IETF Logo Mail Archive

Re: [rtcweb] I-D Action: draft-ietf-rtcweb-data-protocol-01.txt

Max Jonas Werner <mail@makk.es> Wed, 30 October 2013 15:34 UTC

Return-Path: <mail@makk.es>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A4C311E8253 for <rtcweb@ietfa.amsl.com>; Wed, 30 Oct 2013 08:34:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id au+tDAT5d1az for <rtcweb@ietfa.amsl.com>; Wed, 30 Oct 2013 08:34:44 -0700 (PDT)
Received: from lupus.uberspace.de (lupus.uberspace.de [95.143.172.176]) by ietfa.amsl.com (Postfix) with SMTP id B107511E81D6 for <rtcweb@ietf.org>; Wed, 30 Oct 2013 08:34:43 -0700 (PDT)
Received: (qmail 12318 invoked from network); 30 Oct 2013 15:34:41 -0000
Received: from unknown (HELO ?141.22.28.178?) (141.22.28.178) by lupus.uberspace.de with SMTP; 30 Oct 2013 15:34:41 -0000
Message-ID: <5271270C.4000605@makk.es>
Date: Wed, 30 Oct 2013 16:34:36 +0100
From: Max Jonas Werner <mail@makk.es>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0
MIME-Version: 1.0
To: Matt Fredrickson <creslin@digium.com>, Paul Kyzivat <pkyzivat@alum.mit.edu>
References: <20131021191343.32574.60876.idtracker@ietfa.amsl.com> <03FBA798AC24E3498B74F47FD082A92F3D86C821@US70UWXCHMBA04.zam.alcatel-lucent.com> <A87B4291-FA11-43BB-B8F0-55C59CF63421@lurchi.franken.de> <CAOJ7v-20YkvazNLqmbjQcOkhaedd+MKm8d6x2oeL46imvuLrzA@mail.gmail.com> <03FBA798AC24E3498B74F47FD082A92F3D86C8DB@US70UWXCHMBA04.zam.alcatel-lucent.com> <120FE29C-150E-47BF-951C-B8124EB7A262@lurchi.franken.de> <03FBA798AC24E3498B74F47FD082A92F3D86C9A2@US70UWXCHMBA04.zam.alcatel-lucent.com> <5269F3B5.2020308@alvestrand.no> <03FBA798AC24E3498B74F47FD082A92F3D86CD4C@US70UWXCHMBA04.zam.alcatel-lucent.com> <526C4297.2000006@alum.mit.edu> <526CE0BE.90606@jesup.org> <526FD2D8.7000709@alum.mit.edu> <CAHZ_z=yc5=mQMG3QZP=KtpDF0AxYAtiBYDRkCj0b9hbbe8EKag@mail.gmail.com>
In-Reply-To: <CAHZ_z=yc5=mQMG3QZP=KtpDF0AxYAtiBYDRkCj0b9hbbe8EKag@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="KdEIvemPdTt4PBlmQgClWfcWdvD8RuwBK"
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] I-D Action: draft-ietf-rtcweb-data-protocol-01.txt
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Oct 2013 15:34:53 -0000

On 29.10.2013 16:35, Matt Fredrickson wrote:
> On Tue, Oct 29, 2013 at 10:23 AM, Paul Kyzivat <pkyzivat@alum.mit.edu>wrote:
[...]

>> Is it not possible for an intermediary on the signaling path to insert
>> itself in the media path, manipulating the SDP such that the two ends both
>> establish the DTLS with the intermediary?
> 
> Correct me if I'm wrong, but I thought that the SDP itself was supposed to
> be signed and able to be validated (perhaps using the identity mechanism),
> to explicitly catch nefarious man in the middle type scenarios such as this.

Remove the "perhaps" from the sentence in brackets and you got it. If
you want to verify you're communicating with whom you think you're
comunicating you _need_ the identity mechanism that's being standardized
here.

Max

v2.23.0 | Report a Bug | By Email