[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Media Security Requirements Draft: New Requirement

To: "Christer Holmberg (JO/LMF)" <christer.holmberg@xxxxxxxxxxxx>, dwing@xxxxxxxxx, ietf-rtpsec@xxxxxxx
Subject: Media Security Requirements Draft: New Requirement
From: "Hannes Tschofenig" <Hannes.Tschofenig@xxxxxxx>
Date: Sat, 09 Jun 2007 20:17:49 +0200
In-reply-to: <7374777208BDC7449D5620EF9423256704BCED1A@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-rtpsec/mail-archive/>
List-id: <ietf-rtpsec.imc.org>
List-unsubscribe: <mailto:ietf-rtpsec-request@imc.org?body=unsubscribe>
References: <465C9C1B.9080601@xxxxxxx> <7374777208BDC7449D5620EF9423256704BCED1A@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-rtpsec@xxxxxxxxxxxx

Hi Christer, 

I am not sure whether this requirement is directly related to media security (although it impacts it). Would ICE even work if you assume such restrictive middleboxes?

In some sense you seem to say that key management for media security has to be done along the signaling path and not along the media path. 

Do I understand your requirement and your intention properly?

Ciao
Hannes


-------- Original-Nachricht --------
Datum: Tue, 5 Jun 2007 08:55:07 +0200
Von: "Christer Holmberg (JO/LMF)" <christer.holmberg@xxxxxxxxxxxx>
An: "Hannes Tschofenig" <Hannes.Tschofenig@xxxxxxx>, ietf-rtpsec@xxxxxxx, "Dan Wing" <dwing@xxxxxxxxx>
Betreff: RE: Media Security Requirements Draft

> 
> 
> Hi,
> 
> In a previous thread (RE: Fwd: I-D
> ACTION:draft-zimmermann-avt-zrtp-03.txt), when we were discussing
> middleboxes, Dan proposed a requirement saying something like:
> 
> "A solution MUST NOT expect packets to be received on the media path
> until 200 OK, because the media path will be blocked by middleboxes 
> until the 200 OK."
> 
> (I proposed to change "will be blocked" to "may be blocked")
> 
> However, I can't find this requirement in the latest version of the reqs
> draft.
> 
> Regards,
> 
> Christer
>  
> 
> > -----Original Message-----
> > From: owner-ietf-rtpsec@xxxxxxxxxxxx 
> > [mailto:owner-ietf-rtpsec@xxxxxxxxxxxx] On Behalf Of Hannes Tschofenig
> > Sent: 30. toukokuuta 2007 0:33
> > To: ietf-rtpsec@xxxxxxx
> > Subject: Media Security Requirements Draft
> > 
> > 
> > Hi all,
> > 
> > we have published another version of the requirements draft:
> > http://tools.ietf.org/id/draft-wing-media-security-requirements-03.txt
> > 
> > The changes in the draft are focused on the following requirement:
> > 
> > R27:   If SRTP keying is performed over the media path, the keying
> >            packets MUST NOT pass the RTP validity check defined in
> >            Appendix A.1 of [RFC3550
> > <http://www.rfc-editor.org/rfc/rfc3550.txt>]
> > 
> > It seems that we are getting to an end with the requirements work.
> > 
> > Ciao
> > Hannes
> > 
> >

Follow-Ups:
- RE: Media Security Requirements Draft: New Requirement
  - From: Christer Holmberg (JO/LMF)
- RE: Media Security Requirements Draft: New Requirement
  - From: Dan Wing

References:
- Media Security Requirements Draft
  - From: Hannes Tschofenig
- RE: Media Security Requirements Draft
  - From: Christer Holmberg (JO/LMF)

Prev by Date: Re: Additional use cases? (Re: Plan for moving forward)
Next by Date: RE: Media Security Requirements Draft: New Requirement
Previous by thread: RE: Media Security Requirements Draft
Next by thread: RE: Media Security Requirements Draft: New Requirement
Index(es):
- Date
- Thread