Re: [rtcweb] Consensus call regarding media security

Iñaki Baz Castillo <ibc@aliax.net> Thu, 29 March 2012 15:23 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 022B121E8209 for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 08:23:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.623
X-Spam-Level:
X-Spam-Status: No, score=-2.623 tagged_above=-999 required=5 tests=[AWL=0.054, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vgiOzCqPE-A4 for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 08:23:38 -0700 (PDT)
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 0687521E819F for <rtcweb@ietf.org>; Thu, 29 Mar 2012 08:23:35 -0700 (PDT)
Received: by vbbez10 with SMTP id ez10so1798139vbb.31 for <rtcweb@ietf.org>; Thu, 29 Mar 2012 08:23:34 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=4KeGk3yle5sqRWLktg11hhKFIgHTHa9s9m6iBWw5E2o=; b=HkGVWTHPK6aiwoMoatoyTwBMYyHyQeg4h/CT/7en6Yq8QBHVqNv5ZMZbkl7t0cO0Oe RwvAVXzwxbe9WqZDUsipT5VQ+3Z5TtZz3+Wizq+oWdVaQrqJ4iGxEOTR2lP/Z9JUeWPb tN0Q0ABlyerXxM3Dl8GN+wQ1fJ8uVF0kBaZf5mwl6kGqBoCO+P8okF5joenRqGaDcWi2 srU1X1ABtjQSOpPTk2AqjcFyI5bp2nPC6DXiKvm83MJACs2SwE2WKVHMg8oHCcn9wpPW 6kMBIYKuhFTMzEs+d5zGn7lqA5ksDc8b6sYPbzX2lqbzvDcdFJxeN7xZk/0QzTTEV2O8 J+Qw==
Received: by 10.220.152.205 with SMTP id h13mr274482vcw.12.1333034614214; Thu, 29 Mar 2012 08:23:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.170.165 with HTTP; Thu, 29 Mar 2012 08:23:13 -0700 (PDT)
In-Reply-To: <101C6067BEC68246B0C3F6843BCCC1E31296C4CC7B@MCHP058A.global-ad.net>
References: <4F732531.2030208@ericsson.com> <101C6067BEC68246B0C3F6843BCCC1E31296C4CC7B@MCHP058A.global-ad.net>
From: =?UTF-8?Q?I=C3=B1aki_Baz_Castillo?= <ibc@aliax.net>
Date: Thu, 29 Mar 2012 17:23:13 +0200
Message-ID: <CALiegfm-acB8vEJrC+TQwAX4a9UkE5TXcvsfb7XXPMW4SrNvBw@mail.gmail.com>
To: "Hutton, Andrew" <andrew.hutton@siemens-enterprise.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQlfd1Obpf1552KRGljNZz1KwFhmpmG3YrLUa2sVMVLZvUU49WN0oP6U8KN/Pi5qmZDOD3fl
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 15:23:44 -0000

2012/3/29 Hutton, Andrew <andrew.hutton@siemens-enterprise.com>:
> I agree that there was clear consensus on mandating the use of SRTP but it was not clear to me what the consensus is regarding the use of SRTP with a null cipher. Does the statement "there was overwhelming consensus that all RTP packets SHALL be protected by SRTP" mean that the null cipher will not be allowed?

IMHO it's very easy:

- The JavaScript WebRTC API MUST NOT be able to set a null cipher (never).

- The browser MAY include an option in about://config ("SRTP: user
null cipher for debugging purposes").

- Such an option is reverted (so dissabled) upon browser restart.

-- 
Iñaki Baz Castillo
<ibc@aliax.net>