IETF Logo Mail Archive

Re: [rtcweb] Consensus call regarding media security

Igor Faynberg <igor.faynberg@alcatel-lucent.com> Wed, 28 March 2012 15:56 UTC

Return-Path: <igor.faynberg@alcatel-lucent.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B6CE21E82CA for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 08:56:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.341
X-Spam-Level:
X-Spam-Status: No, score=-9.341 tagged_above=-999 required=5 tests=[AWL=1.257, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EiM2fsOa3j0s for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 08:56:04 -0700 (PDT)
Received: from ihemail2.lucent.com (ihemail2.lucent.com [135.245.0.35]) by ietfa.amsl.com (Postfix) with ESMTP id A3AD521E82C8 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 08:56:04 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail2.lucent.com (8.13.8/IER-o) with ESMTP id q2SFu3L1018422 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <rtcweb@ietf.org>; Wed, 28 Mar 2012 10:56:04 -0500 (CDT)
Received: from umail.lucent.com (umail-ce2.ndc.lucent.com [135.3.40.63]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q2SFu3lE026240 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <rtcweb@ietf.org>; Wed, 28 Mar 2012 10:56:03 -0500
Received: from [135.244.27.182] (faynberg.lra.lucent.com [135.244.27.182]) by umail.lucent.com (8.13.8/TPES) with ESMTP id q2SFu2Jk001170; Wed, 28 Mar 2012 10:56:02 -0500 (CDT)
Message-ID: <4F733492.9040601@alcatel-lucent.com>
Date: Wed, 28 Mar 2012 11:56:02 -0400
From: Igor Faynberg <igor.faynberg@alcatel-lucent.com>
Organization: Alcatel-Lucent
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <4F732531.2030208@ericsson.com> <CAD5OKxs6NHha2egNSTumEaHYJ0bB6qu_nfshmBM6dntx2n49HQ@mail.gmail.com>
In-Reply-To: <CAD5OKxs6NHha2egNSTumEaHYJ0bB6qu_nfshmBM6dntx2n49HQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------000406000806040000090208"
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.35
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: igor.faynberg@alcatel-lucent.com
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 15:56:05 -0000

Roman,

I think there is a misunderstanding (I assume you did not attend the 
meeting today).  It has been clarified that SRTP allows the NULL 
encryption algorithm, and that this option will be available.

Igor

On 3/28/2012 11:49 AM, Roman Shpount wrote:
> As I have mentioned before on this list I am strongly against making 
> SRTP protection for RTP a requirement. I think this is an unnecessary 
> requirement that serves little real purpose except feeding into some 
> marketing message that most of the WebRTC users would not care about. 
> Unless use of identity is also a requirement, requiring SRTP will 
> provide security only in a very narrow sense of the word. At the same 
> time I do believe that extra standard requirements will stifle 
> innovation and  will complicate new service or application creation.
>
> I have no objection to making DTLS-SRTP a required to implement protocol.
> _____________
> Roman Shpount
>
>
> On Wed, Mar 28, 2012 at 10:50 AM, Magnus Westerlund 
> <magnus.westerlund@ericsson.com 
> <mailto:magnus.westerlund@ericsson.com>> wrote:
>
>     WG,
>
>     In todays RTCWEB WG meeting there was discussion around media security
>     mechanism. In this meeting there was some clear consensus in the
>     meeting which we would like to confirm on the list.
>
>     The first was that there was overwhelming consensus that all RTP
>     packets SHALL be protected by SRTP.
>
>     Secondly that no one objected against making DTLS-SRTP a mandatory to
>     implement and the default keying mechanism. Additional mechanisms are
>     not precluded.
>
>     WG participants may state their position regarding these consensus
>     calls
>     until 12th of April when the chairs will declare the final
>     consensus. If
>     you where present in the meeting room and comment on this, please
>     indicate that.
>
>     Best Regards
>
>     Magnus Westerlund
>     For the WG chairs
>
>     _______________________________________________
>     rtcweb mailing list
>     rtcweb@ietf.org <mailto:rtcweb@ietf.org>
>     https://www.ietf.org/mailman/listinfo/rtcweb
>
>
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email