Return-Path: X-Original-To: speechsc@core3.amsl.com Delivered-To: speechsc@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E09093A6D37; Thu, 9 Jul 2009 13:49:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.305 X-Spam-Level: X-Spam-Status: No, score=-6.305 tagged_above=-999 required=5 tests=[AWL=0.294, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YlYnKsp5xCbN; Thu, 9 Jul 2009 13:49:16 -0700 (PDT) Received: from zrtps0kp.nortel.com (zrtps0kp.nortel.com [47.140.192.56]) by core3.amsl.com (Postfix) with ESMTP id 1CDFB3A6D55; Thu, 9 Jul 2009 13:48:56 -0700 (PDT) Received: from zrc2hxm0.corp.nortel.com (zrc2hxm0.corp.nortel.com [47.103.123.71]) by zrtps0kp.nortel.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id n69KnDi06199; Thu, 9 Jul 2009 20:49:13 GMT X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Thu, 9 Jul 2009 15:48:56 -0500 Message-ID: <1ECE0EB50388174790F9694F77522CCF1EE8AAC1@zrc2hxm0.corp.nortel.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19 thread-index: AcoA08qFd1S0dvASReCM8f8AHQdPFgAAoe5A References: <033101c9ff3a$cbe33160$63a99420$%roni@huawei.com> From: "Francois Audet" To: "Eric Burger" , "Roni Even" X-Mailman-Approved-At: Fri, 10 Jul 2009 08:28:56 -0700 Cc: speechsc@ietf.org, Saravanan Shanmugham , rai@ietf.org Subject: Re: [Speechsc] [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19 X-BeenThere: speechsc@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Speech Services Control Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Jul 2009 20:49:17 -0000 Eric, I think you need to clarify the context of the following statement you=20 made: "The reality is that NO ONE has implemented any security to=20 date." Certainly, SRTP is widely implemented and deployed in many environements (e.g., Enteprise telephony for example). I am assuming that your comment was specific to MRCPv2? > -----Original Message----- > From: rai-bounces@ietf.org [mailto:rai-bounces@ietf.org] On=20 > Behalf Of Eric Burger > Sent: Thursday, July 09, 2009 13:28 > To: Roni Even > Cc: Daniel Burnett; speechsc@ietf.org; Saravanan Shanmugham;=20 > rai@ietf.org > Subject: Re: [RAI] RAI review of draft-ietf-speechsc-mrcpv2-19 >=20 > The reality is that NO ONE has implemented any security to=20 > date. The GENART reviewer raised the same issue, and so far=20 > the work group has the same response: MRCPv2 (the speechsc=20 > work group) is not planning on figuring out which of the=20 > seven key exchange mechanisms to use in SIP. We are counting=20 > on the community publishing something, and people using it. =20 > After all, we are the "using SIP for media resource control"=20 > work group, not the "media resource control work group using=20 > something like SIP for control." >=20 > Does this work for you? >=20 > On Jul 7, 2009, at 3:40 PM, Roni Even wrote: >=20 > > [snip] > > > > > > 18. In section 12.3 the suggestion is to use SRTP as the=20 > mandatory =20 > > interoperability mode. If the reason for mandating SRTP is for a=20 > > common mode you should also decide on a key exchange mechanism. I=20 > > suggest you look=20 > > athttp://tools.ietf.org/html/draft-ietf-avt-srtp-not-mandatory-02 > > for discussion on media security. >=20 >=20