IETF Logo Mail Archive

Re: [MMUSIC] [rtcweb] Tunnelling DTLS in SDP

Christer Holmberg <christer.holmberg@ericsson.com> Mon, 11 July 2016 16:58 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EFF212D182; Mon, 11 Jul 2016 09:58:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id igR6fTyPXOu4; Mon, 11 Jul 2016 09:58:57 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEE09128E18; Mon, 11 Jul 2016 09:58:56 -0700 (PDT)
X-AuditID: c1b4fb2d-f79936d0000030e4-2e-5783d04ee109
Received: from ESESSHC013.ericsson.se (Unknown_Domain [153.88.183.57]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 5A.4B.12516.E40D3875; Mon, 11 Jul 2016 18:58:55 +0200 (CEST)
Received: from ESESSMB208.ericsson.se ([169.254.8.19]) by ESESSHC013.ericsson.se ([153.88.183.57]) with mapi id 14.03.0294.000; Mon, 11 Jul 2016 18:58:54 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: T H Panton <tim@phonefromhere.com>, Roman Shpount <roman@telurix.com>
Thread-Topic: [MMUSIC] [rtcweb] Tunnelling DTLS in SDP
Thread-Index: AQHR25H7RNZN26dRbUODj/n1LGaMCaATc9/F
Date: Mon, 11 Jul 2016 16:58:54 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B4768FEBB@ESESSMB208.ericsson.se>
References: <CABcZeBOM1KoXpXFhvjS753EVpsMENWVen3CCdFj8ry36vPH0dg@mail.gmail.com> <CAD5OKxt2+YAJfR1q4qyhv_0D7AqMmrsTENTGNw-_vo9Dzr-ejA@mail.gmail.com> <16EBD211-7FAD-43F1-A855-639EC17A17FE@cisco.com> <CAD5OKxsA8UOE83GP67h0NB9H3Lqmw0eC6nhjB=A=7GwdeZf3fw@mail.gmail.com>, <7DF2166A-3AF4-4591-AB25-8C5415875E8D@phonefromhere.com>
In-Reply-To: <7DF2166A-3AF4-4591-AB25-8C5415875E8D@phonefromhere.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_7594FB04B1934943A5C02806D1A2204B4768FEBBESESSMB208erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrFIsWRmVeSWpSXmKPExsUyM2K7pa7/heZwg0c32S06JrNZTF3+mMVi xoWpzBZr/7WzW1zcfovRgdVjyu+NrB5Llvxk8lgyqZHN49aUggCWKC6blNSczLLUIn27BK6M UzMvsxXsKqmY8/MEewPj3tQuRk4OCQETidvLTrFC2GISF+6tZ+ti5OIQEjjCKHHr3R8mCGcx o8STVfPYuxg5ONgELCS6/2mDNIgIeEos/j+DHcRmFkiT+H2vgxGkRFjAXGLZM6gSC4nZbx8w Q9hGEgvOnmcEsVkEVCWOXlvAAmLzCvhKnGn4wwyx6hSTxPWbT8FWcQq4SnzYEwNSwwh02/dT a5ggVolLNH1ZCXWzgMSSPeeZIWxRiZeP/7FC1ORLzD74jwlivqDEyZlPWCYwisxC0j4LSdks JGUQcQOJL+9vQ9naEssWvmaGsPUlut+fZkIWX8DIvopRtDi1uDg33chYL7UoM7m4OD9PLy+1 ZBMjMAYPbvmtu4Nx9WvHQ4wCHIxKPLwJR5vChVgTy4orcw8xSnAwK4nwzjnbHC7Em5JYWZVa lB9fVJqTWnyIUZqDRUmc1/+lYriQQHpiSWp2ampBahFMlomDU6qBsbW9pe0Gn2lFdlbD8nnh 32oUZ9nJ3A69vfbJVOs59j+VZb/o3vzIPM1CKeJQeuGPrOsrDs6vXudzY8e1dZfNd174JfeC d52mj46nZ/O7JR2xYjuXJiyQe1hu5GVaKHm/7J40++yfa2M/J9ruL5gVWcPeUqkgLBt1JICb VfKKxSulW6eO/3XxVmIpzkg01GIuKk4EABS9Z+y9AgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/bnsoq2tJcAQNH_u80IoQDT8eZVM>
Cc: Cullen Jennings <fluffy@cisco.com>, RTCWeb IETF <rtcweb@ietf.org>, mmusic WG <mmusic@ietf.org>
Subject: Re: [MMUSIC] [rtcweb] Tunnelling DTLS in SDP
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jul 2016 16:58:59 -0000

