IETF Logo Mail Archive

Re: [Speermint] AD review: draft-ietf-speermint-voipthreats-05

Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com> Tue, 18 January 2011 15:53 UTC

Return-Path: <gonzalo.camarillo@ericsson.com>
X-Original-To: speermint@core3.amsl.com
Delivered-To: speermint@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 378473A7027 for <speermint@core3.amsl.com>; Tue, 18 Jan 2011 07:53:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.613
X-Spam-Level:
X-Spam-Status: No, score=-106.613 tagged_above=-999 required=5 tests=[AWL=-0.014, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3UaWTkhc9Eoq for <speermint@core3.amsl.com>; Tue, 18 Jan 2011 07:53:09 -0800 (PST)
Received: from mailgw9.se.ericsson.net (mailgw9.se.ericsson.net [193.180.251.57]) by core3.amsl.com (Postfix) with ESMTP id 5E7413A7026 for <speermint@ietf.org>; Tue, 18 Jan 2011 07:53:09 -0800 (PST)
X-AuditID: c1b4fb39-b7cfbae000005c8e-22-4d35b80123ea
Received: from esessmw0191.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw9.se.ericsson.net (Symantec Mail Security) with SMTP id B6.EA.23694.108B53D4; Tue, 18 Jan 2011 16:55:45 +0100 (CET)
Received: from [131.160.126.246] (153.88.115.8) by esessmw0191.eemea.ericsson.se (153.88.115.85) with Microsoft SMTP Server id 8.2.234.1; Tue, 18 Jan 2011 16:55:45 +0100
Message-ID: <4D35B801.5030701@ericsson.com>
Date: Tue, 18 Jan 2011 17:55:45 +0200
From: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: "speermint@ietf.org" <speermint@ietf.org>
References: <4CA35805.80606@ericsson.com> <4CE26FC7.10605@ericsson.com> <4D0A2312.105@ericsson.com>
In-Reply-To: <4D0A2312.105@ericsson.com>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: AAAAAA==
Subject: Re: [Speermint] AD review: draft-ietf-speermint-voipthreats-05
X-BeenThere: speermint@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mailing list for the speermint working group <speermint.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/speermint>, <mailto:speermint-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/speermint>
List-Post: <mailto:speermint@ietf.org>
List-Help: <mailto:speermint-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/speermint>, <mailto:speermint-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jan 2011 15:53:12 -0000

Hi,

I still do not seem to have received any answer (see email below).

Thanks,

Gonzalo

On 16/12/2010 4:32 PM, Gonzalo Camarillo wrote:
> Hi,
> 
> I do not seem to have received an answer to my email below. If I have
> missed it, could you please resend it?
> 
> Thanks,
> 
> Gonzalo
> 
> On 16/11/2010 1:49 PM, Gonzalo Camarillo wrote:
>> Hi,
>>
>> thanks for having submitted a new revision of this draft:
>>
>> http://tools.ietf.org/html/draft-ietf-speermint-voipthreats-06
>>
>> This revision addresses most of my comments below. However, I do not
>> think I got an answer to the following question:
>>
>>> While message modification and eavesdropping is included in the
>>> threats against SF and MF, they do not seem to appear in the threats
>>> against LRF and LUF. Why?
>>
>> Also, the reasons why Section 4.5 recommends TCP over UDP are still not
>> clear. UDP over DTLS would meet the requirements in both Sections 3.2
>> and 4.5.
>>
>> Thanks,
>>
>> Gonzalo
>>
>>
>> On 29/09/2010 5:15 PM, Gonzalo Camarillo wrote:
>>> Hi,
>>>
>>> a couple of days ago I received a publication request for the following
>>> draft:
>>>
>>> https://datatracker.ietf.org/doc/draft-ietf-speermint-voipthreats/
>>>
>>> Here you have my AD review of the draft (see below). The authors should
>>> be able to address all my comments fairly quickly. As soon as they
>>> revise the draft I will initiate its IETF LC.
>>>
>>> Thanks,
>>>
>>> Gonzalo
>>>
>>>
>>> draft-ietf-speermint-voipthreats-05
>>>
>>> Expand acronyms on their first use (e.g., SPEERMINT in the title and
>>> VoIP in the Introduction).
>>>
>>> The Abstract and the Introduction attempt to explain the relationship
>>> between this draft and draft-ietf-speermint-requirements. However,
>>> Section 3.1 does a better job at that. Could you please clarify in the
>>> Introduction that the requirements in draft-ietf-speermint-requirements
>>> were derived from the threats documented in this draft? Also, please
>>> clarify that in addition to be the base for those requirements, this
>>> draft provides countermeasures to meet those requirements. Any SPEERMINT
>>> expert will probably understand that by reading the Abstract and the
>>> Introduction but clarifying those points will help readers who have not
>>> been that involved in the process.
>>>
>>> While message modification and eavesdropping is included in the
>>> threats against SF and MF, they do not seem to appear in the threats
>>> against LRF and LUF. Why?
>>>
>>> Section 4.5 recommends to use TCP instead of UDP. That advice is great,
>>> but the reasons Section 4.5 discusses are not that strong. The fact that
>>> the linux kernel has improved is irrelevant if an operator uses
>>> non-linux boxes. Also, an operator using UDP over IPsec, for instance,
>>> will not face the problems described there. The main recommendation in
>>> Section 4.5 seems to actually be to use an integrity protection
>>> mechanism. Clarifying that section would be useful.
>>>
>>> [refs.sbcfuncs] has been published as RFC 5853
>>>
>>> A few references only include the title and the author fields. Adding
>>> the venue where they were published would be useful.
>>>
>>
>> _______________________________________________
>> Speermint mailing list
>> Speermint@ietf.org
>> https://www.ietf.org/mailman/listinfo/speermint
>>
> 
> _______________________________________________
> Speermint mailing list
> Speermint@ietf.org
> https://www.ietf.org/mailman/listinfo/speermint
>

v2.23.0 | Report a Bug | By Email