Dean, Yes, that would work for me, given an intent to push ahead with trying to fix the RFC 4474 issues, e.g., through your proposed RETIRE WG.
John > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Dean Willis > Sent: 24 June 2008 18:22 > To: [email protected]; Eric Rescorla; Jason Fischl > Cc: Cullen Jennings; Keith Drage > Subject: [Sip] A proposal for breaking the DTLS-SRTP vs > RFC4474 gateway deadlock > > > We've gotten stuck on a fine point in DTLS-SRTP. > > The current draft-ietf-sip-dtls-srtp-framework-01 uses an RFC 4474 > Identity header to preserve the integrity of the media key's > fingerprint, thereby detecting a certain class of MITM attack. > > However, RFC 4474 Identity headers are of questionable validity when > used with protocol gateways or B2BUAs. More or less, they're > capable > of asserting the identity of the gateway, not the identity of the > calling party. But the recipient has no real way to figure out which > is which. > > We've debated at some length, and with no good result, about whether > we should try and fix RFC 4474. We've had some suggestions that may > work for B2BUAs, and some other suggestions that may work for > gateways, but we certainly don't have a consensus. > > That leaves our chartered deliverable of DTLS-SRTP hanging, and the > milestone has gone past months ago. > > Here's a proposal: > > We add a caveat about the limitation of RFC 4474 to draft-ietf-sip- > dtls-srtp-framework and go ahead and advance that specification. If > somebody later decides to fix RFC 4474, they can do so, and if > necessary update DTLS-SRTP if needed. > > > Does that work for everybody? > > If we agree to it, I suggest that we move the date for WGLC of draft- > ietf-sip-dtls-srtp-framework to July 2008, and move the > milestone for > delivery of that doc to the IESG into September. > > -- > Dean > _______________________________________________ > Sip mailing list https://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use [EMAIL PROTECTED] for questions on current sip > Use [EMAIL PROTECTED] for new developments on the application of sip > _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
