Re: [MMUSIC] Handling of unverified data and media

Christer Holmberg <christer.holmberg@ericsson.com> Sat, 11 March 2017 15:24 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07C6B129524 for <mmusic@ietfa.amsl.com>; Sat, 11 Mar 2017 07:24:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.32
X-Spam-Level:
X-Spam-Status: No, score=-2.32 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HCTlhLqkbMGr for <mmusic@ietfa.amsl.com>; Sat, 11 Mar 2017 07:24:27 -0800 (PST)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 767FB129529 for <mmusic@ietf.org>; Sat, 11 Mar 2017 07:24:27 -0800 (PST)
X-AuditID: c1b4fb3a-9b1d39800000539f-78-58c416a9dee4
Received: from ESESSHC021.ericsson.se (Unknown_Domain [153.88.183.81]) by (Symantec Mail Security) with SMTP id A6.98.21407.6A614C85; Sat, 11 Mar 2017 16:24:25 +0100 (CET)
Received: from ESESSMB109.ericsson.se ([169.254.9.56]) by ESESSHC021.ericsson.se ([153.88.183.81]) with mapi id 14.03.0319.002; Sat, 11 Mar 2017 16:24:21 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Iñaki Baz Castillo <ibc@aliax.net>, Roman Shpount <roman@telurix.com>
Thread-Topic: [MMUSIC] Handling of unverified data and media
Thread-Index: AQHSmfBaeuX9ya5EIEOzUwYnxet2SaGPrxoAgAATT2A=
Date: Sat, 11 Mar 2017 15:24:21 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B4CB06EB1@ESESSMB109.ericsson.se>
References: <CAOW+2dseq8AmLKXFGUaiss8ahpkY1ZzYUD_KdirFE1rskfvqjw@mail.gmail.com> <CABkgnnUc-XsYivUzSs6W4it_Krykr-reJMDJXqKf5FvGw_NBPg@mail.gmail.com> <CAD5OKxvXTsTPaKFNdwS6tPBTAksD=jgiAFGuGMgbepOtBoFT+Q@mail.gmail.com> <CALiegfmyKz4JUXBoX7LaRe7U_yE2-_pbBKXHp14zm4DRSYGZgA@mail.gmail.com>
In-Reply-To: <CALiegfmyKz4JUXBoX7LaRe7U_yE2-_pbBKXHp14zm4DRSYGZgA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.149]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprAIsWRmVeSWpSXmKPExsUyM2J7oO5KsSMRBouP6lq8v6BrceLGaWaL 6ftsLKYuf8xiMePCVGYHVo9zDe/ZPab83sjqsWBTqceSJT+ZPG5NKQhgjeKySUnNySxLLdK3 S+DKmHjkJ2vBJIGK7nn6DYx3+LsYOTkkBEwkfly7z9bFyMUhJLCOUeLNzZvsEM5iRonm39tY uhg5ONgELCS6/2mDNIgIJEosmTmbHSTMLJArsb4xBMQUFrCWuNLPCmKKCNhIrPxVC1FsJbFt wUlGkDCLgKrEp38sIGFeAV+JHVc7mCH2LGWS2PZ/IztIglMgUKK1ezUjiM0oICbx/dQaJhCb WUBc4taT+UwQFwtILNlznhnCFpV4+fgfK4StJLH28HYWiMM0Jdbv0odoVZSY0v2QHWKvoMTJ mU9YJjCKzkIydRZCxywkHbOQdCxgZFnFKFqcWlycm25kpJdalJlcXJyfp5eXWrKJERhPB7f8 ttrBePC54yFGAQ5GJR7egv2HIoRYE8uKK3MPMUpwMCuJ8E7lPBIhxJuSWFmVWpQfX1Sak1p8 iFGag0VJnNds5f1wIYH0xJLU7NTUgtQimCwTB6dUA+MKTpmpz0zyI9Y9KE/w6bLN2c0S+8Rp OeOzc+wWQoxh2XF7N4vfX7+0xvGMt9bjwpX9Xh8vvPnzJWHWTZfjr8uq318sOGgaV5vjMp2R +94vf4MLp9Me1WvlFbaafHebuE+v5PfPle6cgp9r+DbsOHx7ctbs2MWHL+S1Z81gU9jONLlr woei0olKLMUZiYZazEXFiQDlgRy+owIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/Zfjkl078Qcv0ouqHzLkqH5_zNmg>
Cc: Flemming Andreasen <fandreas@cisco.com>, "hta@google.com" <hta@google.com>, mmusic WG <mmusic@ietf.org>
Subject: Re: [MMUSIC] Handling of unverified data and media
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Mar 2017 15:24:29 -0000

Hi,

In case of a Data Channel, you also need to establish the SCTP association before you can send any content.

Regards,

Christer

-----Original Message-----
From: mmusic [mailto:mmusic-bounces@ietf.org] On Behalf Of Iñaki Baz Castillo
Sent: 11 March 2017 17:12
To: Roman Shpount <roman@telurix.com>
Cc: Flemming Andreasen <fandreas@cisco.com>; hta@google.com; mmusic WG <mmusic@ietf.org>
Subject: Re: [MMUSIC] Handling of unverified data and media

2017-03-10 23:47 GMT+01:00 Roman Shpount <roman@telurix.com>:
> My assumption always was that data is received, decoded and discarded 
> until fingerprint is received and verified. This way DTLS handshake 
> completes, key frames are decoded, but user is nor presented with any unverified media.

Just imagine an app (running in a computer with public IP) which sends the SDP offer to a server, DTLS handshake is done, and the server sends DataChannel messages to the browser *before* the browser receives the SDP answer.

Do you mean that such a DataChannel messages should be discarded? I consider that catastrophic as the server may not know whether the browser has yet received the answer or not. Apps should implement some kind of 3-way signaling handshake (send offer, receive answer, send
ACK) before the server sends any DataChannel message.


--
Iñaki Baz Castillo
<ibc@aliax.net>

_______________________________________________
mmusic mailing list
mmusic@ietf.org
https://www.ietf.org/mailman/listinfo/mmusic