IETF Logo Mail Archive

Re: [straw] Alissa Cooper's Discuss on draft-ietf-straw-b2bua-dtls-srtp-09: (with DISCUSS and COMMENT)

"Ben Campbell" <ben@nostrum.com> Mon, 21 March 2016 19:55 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: straw@ietfa.amsl.com
Delivered-To: straw@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DB5E12DAE4 for <straw@ietfa.amsl.com>; Mon, 21 Mar 2016 12:55:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ELGcm5ASEea for <straw@ietfa.amsl.com>; Mon, 21 Mar 2016 12:55:29 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5013412DAF6 for <straw@ietf.org>; Mon, 21 Mar 2016 12:55:15 -0700 (PDT)
Received: from [10.0.1.10] (cpe-70-119-203-4.tx.res.rr.com [70.119.203.4]) (authenticated bits=0) by nostrum.com (8.15.2/8.14.9) with ESMTPSA id u2LIcJcZ061255 (version=TLSv1 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 21 Mar 2016 13:38:19 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-119-203-4.tx.res.rr.com [70.119.203.4] claimed to be [10.0.1.10]
From: Ben Campbell <ben@nostrum.com>
To: Ram Mohan R <rmohanr@cisco.com>
Date: Mon, 21 Mar 2016 13:38:18 -0500
Message-ID: <9F61F2A3-355F-4053-B110-3899CF337A4E@nostrum.com>
In-Reply-To: <D314CB23.5573B%rmohanr@cisco.com>
References: <20151201045818.23491.19134.idtracker@ietfa.amsl.com> <E63559A7-6A37-496C-AAD9-426AB697FD65@nostrum.com> <D2851411.4B35B%rmohanr@cisco.com> <DB9B999A-DAF0-440B-BDD4-445368AFFCE2@cooperw.in> <DAE78890-C8B2-42DE-BCC3-A994CB9AF668@nostrum.com> <1D498CDA-C8B6-4215-A718-7C5302B5CF2D@cooperw.in> <01E4CF3B-6C31-4A97-8155-8DC06443A7C2@nostrum.com> <A6B3CA82-DC74-48AB-80B7-EBF1462A964E@nostrum.com> <D2C25ED1.4E4DA%rmohanr@cisco.com> <23C852C2-1B96-4739-91ED-8B4C0FF97279@cooperw.in> <D314CB23.5573B%rmohanr@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate (1.9.4r5234)
Archived-At: <http://mailarchive.ietf.org/arch/msg/straw/YNVKkj51DN65j37Uvb0qYXYg2Lc>
Cc: Alissa Cooper <alissa@cooperw.in>, "straw@ietf.org" <straw@ietf.org>, "christer.holmberg@ericsson.com" <christer.holmberg@ericsson.com>
Subject: Re: [straw] Alissa Cooper's Discuss on draft-ietf-straw-b2bua-dtls-srtp-09: (with DISCUSS and COMMENT)
X-BeenThere: straw@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Sip Traversal Required for Applications to Work \(STRAW\) working group discussion list" <straw.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/straw>, <mailto:straw-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/straw/>
List-Post: <mailto:straw@ietf.org>
List-Help: <mailto:straw-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/straw>, <mailto:straw-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Mar 2016 19:55:30 -0000

On 20 Mar 2016, at 11:18, Ram Mohan R (rmohanr) wrote:

[...]

>
> -----Original Message-----
> From: Alissa Cooper <alissa@cooperw.in>

[...]

>>
>> = Sec 1.1 and 1.2 =
>>
>> The language about the narrow case for which this document’s 
>> guidance is
>> targeted is better. But I think it needs to emphasize just how much 
>> of a
>> corner case this is. RFC 7362 recommends against latching, and 
>> address
>> hiding is more often provided using TURN. Rather than saying things 
>> like
>> "there are certain B2BUAs that are typically deployed for address 
>> hiding
>> or media latching, as described in [RFC7362]” without any of that
>> context, I would suggest something like “B2BUAs may be deployed for
>> address hiding or media latching [RFC7362], although TURN is more 
>> often
>> used for this purpose and media latching is not recommended due to 
>> its
>> security properties.”
>
>
> Ok. Will add the suggested text:
>
> EXISTING:
> However, there are certain B2BUAs
>    that are typically deployed for address hiding or media latching, 
> as
>    described in [RFC7362], and such B2BUAs are able to perform their
>    functions without requiring termination of DTLS-SRTP sessions i.e.
>    these B2BUAs need not act as DTLS proxy and decrypt the RTP 
> payload.
>
>
> NEW:
> B2BUAs may be deployed for address hiding or media latching [RFC7362],
> although TURN is more often used for this purpose and media latching 
> is not
> recommended due to its security properties. Such B2BUAs are able to
> perform their
> functions without requiring termination of DTLS-SRTP sessions i.e.
> these B2BUAs need not act as DTLS proxy and decrypt the RTP payload.

I think the statement that TURN is more often used for media latching is 
at least somewhat aspirational. But I'm okay with that aspiration :-)

(The reality probably varies by market type and the "purpose" of the 
latching, but that sort of detail would only be a distraction here.)

Ben.

v2.23.0 | Report a Bug | By Email