[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Media Security Requirements Draft: New Requirement

To: "'Christer Holmberg \(JO/LMF\)'" <christer.holmberg@xxxxxxxxxxxx>, "'Hannes Tschofenig'" <Hannes.Tschofenig@xxxxxxx>, <ietf-rtpsec@xxxxxxx>
Subject: RE: Media Security Requirements Draft: New Requirement
From: "Dan Wing" <dwing@xxxxxxxxx>
Date: Wed, 27 Jun 2007 22:46:28 -0700
Authentication-results: sj-dkim-3; header.From=dwing@xxxxxxxxx; dkim=pass (s ig from cisco.com/sjdkim3002 verified; );
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1554; t=1183009589; x=1183873589; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=dwing@xxxxxxxxx; z=From:=20=22Dan=20Wing=22=20<dwing@xxxxxxxxx> |Subject:=20RE=3A=20Media=20Security=20Requirements=20Draft=3A=20New=20Re quirement |Sender:=20; bh=63BPa4pRsmvdE9/Oo5yOSK11lt+khCj1z+A9qQ36xpo=; b=nrB8Gk+fkn63z+Uq1HSfr4/GV2ZsWbS6iHO4Atqk1rhGDgO7fZLC/rvkmHKKXPQG8jjM+Ju4 Q2nn6syIfA/mbrudztzW4lwPkLqrj0hFkgPgfgIe+biQ3TnDA4ZyYyvK;
In-reply-to: <7374777208BDC7449D5620EF9423256706622052@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-rtpsec/mail-archive/>
List-id: <ietf-rtpsec.imc.org>
List-unsubscribe: <mailto:ietf-rtpsec-request@imc.org?body=unsubscribe>
Sender: owner-ietf-rtpsec@xxxxxxxxxxxx
Thread-index: Aceqwn0ZMUIi4xoxQOSjpD12BiMS0QJLmpSQAEKRJ+AAnWoTkAAFwVJwACP3XCAACxFjMAAbvyWwAA8qWzAABMTkIAARJRSg

 

> -----Original Message-----
> From: Christer Holmberg (JO/LMF) 
> [mailto:christer.holmberg@xxxxxxxxxxxx] 
> Sent: Wednesday, June 27, 2007 2:45 PM
> To: Dan Wing; Hannes Tschofenig; ietf-rtpsec@xxxxxxx
> Subject: RE: Media Security Requirements Draft: New Requirement
> 
> 
> Hi, 
> 
> >>The main point is that I am telling how many networks 
> (again, it's not
> 
> >> IMS specific) work today.
> > 
> >I agree the problems are not specific to RTPSEC.  SIP doesn't 
> >consider this stuff, neither does AVT.  IETF doesn't give 
> >much thought to firewalls or anything that blocks packets.
> > 
> >>But, if we don't want to take that into consideration I 
> would suggest 
> >>that we clearly state, in order to avoiding having similar 
> discussions
> 
> >>in the future, that the mechanism we are working on may not be
> applicable to networks where these kind of functions 
> >>exist.
> > 
> >As this isn't specific to RTPSEC (this isn't the place to 
> discuss it),
> why burden only RTPSEC with this?  It implies 
> >that only RTPSEC keying will break, when in reality other SIP things
> will break.
> 
> I don't see it as a burden, and I don't think it implies that 
> there may
> not be problems elsewhere.

I expect most would consider breaking ICE to be a problem,
especially as it's the only mechanism that will work on any
network for NAT traversal (unlike UPnP, NSIS, etc.).

> I see it as a clarification of the scope and
> applicability of the mechanism we're working on in RTPSEC.

-d

Follow-Ups:
- RE: Media Security Requirements Draft: New Requirement
  - From: Christer Holmberg (JO/LMF)

References:
- RE: Media Security Requirements Draft: New Requirement
  - From: Christer Holmberg (JO/LMF)

Prev by Date: RE: Media Security Requirements Draft: New Requirement
Next by Date: RE: Media Security Requirements Draft: New Requirement
Previous by thread: RE: Media Security Requirements Draft: New Requirement
Next by thread: RE: Media Security Requirements Draft: New Requirement
Index(es):
- Date
- Thread