IETF Logo Mail Archive

Re: [MMUSIC] [rtcweb] Draft new: draft-wang-mmusic-encrypted-ice-candidates

Roman Shpount <roman@telurix.com> Wed, 13 November 2019 20:49 UTC

Return-Path: <roman@telurix.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B13B61200B3 for <mmusic@ietfa.amsl.com>; Wed, 13 Nov 2019 12:49:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telurix-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kpi0JzT6FXSe for <mmusic@ietfa.amsl.com>; Wed, 13 Nov 2019 12:49:42 -0800 (PST)
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DEE712026E for <mmusic@ietf.org>; Wed, 13 Nov 2019 12:49:42 -0800 (PST)
Received: by mail-pl1-x62c.google.com with SMTP id s10so1577190plp.2 for <mmusic@ietf.org>; Wed, 13 Nov 2019 12:49:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6+lB/73GVK4ip+XaUhH+CnTvLCh0vP4gwLj8Z2pu6v4=; b=L0Q/Py4n9sTKBbu8SfvoN3pWrGyOPPTewLlkxMGIPfdUGowPfowXkRKUVRmLWDhTOp wGOjUz2cq/TtpNNOnJDvoneXnb0chn+Wz87YFGOOhM3L4FdsmvnZfc2X+zXrkfaNhqSC sEc3BFHizq994EDtwuByRW5YsIUZvCMz/M1WIeSGlS3AVOkhUmcfpgdRCn4bBB0sgDM+ LhTYypQABVHx897ato2O1D0dc05I50iE2Nhm9BGO2yNmxWJy4y3vuN1/LfMNCVpx+7Q1 WTqUUWlcQ3WkfGH1l3TDV1Nof7R2CS//mV//nq+VyASPaKcBfdeZNlysxMRNkirzADJK wYiA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6+lB/73GVK4ip+XaUhH+CnTvLCh0vP4gwLj8Z2pu6v4=; b=OQPI9ddfasolgn0x31SiXE1gYCYrknmNM84ab6FxWn4i7zU+dFkyHXL726PsIjL/9s NdIYBk88s8TazYEyOLjNKfuV97gPPSiE2FGGnktSYz2ueq2wwyOgYWy1fIpmSXs2zMcY D0J4nlEyi/AoG//biquCGnYr5lKgmcbeBYngv+bEWGKSnQmKOrMrLAdIZj+QF3GI0Az1 oP0OSxCNPQRKavb4vOwGPb6G7vpWQibAxI/dXVbCS/jRhEYXFqKTrigfHLOQ4UpMp2q6 y0Ll8JGG3OBO9svWWuY0srmhqWKmJSjTTUGdZD4Ifhu4yu0pjLnEMto1VEuS370MwuoQ WaIw==
X-Gm-Message-State: APjAAAVda9U9nTou1N6c6LTC9XQb3iL6ieczUyjC+0ZpNfrugGvMI7jc Ok7gbaxhkALnebB2P+5IFq6o5ZKC1y8=
X-Google-Smtp-Source: APXvYqyURPF0eQOz7vn0LGwHi3aX6+6tl3vWp+/mDnisxDMJ8DLslFIperTZoUz/SE/NAkbaFnDiqg==
X-Received: by 2002:a17:902:8502:: with SMTP id bj2mr3815816plb.303.1573678181401; Wed, 13 Nov 2019 12:49:41 -0800 (PST)
Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com. [209.85.210.173]) by smtp.gmail.com with ESMTPSA id f24sm3183391pjp.12.2019.11.13.12.49.40 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 13 Nov 2019 12:49:40 -0800 (PST)
Received: by mail-pf1-f173.google.com with SMTP id q26so2423662pfn.11; Wed, 13 Nov 2019 12:49:40 -0800 (PST)
X-Received: by 2002:a63:b20f:: with SMTP id x15mr5848925pge.65.1573678179591; Wed, 13 Nov 2019 12:49:39 -0800 (PST)
MIME-Version: 1.0
References: <CA+m752++Frkcq00Lcg0x6is+cWtg2NNf6unWdEiaG1JwTfNMQw@mail.gmail.com> <20191111090356.mfkn2nbzim7xvhg4@38f9d359441f.ant.amazon.com> <FDD5658B-7D2D-4FE8-9F61-6D9994D731AA@ericsson.com> <20191112224957.47lozyfu67lflz23@38f9d359441f.ant.amazon.com> <CALiegfmPby9-=qAkL8-eHh=ROwkdC6cNX_x=y2kCrtJJ_k5_fw@mail.gmail.com> <20191112230828.cuyvl4h2rqzuz3yl@38f9d359441f.ant.amazon.com> <CAOJ7v-0Rjd99DRgh-6YcciGn8nKeb04fUXLjccBCd3R7FwZf9Q@mail.gmail.com>
In-Reply-To: <CAOJ7v-0Rjd99DRgh-6YcciGn8nKeb04fUXLjccBCd3R7FwZf9Q@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
Date: Wed, 13 Nov 2019 15:49:26 -0500
X-Gmail-Original-Message-ID: <CAD5OKxs_ksaa6tS=imzBPsigJSEvfZpjosed24Mqxhmx1Ouhqg@mail.gmail.com>
Message-ID: <CAD5OKxs_ksaa6tS=imzBPsigJSEvfZpjosed24Mqxhmx1Ouhqg@mail.gmail.com>
To: Justin Uberti <juberti=40google.com@dmarc.ietf.org>
Cc: "mmusic@ietf.org" <mmusic@ietf.org>, Alex Drake <alexdrake@google.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>, Christer Holmberg <christer.holmberg@ericsson.com>, Qingsi Wang <qingsi=40google.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e2acb10597408056"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/BcV3bUt6CKq7Ge-gCitnAeRo0E0>
Subject: Re: [MMUSIC] [rtcweb] Draft new: draft-wang-mmusic-encrypted-ice-candidates
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2019 20:49:44 -0000

On Wed, Nov 13, 2019 at 3:33 PM Justin Uberti <juberti=
40google.com@dmarc.ietf.org> wrote:

> Because the network is managed, key distribution is much less complicated
> than it otherwise would be in the general case. I would suggest we focus on
> solving this specific problem and, if successful, we can see if we can take
> this solution further.
>

I agree that since network is managed, solution is much simpler, but we
still might need to deal with some key distribution issues, specifically
procedure for key upgrade within the network. During such upgrade one keys
is typically used for encryption but multiple set of keys can be used to
decrypt the candidate (due to key propagation delay through the network).
One option is to try all available keys and only discard the candidate if
it cannot be decoded using any available key.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email