Re: [MMUSIC] Handling of unverified data and media
Eric Rescorla <ekr@rtfm.com> Sat, 11 March 2017 00:57 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FCE8129436 for <mmusic@ietfa.amsl.com>; Fri, 10 Mar 2017 16:57:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MypsMrlytfDy for <mmusic@ietfa.amsl.com>; Fri, 10 Mar 2017 16:57:20 -0800 (PST)
Received: from mail-yw0-x22f.google.com (mail-yw0-x22f.google.com [IPv6:2607:f8b0:4002:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D7161289C4 for <mmusic@ietf.org>; Fri, 10 Mar 2017 16:57:20 -0800 (PST)
Received: by mail-yw0-x22f.google.com with SMTP id p77so33809369ywg.1 for <mmusic@ietf.org>; Fri, 10 Mar 2017 16:57:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=wILVOjxFeM0F6d80fMowP3v/ynXwOd/bKQvntsWWOwo=; b=uczFv8KAexKKX6MFlu0PpSOuGQqPnCQZf9irLftVWTk9Ft2qWxGjf6li8+Q25Tchve Vaz8oHppO+8HCkGfla7O2ZRenGpcl5EGxo30VJ+sooiISkW3bi5gg7hIvnVMjapuAD49 q8TGWcIZ14gxw1tmH0jiENOtTvsYJv9CQKDLxOo1WDHTdIq5emSm9Nsfa4JiJed1ax6z Rt+/UyDWp7X4MfCwoGg6PZRnWIF7HpKz0v83j7UAvO/zxzt1VrqxZeITrFCxeZWzfXui pPv5GWq3TTctBTlbTRU0ToU3upgH4fn9L4As1nHkNcO1AloKcGIGxcdHMtPwkqRFNFKd yeYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=wILVOjxFeM0F6d80fMowP3v/ynXwOd/bKQvntsWWOwo=; b=tfHsjgbQ6SlC1zqddWoTk+qucYO5g5ERCCkHDhb0cKFjBlz3qMA+GyXi9fECcg/lhq ABGUYhzlB7HblYM09KyaiTFsTpov768TiNlzNgjGJuk8p/FzntpUUp/ZcvjJdN1jISgj 6Fcsn28dEAfutg4UwALFN+TxUuJXrwdkKkUD1DUEnJAT3/FnKV4BjK82NSDuIt4+68S8 owmBkYVHFMSqs13fRt4CZIVIEuCbUxUNt2DzWLQVC/srcG8f37C4WlNn/wxrJC3yBJH+ UUvikHzpG4udbL8oYEtv4+T8ZMu3kwzbd1KpSZQAeNnTS79+kjpD/6eo/6zaH4qGPFny ToUA==
X-Gm-Message-State: AMke39nJUrfpBg7luU6u9C7VXSITXhS0qxpzy883M6F37WSP4wiHGcBk7J/l5NAPxLxo1oya13z+6DMFy6iHpA==
X-Received: by 10.129.125.5 with SMTP id y5mr9563023ywc.120.1489193839505; Fri, 10 Mar 2017 16:57:19 -0800 (PST)
MIME-Version: 1.0
Received: by 10.129.154.210 with HTTP; Fri, 10 Mar 2017 16:56:38 -0800 (PST)
In-Reply-To: <CAOW+2due+uNyWn-3GQnpXrR-L55XVZSXXRmC0E9-5BSGKynUYA@mail.gmail.com>
References: <CAOW+2dseq8AmLKXFGUaiss8ahpkY1ZzYUD_KdirFE1rskfvqjw@mail.gmail.com> <CABkgnnUc-XsYivUzSs6W4it_Krykr-reJMDJXqKf5FvGw_NBPg@mail.gmail.com> <CAD5OKxvXTsTPaKFNdwS6tPBTAksD=jgiAFGuGMgbepOtBoFT+Q@mail.gmail.com> <CABcZeBO9MP0fqg=ubpgU8+3L9koB5grCyp-O8hS9Pis942-rhA@mail.gmail.com> <CAOW+2due+uNyWn-3GQnpXrR-L55XVZSXXRmC0E9-5BSGKynUYA@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 10 Mar 2017 16:56:38 -0800
Message-ID: <CABcZeBPr4OjUBSUdS3wWmUuRJh7XmgxfVaY1F15mjMAqjbTZRg@mail.gmail.com>
To: Bernard Aboba <bernard.aboba@gmail.com>
Content-Type: multipart/alternative; boundary="001a11493644ce54aa054a69f5b6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/64yy8PDkSSRToqgBs3bi-Z6YXx4>
Cc: Flemming Andreasen <fandreas@cisco.com>, "hta@google.com" <hta@google.com>, mmusic WG <mmusic@ietf.org>
Subject: Re: [MMUSIC] Handling of unverified data and media
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Mar 2017 00:57:22 -0000
Sorry, no, I was just talking about what might or might not be safe.... The doc text is a different question. -Ekr On Fri, Mar 10, 2017 at 4:05 PM, Bernard Aboba <bernard.aboba@gmail.com> wrote: > EKR said: > > "I haven't spent too much time on it, but it seems like it ought to be > safe to hold > anything you receive prior to getting the fingerprint. It might be better, > as MT > suggests, to discard the datachannel data, but I'm not sure why it would be > necessary." > > [BA] So you are saying that the MUST NOT allows the browser to buffer > data/media but not to pass it to the application (in the case of the data > channel) or to play it out? > > On Fri, Mar 10, 2017 at 4:01 PM, Eric Rescorla <ekr@rtfm.com> wrote: > >> I haven't spent too much time on it, but it seems like it ought to be >> safe to hold >> anything you receive prior to getting