not planning on

figuring out which of the seven key exchange mechanisms to use in

SIP.  We are counting on the community publishing something, and

people using it.  After all, we are the "using SIP for media resource

control" work group, not the "media resource control work group using

something like SIP for control."

 

Does this work for you?

 

On Jul 7, 2009, at 3:40 PM, Roni Even wrote:

 

[snip]

 

 

18.   In section 12.3 the suggestion is to use SRTP as the mandatory

interoperability mode. If the reason for mandating SRTP is for a

common mode you should also decide on a key exchange mechanism. I

suggest you look athttp://tools.ietf.org/html/draft-ietf-avt-srtp-

not-mandatory-02

for discussion on media security.



_______________________________________________
RAI mailing list
RAI@ietf.org
https://www.ietf.org/mailman/listinfo/rai

 

-- 

Dan York, Director of Conversations

Voxeo Corporation   http://www.voxeo.com  dyork@voxeo.com

Phone: +1-407-455-5859    Skype: danyork  

 

Join the Voxeo conversation:

Blogs: http://blogs.voxeo.com

Twitter: http://twitter.com/voxeo  http://twitter.com/danyork

Facebook: http://www.facebook.com/voxeo

 






 

 

 

 

 

 

 

-- 

Dan York, Director of Conversations

Voxeo Corporation   http://www.voxeo.com  dyork@voxeo.com

Phone: +1-407-455-5859    Skype: danyork  

 

Join the Voxeo conversation:

Blogs: http://blogs.voxeo.com

Twitter: http://twitter.com/voxeo  http://twitter.com/danyork

Facebook: http://www.facebook.com/voxeo

v2.39.1 | Report a Bug | By Email | System Status