Re: [MMUSIC] Handling of unverified data and media

Martin Thomson <martin.thomson@gmail.com> Thu, 30 March 2017 20:50 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 542DC129569 for <mmusic@ietfa.amsl.com>; Thu, 30 Mar 2017 13:50:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eNllJPn836l4 for <mmusic@ietfa.amsl.com>; Thu, 30 Mar 2017 13:50:46 -0700 (PDT)
Received: from mail-qt0-x235.google.com (mail-qt0-x235.google.com [IPv6:2607:f8b0:400d:c0d::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72A97129544 for <mmusic@ietf.org>; Thu, 30 Mar 2017 13:50:43 -0700 (PDT)
Received: by mail-qt0-x235.google.com with SMTP id r45so50195143qte.3 for <mmusic@ietf.org>; Thu, 30 Mar 2017 13:50:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=2qrrFXjw5W/3pJMfSIhgZAbO0znszDwx44t0mxBvH6E=; b=YCcyV9iBdt7l2U/Mtg+08hw2J1GFg4PHsUm+GuAU0NdOGX1oBy5ydfIYfpRdXmdP6o 155bQInHFjLuRjLuVQcP381Q3jppo3pYVz2ZKjoj5zZOmbq/5YwNlYYBofVV6eav7bLk p5HulgQAO5utvKOTg1lHiJYMChF5PdrA2RNWXYIwMGzld8em8+2WY2XRkmv1gy6CzCyJ GUkPwcV8AuxdM9dD1HWPuNLxbDY8D1qz8NESwdiM4zuxssCrlmKBPnDRrv2ylCcZGLWC h+ALNuuTXd6vhGQKlkjYh4jUQQ+cli6Kc+xQDbT3KS4xcrIl1XPrhAunzKQ7lDpEhzc2 J1hg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=2qrrFXjw5W/3pJMfSIhgZAbO0znszDwx44t0mxBvH6E=; b=tFzLA+O4uJrSklFy0CZCT4U9AfPbL1A16uxs7MgFTOp6OaPxG9/VwRxm4ld/wQguAz zl7AjMLwxQpTIzCkGUP1Pr45Pucbl9UdWNzQEpQSJPCaMJfvNsqXqADTIdvrWTqsmYhq UBW9uINZwPkHG66RakixIsM46qTczPGgvqkOYo/m0xgdJO78HW5fUAEippNP0Oq+Va+5 FKVy8KX5E1g3Kgty0Bnjpx1IRjz1mOde6trIAj9KfyMCeWoZa57WfT3VOrZep+j9b379 Xwlm6VJ3dxeIr51d27u6lHRTpDERzJCskjQTmKbxFM2+Cse3pP9IBwHcG0PRvjgnk6bN lA4g==
X-Gm-Message-State: AFeK/H0zyI2iRc5n8xLQON3DXUuRVVXer5T36Y8YwMtPwSD0RS50qwdqwC26nss9TKKBpIAb4oZPWx35mDEOQQ==
X-Received: by 10.200.46.91 with SMTP id s27mr1987572qta.278.1490907042496; Thu, 30 Mar 2017 13:50:42 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.27.194 with HTTP; Thu, 30 Mar 2017 13:50:42 -0700 (PDT)
In-Reply-To: <CAJrXDUGy10nV3bWYsiLFc0czu5ydmwU-uf9AC=O+zfUxken+=w@mail.gmail.com>
References: <CAOW+2dseq8AmLKXFGUaiss8ahpkY1ZzYUD_KdirFE1rskfvqjw@mail.gmail.com> <CABkgnnUc-XsYivUzSs6W4it_Krykr-reJMDJXqKf5FvGw_NBPg@mail.gmail.com> <CAD5OKxvXTsTPaKFNdwS6tPBTAksD=jgiAFGuGMgbepOtBoFT+Q@mail.gmail.com> <CABcZeBO9MP0fqg=ubpgU8+3L9koB5grCyp-O8hS9Pis942-rhA@mail.gmail.com> <CAOW+2due+uNyWn-3GQnpXrR-L55XVZSXXRmC0E9-5BSGKynUYA@mail.gmail.com> <CABcZeBPr4OjUBSUdS3wWmUuRJh7XmgxfVaY1F15mjMAqjbTZRg@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B4CB06D6C@ESESSMB109.ericsson.se> <67E58DC2-89CB-45AB-9452-C6A7DFEA34A4@vidyo.com> <7594FB04B1934943A5C02806D1A2204B4CB0B034@ESESSMB109.ericsson.se> <CF91D618-CC36-4811-A1BE-CAC48EF66900@iii.ca> <CAJrXDUGy10nV3bWYsiLFc0czu5ydmwU-uf9AC=O+zfUxken+=w@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 30 Mar 2017 15:50:42 -0500
Message-ID: <CABkgnnUj0Wp27LfpQWEt4tz5d9KKfdRKV+FoxAbeS5TDZQku7Q@mail.gmail.com>
To: Peter Thatcher <pthatcher@google.com>
Cc: Cullen Jennings <fluffy@iii.ca>, Christer Holmberg <christer.holmberg@ericsson.com>, mmusic <mmusic@ietf.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/oL2iWB-z0ZKCUcfl2_HOmDT9778>
Subject: Re: [MMUSIC] Handling of unverified data and media
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Mar 2017 20:50:49 -0000

