RE: Media Security Requirements Draft

["Christer Holmberg (JO/LMF)" <christer.holmberg@xxxxxxxxxxxx>]

Hi,

Chapter 3.2 of the draft, talking about forking, says:

"Further compounding this problem is a particularity of SIP that when
forking is used, there is always only one final error response
delivered to the sender of the request: the forking proxy is
responsible for choosing which final response to choose in the event
where forking results in multiple final error responses being
received by the forking proxy.  This means that if a request is
rejected, say with information that the keying information was
rejected and providing the far end's credentials, it is very possible
that the rejection will never reach the sender."

I would like to inform the people here that I in SIPPING have submitted
a -01 version of a draft which defines a 199 response code, which can be
used by forking proxies to inform the UAC when a dialog has been
terminated. I've also mentioned media security as a use-case. Please
have a look if you're interested.

http://users.piuha.net/cholmber/drafts/draft-holmberg-sipping-199-01.txt

Regards,

Christer




 

> -----Original Message-----
> From: owner-ietf-rtpsec@xxxxxxxxxxxx 
> [mailto:owner-ietf-rtpsec@xxxxxxxxxxxx] On Behalf Of Hannes Tschofenig
> Sent: 30. toukokuuta 2007 0:33
> To: ietf-rtpsec@xxxxxxx
> Subject: Media Security Requirements Draft
> 
> 
> Hi all,
> 
> we have published another version of the requirements draft:
> http://tools.ietf.org/id/draft-wing-media-security-requirements-03.txt
> 
> The changes in the draft are focused on the following requirement:
> 
> R27:   If SRTP keying is performed over the media path, the keying
>            packets MUST NOT pass the RTP validity check defined in
>            Appendix A.1 of [RFC3550
> <http://www.rfc-editor.org/rfc/rfc3550.txt>]
> 
> It seems that we are getting to an end with the requirements work.
> 
> Ciao
> Hannes
> 
>