the fingerprint. It might be >> better, as MT >> suggests, to discard the datachannel data, but I'm not sure why it would >> be >> necessary. >> >> -Ekr >> >> On Fri, Mar 10, 2017 at 2:47 PM, Roman Shpount <roman@telurix.com> wrote: >> >>> My assumption always was that data is received, decoded and discarded >>> until fingerprint is received and verified. This way DTLS handshake >>> completes, key frames are decoded, but user is nor presented with any >>> unverified media. >>> >>> Regards, >>> >>> _____________ >>> Roman Shpount >>> >>> On Thu, Mar 9, 2017 at 6:58 PM, Martin Thomson <martin.thomson@gmail.com >>> > wrote: >>> >>>> I think that the data channel question is easy, anything other than a >>>> "no" is not acceptable. Data in that form enters the security >>>> boundary for an origin and it doesn't make any sense to risk attack >>>> there. (It's also likely unnecessary, if a half a round trip of >>>> signaling is slower than 5 round trips on the media path, then >>>> something is messed up.) >>>> >>>> I'm in two minds about the media part. For media, you could also >>>> reasonably make the same origin-purity argument. I'm inclined to say >>>> that. But we CAN isolate media from the origin (and we definitely >>>> should if we allow this). >>>> >>>> So, the media that arrives had to comply with your offer. The DTLS >>>> handshake also has to complete, which tells the receiver whether the >>>> media needs to be confidential or not (at which point you can disable >>>> this feature). >>>> >>>> It's also possible that a receiver can require that an ICE >>>> connectivity check was made (though this is inbound only, and I'm >>>> unclear on whether having received an inbound check would normally >>>> prevent the receiver from accepting a packet). >>>> >>>> All told, that's a lot of information about the negotiated session for >>>> an attacker to have. The odds of this being an attack would *seem* to >>>> be low. >>>> >>>> On the other hand, we don't assume confidentiality of signaling; the >>>> security model assumes that all this information is effectively public >>>> and the protection we have against attack is the certificate >>>> fingerprint. This would remove that protection, albeit for a short >>>> duration. >>>> >>>> I have an extra question: does anyone plan to implement this? It's >>>> non-trivial. I think that I know what I'd need to do in Firefox and >>>> it would be quite disruptive. Before committing to do that work >>>> (which I will leave to others closer to this to decide), I'd probably >>>> want more information on the actual advantage that it provides. >>>> >>>> On 10 March 2017 at 07:10, Bernard Aboba <bernard.aboba@gmail.com> >>>> wrote: >>>> > In the W3C WEBRTC WG, an issue has been submitted relating to playout >>>> of >>>> > unverified media: >>>> > https://github.com/w3c/webrtc-pc/issues/849 >>>> > >>>> > It has been suggested that if the browser is configured to do so, that >>>> > playout be allowed for a limited period (e.g. 5 seconds) prior to >>>> > fingerprint verification: >>>> > https://github.com/w3c/webrtc-pc/pull/1026 >>>> > >>>> > Section 6.2 of draft-ietf-mmusic-4572-update-13 contains the >>>> following text, >>>> > carried over from RFC 4572: >>>> > >>>> > Note that when the offer/answer model is being used, it is possible >>>> > for a media connection to outrace the answer back to the offerer. >>>> > Thus, if the offerer has offered a 'setup:passive' or >>>> 'setup:actpass' >>>> > role, it MUST (as specified in RFC 4145 [7]) begin listening for an >>>> > incoming connection as soon as it sends its offer. However, it >>>> MUST >>>> > NOT assume that the data transmitted over the TLS connection is >>>> valid >>>> > until it has received a matching fingerprint in an SDP answer. If >>>> > the