Hi,

All I'll say at this point is that you cannot assume that forking entities will remove the attribute. You either need to have a fallback procedure in case of forking, or say that the mechanism MUST NOT be used in environments where forking can occur (which makes the mechanism more or less useless in virtually all SIP environments).

Regards,

Christer


Sent from my Windows Phone
________________________________
From: T H Panton<mailto:tim@phonefromhere.com>
Sent: ‎11/‎07/‎2016 19:33
To: Roman Shpount<mailto:roman@telurix.com>
Cc: Cullen Jennings<mailto:fluffy@cisco.com>; RTCWeb IETF<mailto:rtcweb@ietf.org>; mmusic WG<mailto:mmusic@ietf.org>
Subject: Re: [MMUSIC] [rtcweb]   Tunnelling DTLS in SDP


On 11 Jul 2016, at 17:19, Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> wrote:

I would definitely like to proceed with this. There are certain issues related to forking and new associations being setup by the answering party, but I think they are resolvable. On the other hand, the benefits of reduced call setup up time definitely make this worthwhile.

As I said (remotely) at the last meeting,
I am distinctly _unkeen_ on the aesthetics of this - it ties us to ever uglier and larger SDP, it breaks software layer separation in the stacks,
it will no doubt presume a single DTLS implementation, it will be _fun_ to test, and I anticipate it will open some ugly attack vectors
to the javascript kiddies.

Last I heard EKR was going to experiment with it and come back with a view on how (in)accurate my doom-saying was.
I haven't heard the reply...

- If folks want a corridor conversation about this next week in Berlin, I'll be there.

T.


_____________
Roman Shpount

On Mon, Jul 11, 2016 at 8:22 AM, Cullen Jennings <fluffy@cisco.com<mailto:fluffy@cisco.com>> wrote:

Quick questions for folks …  is an idea that we should explore a bit deeper before making decisions about it? or should we not proceed? or should we proceed? Just looking for feedback on where this should go next

Thanks, Cullen


On Apr 18, 2016, at 7:59 AM, Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> wrote:

On Mon, Apr 4, 2016 at 9:10 AM, Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>> wrote:
I wanted to call your attention to a draft I just published with a possibly stupid
idea.

https://tools.ietf.org/html/draft-rescorla-dtls-in-sdp-00

A nontrivial fraction of call setup time in WebRTC is the DTLS handshake.
This document describes how to piggyback the first few handshake messages
in the SDP offer/answer exchange, thus reducing latency.

Comments welcome.


One other issue I thought off was that with DTLS SDP either offerer or answerer can start a new DTLS association. When answerer starts a new session it will have exactly the same problems as forking, since this will create multiple DTLS sessions with the same client random. This can be solved with some sort of fallback mechanism to either regular DTLS setup or to sending a ClientHello in the answer.

Regards,
_____________
Roman Shpount

_______________________________________________
rtcweb mailing list
rtcweb@ietf.org<mailto:rtcweb@ietf.org>
https://www.ietf.org/mailman/listinfo/rtcweb


_______________________________________________
mmusic mailing list
mmusic@ietf.org<mailto:mmusic@ietf.org>
https://www.ietf.org/mailman/listinfo/mmusic


_______________________________________________
rtcweb mailing list
rtcweb@ietf.org<mailto:rtcweb@ietf.org>
https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email