IETF Logo Mail Archive

Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard

Bernard Aboba <bernard.aboba@gmail.com> Fri, 01 February 2019 16:58 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C47613103A; Fri, 1 Feb 2019 08:58:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pgM1DjmtKNc6; Fri, 1 Feb 2019 08:58:34 -0800 (PST)
Received: from mail-vs1-xe35.google.com (mail-vs1-xe35.google.com [IPv6:2607:f8b0:4864:20::e35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 893DF13101F; Fri, 1 Feb 2019 08:58:34 -0800 (PST)
Received: by mail-vs1-xe35.google.com with SMTP id x28so4573181vsh.12; Fri, 01 Feb 2019 08:58:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KbtGvCfwe7yDHnlIIhAnhc1NgQZBBIiiq3RxZCZ8c5w=; b=lETs5I+uYtx8yQHeMSNew+2XlGbdxmF7HZCzwHfFPSEZ2vK2X9R2gQM9vZ4PcF+MJk BSMnRvQpoLYVY2ohevydaNrrvJqLnUAhFY5S8uqTgq/Q30GUPSp0eTUe5eIbjTAj7tdj Ol55whMiNns3G1qPpudt3GWpbfAh03dYhvypD7fmbV7XlWl1RVwzrGhi4z1Xj+XjL8Zu aQYgcyFwJCGrx4UjI0mFbQjF0p3rQczXQAPu0JaA5teIxz2900If+elgG8SRjLsvPb7+ 79rnQe6x8GfL4vgKSYjEx0aIPwfhW1i9UqjI9Mv4fSiXaWtHHuYBEudrh33yXTVZyumM czsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KbtGvCfwe7yDHnlIIhAnhc1NgQZBBIiiq3RxZCZ8c5w=; b=bz+LemVtT1HrBzTreiIJ4GWP9/SkiERXJYK5gWm+WtlR+VQTSMc8pMheL3oaMwsI66 9hK3Ajxet+Pcx9FXX7DCiUiJabkAH2iWWB3ntNw/jEUmAwZ2mziZZVq1wbJjbj2Y3i4L ZFxvVd0xcgetKo14QmY1N5fFqrVIdDvSgYQCd7N6mvVtwjbjW/SmhLI6OlZ/XWuf6Xoq 9DVvdljtnIw7sMK01PqgTu5v+UtWpnrugS/hZgrjQEXAUtELnBvZxiA9bAqBSesOYwuV xcCQS4jhonXwkKTe3nT+NWGMqPTJT4IC6VzmO/G2ZPR4bUizLfOSzQ90Z4ZjeGe46GMQ 6U6g==
X-Gm-Message-State: AJcUukczcZ6CfrR7pWUd1/WGhM5qIO3x3o6cSiFG6XPp8vg1xfw6894/ R12H91LETkekz8Pd9i9Dg4hF+kWZSvJnJ1hO66w=
X-Google-Smtp-Source: ALg8bN5cqX58GL65SK4ypB/PdGyYK71FROEi11VyweNGQ/rLRFeD4+FQREDMCUnb1sPlUTkbS55Gv33nzi6oH4271i4=
X-Received: by 2002:a67:804e:: with SMTP id b75mr17033893vsd.226.1549040312727; Fri, 01 Feb 2019 08:58:32 -0800 (PST)
MIME-Version: 1.0
References: <154889546931.10496.2408974719921724953.idtracker@ietfa.amsl.com> <CAOW+2dui_imxyysOCrtdH7OiDcbooi83qtCDifEY3HQ6MpigWA@mail.gmail.com> <CAL02cgSip2cLr8a1+zfK2cg+n8gqUMc9CKPmb7mWd2iLSiRf-g@mail.gmail.com>
In-Reply-To: <CAL02cgSip2cLr8a1+zfK2cg+n8gqUMc9CKPmb7mWd2iLSiRf-g@mail.gmail.com>
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Fri, 01 Feb 2019 11:58:21 -0500
Message-ID: <CAOW+2dvOkhqBDqBrosoXjkEV4i=Wt12cQ17SQ4-N=cCVOS=jhQ@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
Cc: Alexandre GOUAILLARD <alex.gouaillard@cosmosoftware.io>, Emad Omara <emadomara@google.com>, Emil Ivov <emcho@jitsi.org>, IETF discussion list <ietf@ietf.org>, The IESG <iesg@ietf.org>, perc@ietf.org
Content-Type: multipart/alternative; boundary="000000000000953dd00580d80d16"
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/Sx7obcZgjG3_grWJ8TwgW4kWI_A>
Subject: Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Feb 2019 16:58:38 -0000

Comments below.

