IETF Logo Mail Archive

Re: [MMUSIC] draft-dtls-sdp: Allow offerer to establish DTLS association before it has received the SDP answer?

Paul Kyzivat <paul.kyzivat@comcast.net> Thu, 08 June 2017 19:09 UTC

Return-Path: <paul.kyzivat@comcast.net>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93D94128CF0 for <mmusic@ietfa.amsl.com>; Thu, 8 Jun 2017 12:09:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YbXh8Ji2U1Kq for <mmusic@ietfa.amsl.com>; Thu, 8 Jun 2017 12:09:52 -0700 (PDT)
Received: from resqmta-ch2-12v.sys.comcast.net (resqmta-ch2-12v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D482126CF9 for <mmusic@ietf.org>; Thu, 8 Jun 2017 12:09:52 -0700 (PDT)
Received: from resomta-ch2-18v.sys.comcast.net ([69.252.207.114]) by resqmta-ch2-12v.sys.comcast.net with SMTP id J2oRdDzUmdlFQJ2oZdpehL; Thu, 08 Jun 2017 19:09:51 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20161114; t=1496948991; bh=+bNadLDqAyqZM1F+B5CRTWSh0RkyxUVI5ouM27HyBr8=; h=Received:Received:Subject:To:From:Message-ID:Date:MIME-Version: Content-Type; b=IHHeZLGcHQ1YKyRD2zI25GFcCU5S8PKbs96HMqlYBJERwj+/AgA3x6+NzYF/9vP92 d4HFlVkwpn1zy+FWWf8LoR8i1VbQHGuSDL95fDNSjk1U5vwpJfqXFYUwI5OXa/TeKT 7rHKUSxyJUw6UGAZJBCiwga9dPoEXG9QQOJa+J3Q1P4h67oVpFkI8oOOevEYGN/urX jybO4WKDWznxQZYF36K31SXZCb5s45exYgNe1txJIARLUyoRGuH6WaUGtOHyMLzatA VrWoFXIsf/2N9m7mrxDXqVEGelXGinrRG0VK5QDLg9PYFPb10sT7kWtj6Ykjdo81mF YlrN3qh9LD4Zw==
Received: from [192.168.1.110] ([24.62.227.142]) by resomta-ch2-18v.sys.comcast.net with SMTP id J2oYd9OxcStKdJ2oZdxyhZ; Thu, 08 Jun 2017 19:09:51 +0000
To: mmusic@ietf.org
References: <D551D683.1D429%christer.holmberg@ericsson.com> <22C94242-218F-4724-AE92-E0B1E8DC2C82@nostrum.com> <21E8BA9D-E442-4DBC-8A7D-CEDFD5F54F8B@iii.ca> <CAD5OKxujAuzJt4QD6JXKHkVd4JB_nO5Th6KXjavMBww=W4644Q@mail.gmail.com> <6125EAB1-A827-4E0F-B756-78F85BB411CD@iii.ca> <CAD5OKxutcpUzh1yLA2kukmYmiHQg3+6fuXbaD0w73gzsAHEXzg@mail.gmail.com> <e80f0fbe-221e-aa9b-33bd-24d2ff50fe84@cisco.com> <6D9B0AD9-F9C9-4DF6-A2AB-D160094E5FE3@iii.ca>
From: Paul Kyzivat <paul.kyzivat@comcast.net>
Message-ID: <7a029c60-a5fb-bc38-1080-7ff9e08f48a8@comcast.net>
Date: Thu, 08 Jun 2017 15:09:50 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version: 1.0
In-Reply-To: <6D9B0AD9-F9C9-4DF6-A2AB-D160094E5FE3@iii.ca>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-CMAE-Envelope: MS4wfMyHlFjL2/YBj/6DrYdbpV4xop9wW0zW7DLQgK+w+155DgpptCCABLnA353Al0rPXZm1OcvO6tjS6V/UthW+nyeFJ5v28erKyL52/CTl7MoVchzhr8tm oiEaeDTUgOUm2JicMujyllasEVpUSs19mXUyomHR3F+OoBFG/Fc9GLK3
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/K7qwctaM8uggLV55js9uS0X9Ubk>
Subject: Re: [MMUSIC] draft-dtls-sdp: Allow offerer to establish DTLS association before it has received the SDP answer?
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Jun 2017 19:09:55 -0000

On 6/8/17 9:25 AM, Cullen Jennings wrote:
> 
> I think the key things are:
> 
> For devices that want to minimize delay in setting up media and avoid media clipping, doing the TLS handshake as soon as possible is good design but in some cases this means the system does  the handshake before the identity of the fingerprint is known.
> 
> If this is done, there is a risk of sending or receiving media before the identity of the remote side is known and the system needs to be designed to deal with theses risks in a way that is appropriate for the system that uses this.
> 
> Receiving media from an unknown sources typically has fairly low risk while sending human generated media, such as the input from a microphone or camera, to a unknown users has much higher privacy risks.
> 
> If we agree on the above, I think we could get text that covers that. Note that I think the key thing one needs to wait for is not just the fingerprint in the Answer but also knowing the identity of the Answer. In many cases this is just the From in the answer as the signaling is trusted but in case where it is not, the key thing is to  know the media is going to the appropriate person and that might involve more that just having the fingerprint in the answer.

The above discussion only pertains to DTLS used for *media*. Some 
additional consideration is needed regarding non-media usage. (Notably 
data channels.)

	Thanks,
	Paul

>> On Jun 7, 2017, at 3:52 PM, Flemming Andreasen <fandreas@cisco.com> wrote:
>>
>> Can we get some specific text proposals from the people that seem to care about what we end up with here ?
>>
>> Thanks
>>
>> -- Flemming (as MMUSIC co-chair)
>>
>>
>> On 6/5/17 12:58 PM, Roman Shpount wrote:
>>> On Mon, Jun 5, 2017 at 10:03 AM, Cullen Jennings <fluffy@iii.ca> wrote:
>>>
>>>> On May 31, 2017, at 4:51 PM, Roman Shpount <roman@telurix.com> wrote:
>>>>
>>>> 1. Starting DTLS handshake until the corresponded answer is received is NOT RECOMMENDED since it can result in unauthenticated media. If unauthenticated media is played to the end user, in cases such as early media in SIP calls, this should be indicated to the end user.
>>>
>>> No. Doing the handshake as quickly as possible is recommend - it's what you do with the media before you know who you are talking to that is the issue you are concerned with. And knowing who you are talking often involves much more than checking the fingerprint. So I don't agree this is not recommended.
>>>
>>> There are also implementation issues with getting media and not playing it. End point will still need to either buffer or somehow process the received packets so that playback can be started when the answer is received. If handshake is delayed until answer is received, none of this is an issue, so implementation is simpler.
>>>
>>> More importantly, I do not think new systems should be built without ICE. I understand there are legacy implementations which use symmetric UDP for media. In such cases it is allowed to complete handshake. Such solutions are legacy and building new systems like this are not recommended. It is recommended that new systems should implement full ICE, consent to send, and do not complete DTLS handshake before an answer SDP is received.
>>>
>>> Regards,
>>> _____________
>>> Roman Shpount
>>>   
>>
> 
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic
>

v2.23.0 | Report a Bug | By Email