Re: [MMUSIC] Handling of unverified data and media

Bernard Aboba <> Thu, 30 March 2017 22:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 79C91127863 for <>; Thu, 30 Mar 2017 15:11:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ylI96zucKTXa for <>; Thu, 30 Mar 2017 15:11:20 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4001:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 00D7E12426E for <>; Thu, 30 Mar 2017 15:11:19 -0700 (PDT)
Received: by with SMTP id l7so28903431ioe.3 for <>; Thu, 30 Mar 2017 15:11:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=GPS2apr1Yfj4MGk49KgcMbRPzJSby7xmA2ZjuvMKWmw=; b=CNtycJABYlAskIhwLRihcnHKMWduTbJXstI6+ISyPnhNrAlkft9JpUH2kNrCxoPrCO JFT8zCjrqh1Wwbg8tkYQ+gWGO+ccdu0wEQFSVraWxRsy1/jSTCHL2IgxrsflfGGfwS0i XtIjAz2XXbh9S5baLF3m6twjCl48NZu/Dv+XQm5u6829EmjVPb1+bOyuDc4FDDXeiss5 3hCPDObQUkS6UoRWh0Fovqsu/cX6pHYO60VWfQReMP+lyAu/BMfa4N0XFFGmvv6f0kzy HyGuzoXgJFOQJTWSNAw22gThuq0oUINiq35/6FvTq5VZOsw6D8PqmH0WWRIFpwG8y00n TJ5Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=GPS2apr1Yfj4MGk49KgcMbRPzJSby7xmA2ZjuvMKWmw=; b=Kx9vx463U8BQnizlCMCpSVhlbTyiM3c4SY5xh5RcpURAQ0LvdCnxcFAaMEXJ+a0+pV 0mUI1lHagf2FAqtC+vccBknk85cUQfEqdqIzQe79iAQH6nCkoKvD/IsIC3p9nXShjBax is5BvcBmJzptoIaFddjw0soJnUOIygYtPBoGOibNPdcz0UsgzxNTlgblMK2Qm44WCMaO /58vGMR8T1FYZ84oEkUtbCxsLTanh6MmPMBaAMp95YI7qZ4dwFB1giwrWeCOdgW7/iHl UdNh/Tq9zZ5tfQeU4++aCDg1RVSw2SpbQU3pZr/qKx3iVrezXfial/HoVmcBMomuiFVZ tu3A==
X-Gm-Message-State: AFeK/H0QVTHu/vai7A8BTocEhklEk71Bi16edxwMFdNMPqEjGi78thUr4SrfmioMiUjLoQ==
X-Received: by with SMTP id 14mr3336327iot.188.1490911879295; Thu, 30 Mar 2017 15:11:19 -0700 (PDT)
Received: from [] ( []) by with ESMTPSA id p198sm224786itg.31.2017. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 30 Mar 2017 15:11:18 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-A847AEEA-3DD6-490F-BCF2-F5A0B89A0EC5"
Mime-Version: 1.0 (1.0)
From: Bernard Aboba <>
X-Mailer: iPad Mail (14D27)
In-Reply-To: <>
Date: Thu, 30 Mar 2017 17:11:17 -0500
Cc: Cullen Jennings <>, Christer Holmberg <>, mmusic <>
Content-Transfer-Encoding: 7bit
Message-Id: <>
References: <> <> <> <> <> <> <> <> <> <> <>
To: Peter Thatcher <>
Archived-At: <>
Subject: Re: [MMUSIC] Handling of unverified data and media
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 30 Mar 2017 22:11:22 -0000

The unverified media scenarios seem to depend on ICE connectivity being bi-directionally enabled so as to permit the DTLS negotiation to proceed in advance of remote fingerprint arrival. If ICE candidates are signaled separately from the DTLS fingerprint exchange it might be feasible, such as in ORTC signaling where the ICE parameters are exchanged before the DtlsParameters.

At the last WebRTC interim a scenario involving PRANSWER and Trickle ICE was presented. In the scenario, the PRANSWER included a fingerprint, but possibly one which did not match the certificate provided in DTLS unlike the final answer. I do not see how this could work but perhaps I am missing something.

> On Mar 30, 2017, at 14:14, Peter Thatcher <> wrote:
> We have a mailing list discussion (here), a bug ( and a PR ( about this.  I've copied the following comments to the latter two, so I'm adding them here as well.
> TL;DR: I don't think unverified media is compatible with ICE+DTLS.  Here is why (you can go see the bug, too):
> You can receive DTLS from the remote side before receiving the remote description (and thus fingerprint). This happens if the remote side sends an ICE connectivity check and the local side sends a response and then the remote side sends a DTLS packet.
> You cannot send DTLS from the local side before receiving the remote description (and thus fingerprint). This is because you can't send an ICE connectivity check until you have the remote ICE ufrag and pwd, and thus can't get an ICE connectivity check response, and thus can't send DTLS. This is because you can't send anything other than ICE until you get an ICE connectivity check response.
> Since you can't send DTLS, you can't complete the handshake, and thus can't extract the SRTP key.
> Maybe I'm missing something, but I think this is impossible.
>> On Sat, Mar 25, 2017 at 1:12 PM Cullen Jennings <> wrote:
>>> On Mar 13, 2017, at 3:44 PM, Christer Holmberg <> wrote:
>>> My question is: is this something that’s causing problems in real deployments, and requires a change in the standard? 
>> 1-800 go fedex. See webrtc requirements documents from many years ago. 
>> _______________________________________________
>> mmusic mailing list
> _______________________________________________
> mmusic mailing list