[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Doc we need to have draft-ietf-sip-dtls-srtp-framework-01 on the -71 agenda?

To: Dean Willis <dean.willis at softarmor.com>
Subject: Re: [Sip] Doc we need to have draft-ietf-sip-dtls-srtp-framework-01 on the -71 agenda?
From: Jonathan Rosenberg <jdrosen at cisco.com>
Date: Thu, 28 Feb 2008 14:18:30 -0500
Authentication-results: sj-dkim-2; header.From=jdrosen at cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
Cc: sip at ietf.org
Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=956; t=1204226329; x=1205090329; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jdrosen at cisco.com; z=From:=20Jonathan=20Rosenberg=20<jdrosen at cisco.com> |Subject:=20Re=3A=20[Sip]=20Doc=20we=20need=20to=20have=20d raft-ietf-sip-dtls-srtp-framework-01=0A=20on=20the=20-71=20a genda? |Sender:=20; bh=mQ+8R1R46a7/a0Bfs3DSSasX0h+VHIq/ORPkRCOr/Js=; b=hgL3J+U29MuwzEEe2TJ9MmigQWm+rhNOhWWNggAYIux7eRs23D7aKPH154 xDuN+ZWGlwml5VpfNRM9wYjpGM/NSrNqYFj32D9ruUJBCWJ/9el7vibgq00G MYa+w7Rb8f;
In-reply-to: <47C6F876.4060809 at softarmor.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <47C6F876.4060809 at softarmor.com>
Sender: sip-bounces at ietf.org
User-agent: Thunderbird 2.0.0.9 (Windows/20071031)

Dean Willis wrote:
> Is there any need for discussion of the DTLS framework
> (draft-ietf-sip-dtls-srtp-framework-01) during our meeting?
> 
> The authors think that it is pretty much ready for WGLC and that all
> known issues have been resolved.

I do not agree.

One of the points I raise in my rfc4474-concerns draft is that dtls-srtp 
is basing integrity of the fingerprint on 4474, and that 4474 does not 
provide integrity against intermediary modifications of the number, and 
even for user at domain names this can happen.

I think this needs to be called out in the draft. The security 
considerations section does not discuss this.

-Jonathan R.

-- 
Jonathan D. Rosenberg, Ph.D.                   499 Thornall St.
Cisco Fellow                                   Edison, NJ 08837
Cisco, Voice Technology Group
jdrosen at cisco.com
http://www.jdrosen.net                         PHONE: (408) 902-3084
http://www.cisco.com
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] Doc we need to have draft-ietf-sip-dtls-srtp-framework-01 on the -71 agenda?
  - From: Eric Rescorla

References:
- [Sip] Doc we need to have draft-ietf-sip-dtls-srtp-framework-01 on the -71 agenda?
  - From: Dean Willis

Prev by Date: Re: [Sip] comments on draft-kupwade-sip-iba-00
Next by Date: Re: [Sip] Doc we need to have draft-ietf-sip-dtls-srtp-framework-01 on the -71 agenda?
Previous by thread: [Sip] Doc we need to have draft-ietf-sip-dtls-srtp-framework-01 on the -71 agenda?
Next by thread: Re: [Sip] Doc we need to have draft-ietf-sip-dtls-srtp-framework-01 on the -71 agenda?
Index(es):
- Date
- Thread