On Fri, Feb 1, 2019 at 11:18 Richard Barnes <rlb@ipv.sx> wrote:

>
>> I appreciate that there's confusion here, and I think we can clarify.
>
> It seems pretty clear from the other documents in this suite
> (draft-ietf-perc-srtp-ekt-diet and draft-ietf-perc-double) that this system
> only really makes sense in the case where the browser is trusted and the JS
> is not.
>

[BA] Does this depend on the origin of the JS and how it is delivered?
Development frameworks such as Electron are now quite popular for
delivering native applications. Are you saying that the framework
intrinsically distinguishes a native C/C++ application utilizing the WebRTC
APIs from one partially written in JS?

Seems to me that this Is really about access to media and keys, not
development methodology.

I would also note that DRM frameworks such as EME have their own key
management requirements and definition of “trust” rooted in hardware such
as the TPM.

Otherwise, you would not need the DTLS parts of EKT, since you could rely
> on some external thing to provide the key encryption key.  (Note that this
> latter architecture was proposed, considered, and rejected by the WG.)
>

[BA] This is a framework document. As such, it needs to explain the
requirements for key management.


> So I would propose we add something like the following to this definition:
>
> "In the context of WebRTC, where control of a session is divided between a
> JavaScript application and a browser, the browser acts as the Trusted
> Endpoint for purposes of this framework (just as it acts as the endpoint
> for DTLS-SRTP in one-to-one calls)."
>

[BA] Given that WebRTC APIs are frequently used to develop native
applications, and that existing Web APIs such as EME support handling of
encrypted content, I do not think the above text is adequate. The document
actually needs to articulate the key management requirements.


> Again, the answer is clear here, but the document should be clearer.  The
> working group discussed SSRC rewriting several times, and concluded that
> SSRC rewriting could not be allowed in this system.  This decision is
> reflected, e.g., in the fact that the Double transform does not allow
> modification of SSRCs.
>
> I'll leave it to Paul to propose concrete fixes here, since I'm less
> familiar with these points.
>
> --Richard
>
>
>
>>
>> On Wed, Jan 30, 2019 at 7:45 PM The IESG <iesg-secretary@ietf.org> wrote:
>>
>>>
>>> The IESG has received a request from the Privacy Enhanced RTP
>>> Conferencing
>>> WG (perc) to consider the following document: - 'A Solution Framework for
>>> Private Media in Privacy Enhanced RTP
>>>    Conferencing'
>>>   <draft-ietf-perc-private-media-framework-08.txt> as Proposed Standard
>>>
>>> The IESG plans to make a decision in the next few weeks, and solicits
>>> final
>>> comments on this action. Please send substantive comments to the
>>> ietf@ietf.org mailing lists by 2019-02-13. Exceptionally, comments may
>>> be
>>> sent to iesg@ietf.org instead. In either case, please retain the
>>> beginning of
>>> the Subject line to allow automated sorting.
>>>
>>> Abstract
>>>
>>>
>>>    This document describes a solution framework for ensuring that media
>>>    confidentiality and integrity are maintained end-to-end within the
>>>    context of a switched conferencing environment where media
>>>    distributors are not trusted with the end-to-end media encryption
>>>    keys.  The solution aims to build upon existing security mechanisms
>>>    defined for the real-time transport protocol (RTP).
>>>
>>>
>>>
>>>
>>> The file can be obtained via
>>> https://datatracker.ietf.org/doc/draft-ietf-perc-private-media-framework/
>>>
>>> IESG discussion can be tracked via
>>>
>>> https://datatracker.ietf.org/doc/draft-ietf-perc-private-media-framework/ballot/
>>>
>>>
>>> No IPR declarations have been submitted directly on this I-D.
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Perc mailing list
>>> Perc@ietf.org
>>> https://www.ietf.org/mailman/listinfo/perc
>>>
>> _______________________________________________
>> Perc mailing list
>> Perc@ietf.org
>> https://www.ietf.org/mailman/listinfo/perc
>>
>

v2.23.0 | Report a Bug | By Email