Dean, I like your approach.
Ciao Hannes >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >Behalf Of ext Fischer, Kai >Sent: 25 June, 2008 11:06 >To: Dean Willis; [email protected]; Eric Rescorla; Jason Fischl >Cc: Cullen Jennings; Keith Drage >Subject: Re: [Sip] A proposal for breaking the DTLS-SRTP vs >RFC4474gatewaydeadlock > >If it is the goal to proceed with the DTLS-SRTP framework >timely and to reach the milestone, that's the only reasonable >approach. However, I hope there will be support to fix RFC >4474 and we can address the backwards compatibility issues. > >Kai > > >> -----Original Message----- >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >Behalf Of >> Dean Willis >> Sent: Dienstag, 24. Juni 2008 19:22 >> To: [email protected]; Eric Rescorla; Jason Fischl >> Cc: Cullen Jennings; Keith Drage >> Subject: [Sip] A proposal for breaking the DTLS-SRTP vs >> RFC4474 gatewaydeadlock >> >> >> We've gotten stuck on a fine point in DTLS-SRTP. >> >> The current draft-ietf-sip-dtls-srtp-framework-01 uses an RFC 4474 >> Identity header to preserve the integrity of the media key's >> fingerprint, thereby detecting a certain class of MITM attack. >> >> However, RFC 4474 Identity headers are of questionable validity when >> used with protocol gateways or B2BUAs. More or less, >they're capable >> of asserting the identity of the gateway, not the identity of the >> calling party. But the recipient has no real way to figure out which >> is which. >> >> We've debated at some length, and with no good result, about whether >> we should try and fix RFC 4474. We've had some suggestions that may >> work for B2BUAs, and some other suggestions that may work for >> gateways, but we certainly don't have a consensus. >> >> That leaves our chartered deliverable of DTLS-SRTP hanging, and the >> milestone has gone past months ago. >> >> Here's a proposal: >> >> We add a caveat about the limitation of RFC 4474 to draft-ietf-sip- >> dtls-srtp-framework and go ahead and advance that specification. If >> somebody later decides to fix RFC 4474, they can do so, and if >> necessary update DTLS-SRTP if needed. >> >> >> Does that work for everybody? >> >> If we agree to it, I suggest that we move the date for WGLC >of draft- >> ietf-sip-dtls-srtp-framework to July 2008, and move the >milestone for >> delivery of that doc to the IESG into September. >> >> -- >> Dean >> _______________________________________________ >> Sip mailing list https://www.ietf.org/mailman/listinfo/sip >> This list is for NEW development of the core SIP Protocol Use >> [EMAIL PROTECTED] for questions on current sip Use >> [EMAIL PROTECTED] for new developments on the application of sip >> >_______________________________________________ >Sip mailing list https://www.ietf.org/mailman/listinfo/sip >This list is for NEW development of the core SIP Protocol Use >[EMAIL PROTECTED] for questions on current sip >Use [EMAIL PROTECTED] for new developments on the application of sip > _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
