Re: [rtcweb] Security issue: consent refresh
Bernard Aboba <bernard_aboba@hotmail.com> Mon, 31 October 2011 13:22 UTC
Return-Path: <bernard_aboba@hotmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D696121F8B1A for <rtcweb@ietfa.amsl.com>; Mon, 31 Oct 2011 06:22:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.459
X-Spam-Level:
X-Spam-Status: No, score=-102.459 tagged_above=-999 required=5 tests=[AWL=0.139, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id meiivhdjiC9o for <rtcweb@ietfa.amsl.com>; Mon, 31 Oct 2011 06:22:42 -0700 (PDT)
Received: from blu0-omc2-s33.blu0.hotmail.com (blu0-omc2-s33.blu0.hotmail.com [65.55.111.108]) by ietfa.amsl.com (Postfix) with ESMTP id 38A5121F85AA for <rtcweb@ietf.org>; Mon, 31 Oct 2011 06:22:42 -0700 (PDT)
Received: from BLU152-W43 ([65.55.111.71]) by blu0-omc2-s33.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Mon, 31 Oct 2011 06:22:41 -0700
Message-ID: <BLU152-W43CF37AEAAABA865489C1393D60@phx.gbl>
Content-Type: multipart/alternative; boundary="_0aa02d3f-db23-43dd-9fc8-5bbc9418f4cc_"
X-Originating-IP: [24.17.217.162]
From: Bernard Aboba <bernard_aboba@hotmail.com>
To: hkaplan@acmepacket.com
Date: Mon, 31 Oct 2011 06:22:40 -0700
Importance: Normal
In-Reply-To: <2308DE02-0E63-4CCF-8889-F2E79204C7AF@acmepacket.com>
References: <3FACD0E9-449A-4897-8997-F76B5A41A34E@acmepacket.com>, <4EAA7B02.4010400@ericsson.com>, <2308DE02-0E63-4CCF-8889-F2E79204C7AF@acmepacket.com>
MIME-Version: 1.0
X-OriginalArrivalTime: 31 Oct 2011 13:22:41.0925 (UTC) FILETIME=[2B1D8B50:01CC97D0]
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Security issue: consent refresh
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Oct 2011 13:22:43 -0000
> And the reason you are not needing the SHA-1 stuff is that you see no > need for this consent refresh to continue to verify that the one sending > the answers echoing the transaction IDs is a node which you provided > with the credentials? Or which the "evil" webservice has provisioned > with the credentials from the signalling exchange? > > Correct. Let's assume ICE is used for initial consent. If you're past the initial consent stage, then some far-end accepted your communication. > > At that point we're at the same stage as if the JS had simply initiated an HTTP connection to another site and it was approved with CORS. What keeps such an HTTP connection going is simply TCP "consent-refresh" using ACKs and not getting RST/FIN... and we don't need to be stronger than TCP. Arguably the STUN keepalive would actually be stronger than TCP even without SHA-1, because the STUN 96-bit Transaction-ID is harder to spoof-guess than two 16-bit TCP sequence number fields. > > If there is a MitM physically on the path between the Browser and the peer, such a MitM can keep the RTP flowing even if we used RTCP, >because it could fake RTCP. (and such a MitM can keep TCP and SCTP going too, fwiw) [BA] Agree with Hadriel that forcing an IWF to "manufacture" RTCP is a bad idea, and that the focus should be on an off-path attacker. Also agree that we need "continuing consent" and can't rely on a "source quench" approach which has proven unworkable in other contexts. There are situations where a receiver might have "gone away" for one reason or another, or where the receiver is being overwhelmed, where it might not have the ability or context to tell the sender to stop. For example, if key state has been lost, putting out a secured "Bye" may not be possible.
- [rtcweb] Security issue: consent refresh Hadriel Kaplan
- Re: [rtcweb] Security issue: consent refresh Magnus Westerlund
- Re: [rtcweb] Security issue: consent refresh Hadriel Kaplan
- Re: [rtcweb] Security issue: consent refresh Bernard Aboba
- Re: [rtcweb] Security issue: consent refresh Magnus Westerlund
- Re: [rtcweb] Security issue: consent refresh Randell Jesup