Re: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=

To: Gonzalo Camarillo <Gonzalo.Camarillo at ericsson.com>
Subject: Re: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=
From: Mark Baugher <mbaugher at cisco.com>
Date: Wed, 23 Feb 2005 18:40:30 -0800
Cc: Flemming Andreasen <fandreas at cisco.com>, Adam Roach <adam at nostrum.com>, Dan Wing <dwing at cisco.com>, Joerg Ott <jo at tzi.uni-bremen.de>, XCON-IETF <xcon at ietf.org>, Colin Perkins <csp at csperkins.org>
Iim-sig: v:"1.1"; h:"imail.cisco.com"; d:"cisco.com"; z:"home"; m:"krs"; t:"1109212497.508457"; x:"432200"; a:"rsa-sha1"; b:"nofws:1822"; e:"Iw=="; n:"sQYarK2E51MdcTiUqeif3F7cWdxIfoCiXhdfb9vD5ee/j0jXL15gbFxF2p" "XIweAblu0N6XAgK7k+wrbr7bQDJaCDqOmzqpRUBjIRQAXQ7NzadpmR3pUL6wxaRUtW+c43sl9jC" "50Qg1sXHpPjt8Y+Y16ioyQAQAdSunM4YhevURc="; s:"rDewu1NzeHGojGed7VCnlBINAcD9Bj8TmsooYYI90R9hBonZv7GopYd9SEewfY2eFI04nVDI" "ERdWDtAr7YSNqMRN6GAMDyPKPve8pR7NBd2YW8npItQSJ0hmW0E6mlVNdzcIHLAW02UbCySHZN9" "vkJBN8dmMIcNJvhq8ION4leo="; c:"From: Mark Baugher <mbaugher@cisco.com>"; c:"Subject: Re: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=3D"; c:"Date: Wed, 23 Feb 2005 18:40:30 -0800"
Iim-verify: s:"y"; v:"y"; r:"60"; h:"imail.cisco.com"; c:"message from imail.cisco.com verified; "
In-reply-to: <421C5104.5050903@ericsson.com>
List-help: <mailto:xcon-request@ietf.org?subject=help>
List-id: Centralized Conferencing <xcon.ietf.org>
List-post: <mailto:xcon@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/xcon>, <mailto:xcon-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/xcon>, <mailto:xcon-request@ietf.org?subject=unsubscribe>
References: <4209433A.2000005@nostrum.com> <3d298d2cf5c4d747f4326f93220e2b63@cisco.com> <420A7787.4070009@nostrum.com> <82c26fb0ab3fa1c16dde5d52dab383e4@cisco.com> <421C5104.5050903@ericsson.com>
Sender: xcon-bounces at ietf.org

Gonzalo, I think Security Descriptions is probably the way to go when you replace k= and I think we're agreed that you need to replace k=. I'd like to hear any opinions my co-authors might have but this sounds like a Security Descriptions usage.

Mark
On Feb 23, 2005, at 1:46 AM, Gonzalo Camarillo wrote:

Mark,
This sounds okay to me but there are a few additional things to consider. What if you want to change to a different cryptographic hashing algorithm than SHA-1? Is there any chance that the application might need to offer some alternatives and allow these to be negotiated? Have you considered using SDP Security Descriptions in place of k= for this purpose?
Yes, having a way to negotiate different hashing algorithms is something that we may want to add to BFCP. We could add to the "DIGEST TLV Required" error response a placeholder for different algorithm identifiers. This way, a client would obtain the algorithms supported by the server on reception of the same response that would carry the nonce.

So, I do not see any problem with adding this feature to the protocol. However, the MMUSIC draft also defines a nonce attribute. The idea is that a client can obtain the first nonce directly in the SDP. This way, the server does not need to challenge the first message from the client only to provide a nonce.

But if the purpose of the challenge is not only to provide a nonce, but also to provide a list of algorithms, either we get rid of the SDP nonce attribute and forget about the optimization, or we include the list of algorithms in the SDP as well. If we decide to include it, the 'crypto' algorithm defined in SDP Security Descriptions could carry the list of algorithms.
So, the options are:
1) The client can only discover the algorithms supported by the server using BFCP. We use the SDP 'k' line

2) SDP is used to provide the client with an initial nonce and the list of agorithms supported by the server. We use SDP Security Descriptions. We would need to define a new transport (the only one defined so far is SRTP) and define tags for the crypto suites applicable to BFCP
My proposal would be to go for 2)
Comments?
Gonzalo


_______________________________________________
XCON mailing list
XCON at ietf.org
https://www1.ietf.org/mailman/listinfo/xcon

References:
- [XCON] BFCP: SDP usage and k=
  - From: Adam Roach
- [XCON] Re: [MMUSIC] BFCP: SDP usage and k=
  - From: Mark Baugher
- Re: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=
  - From: Adam Roach
- Re: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=
  - From: Mark Baugher
- Re: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=
  - From: Gonzalo Camarillo

Prev by Date: RE: [XCON] draft on MSRP conferencing
Next by Date: Re: [XCON] draft on MSRP conferencing
Previous by thread: Re: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=
Next by thread: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=
Index(es):
- Date
- Thread

Re: [XCON] Re: [MMUSIC] BFCP: SDP usage and k=

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.