Tim had a comment that didn't make it due to time, but I thought that
it was worth forwarding here:

<derf> What I was getting up to say was, I think it's "acceptable" to
provide the data to the application if and only if the application has
a way to know that it's (potentially) invalid (and when it becomes
valid).
<derf> What would _not_ be acceptable would be to provide the data to
the application in a way that's indistinguishable from receving valid
data.

In terms of what policy the *browser* application takes towards this
data, it would seem unwise to pass anything concrete to the origin.
Media might be isolated, but that leads to it being essentially
equivalent to mixed content.  the W3C might be ... let me just say
reluctant ... to add new ways of adding mixed content to the web.

On 30 March 2017 at 14:14, Peter Thatcher <pthatcher@google.com> wrote:
> We have a mailing list discussion (here), a bug
> (https://github.com/w3c/webrtc-pc/issues/849) and a PR
> (https://github.com/w3c/webrtc-pc/pull/1026#issuecomment-279238215) about
> this.  I've copied the following comments to the latter two, so I'm adding
> them here as well.
>
> TL;DR: I don't think unverified media is compatible with ICE+DTLS.  Here is
> why (you can go see the bug, too):
>
> You can receive DTLS from the remote side before receiving the remote
> description (and thus fingerprint). This happens if the remote side sends an
> ICE connectivity check and the local side sends a response and then the
> remote side sends a DTLS packet.
>
> You cannot send DTLS from the local side before receiving the remote
> description (and thus fingerprint). This is because you can't send an ICE
> connectivity check until you have the remote ICE ufrag and pwd, and thus
> can't get an ICE connectivity check response, and thus can't send DTLS. This
> is because you can't send anything other than ICE until you get an ICE
> connectivity check response.
>
> Since you can't send DTLS, you can't complete the handshake, and thus can't
> extract the SRTP key.
>
>
> Maybe I'm missing something, but I think this is impossible.
>
> On Sat, Mar 25, 2017 at 1:12 PM Cullen Jennings <fluffy@iii.ca> wrote:
>>
>>
>> On Mar 13, 2017, at 3:44 PM, Christer Holmberg
>> <christer.holmberg@ericsson.com> wrote:
>>
>> My question is: is this something that’s causing problems in real
>> deployments, and requires a change in the standard?
>>
>>
>> 1-800 go fedex. See webrtc requirements documents from many years ago.
>> _______________________________________________
>> mmusic mailing list
>> mmusic@ietf.org
>> https://www.ietf.org/mailman/listinfo/mmusic
>
>
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic
>