fingerprint, once it arrives, does not match the client's >>>> > certificate, the server endpoint MUST terminate the media >>>> connection >>>> > with a bad_certificate error, as stated in the previous paragraph. >>>> > >>>> > Given the outstanding issue relating to handling of unverified media, >>>> the >>>> > Chairs of the W3C WEBRTC WG would like to request clarification from >>>> the >>>> > IETF MMUSIC WG as to the meaning of the "MUST NOT" in the above >>>> paragraph. >>>> > In particular, what is it permitted for an implementation to do with >>>> > received data and media prior to verification? For example: >>>> > >>>> > 1. May data received over the data channel be provided to the >>>> > application prior to verification? >>>> > a. If the answer to the above is "no", may unverified >>>> received data >>>> > be delivered by the DTLS transport to SCTP, which may buffer it? >>>> > 2. May received media be played out prior to verification? >>>> > >>>> > Bernard Aboba >>>> > On behalf of the W3C WEBRTC WG >>>> > >>>> > _______________________________________________ >>>> > mmusic mailing list >>>> > mmusic@ietf.org >>>> > https://www.ietf.org/mailman/listinfo/mmusic >>>> > >>>> >>>> _______________________________________________ >>>> mmusic mailing list >>>> mmusic@ietf.org >>>> https://www.ietf.org/mailman/listinfo/mmusic >>>> >>> >>> >>> _______________________________________________ >>> mmusic mailing list >>> mmusic@ietf.org >>> https://www.ietf.org/mailman/listinfo/mmusic >>> >>> >> >> _______________________________________________ >> mmusic mailing list >> mmusic@ietf.org >> https://www.ietf.org/mailman/listinfo/mmusic >> >> >
- [MMUSIC] Handling of unverified data and media Bernard Aboba
- Re: [MMUSIC] Handling of unverified data and media Martin Thomson
- Re: [MMUSIC] Handling of unverified data and media Roman Shpount
- Re: [MMUSIC] Handling of unverified data and media Eric Rescorla
- Re: [MMUSIC] Handling of unverified data and media Bernard Aboba
- Re: [MMUSIC] Handling of unverified data and media Eric Rescorla
- Re: [MMUSIC] Handling of unverified data and media Christer Holmberg
- Re: [MMUSIC] Handling of unverified data and media Iñaki Baz Castillo
- Re: [MMUSIC] Handling of unverified data and media Christer Holmberg
- Re: [MMUSIC] Handling of unverified data and media Iñaki Baz Castillo
- Re: [MMUSIC] Handling of unverified data and media Christer Holmberg
- Re: [MMUSIC] Handling of unverified data and media Cullen Jennings
- Re: [MMUSIC] Handling of unverified data and media Martin Thomson
- Re: [MMUSIC] Handling of unverified data and media Jonathan Lennox
- Re: [MMUSIC] Handling of unverified data and media Roman Shpount
- Re: [MMUSIC] Handling of unverified data and media Christer Holmberg
- Re: [MMUSIC] Handling of unverified data and media Jonathan Lennox
- Re: [MMUSIC] Handling of unverified data and media Christer Holmberg
- Re: [MMUSIC] Handling of unverified data and media Cullen Jennings
- Re: [MMUSIC] Handling of unverified data and media Peter Thatcher
- Re: [MMUSIC] Handling of unverified data and media Martin Thomson
- Re: [MMUSIC] Handling of unverified data and media Bernard Aboba
- Re: [MMUSIC] Handling of unverified data and media Martin Thomson
- Re: [MMUSIC] Handling of unverified data and media Peter Thatcher
- Re: [MMUSIC] Handling of unverified data and media Roman Shpount
- Re: [MMUSIC] Handling of unverified data and media Cullen Jennings
- Re: [MMUSIC] Handling of unverified data and media Cullen Jennings
- Re: [MMUSIC] Handling of unverified data and media Martin Thomson
- Re: [MMUSIC] Handling of unverified data and media Peter Thatcher
- Re: [MMUSIC] Handling of unverified data and media Roman Shpount
- Re: [MMUSIC] Handling of unverified data and media Peter Thatcher