IETF Logo Mail Archive

Re: [rtcweb] Consensus call regarding media security

Basil Mohamed Gohar <abu_hurayrah@hidayahonline.org> Wed, 28 March 2012 14:55 UTC

Return-Path: <abu_hurayrah@hidayahonline.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4400621F87D0 for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 07:55:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.491
X-Spam-Level:
X-Spam-Status: No, score=-2.491 tagged_above=-999 required=5 tests=[AWL=0.108, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AutPWbKP3nwb for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 07:55:11 -0700 (PDT)
Received: from mail.zaytoon.hidayahonline.net (zaytoon.hidayahonline.net [173.193.202.83]) by ietfa.amsl.com (Postfix) with ESMTP id D8BB021F87B2 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 07:55:08 -0700 (PDT)
Received: from [10.10.40.98] (rrcs-98-103-138-67.central.biz.rr.com [98.103.138.67]) by mail.zaytoon.hidayahonline.net (Postfix) with ESMTPSA id 651CF6524A1 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 10:55:08 -0400 (EDT)
Message-ID: <4F732649.5010705@hidayahonline.org>
Date: Wed, 28 Mar 2012 10:55:05 -0400
From: Basil Mohamed Gohar <abu_hurayrah@hidayahonline.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.24) Gecko/20111108 Fedora/3.1.16-1.fc14 Lightning/1.0b3pre Thunderbird/3.1.16
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <4F732531.2030208@ericsson.com>
In-Reply-To: <4F732531.2030208@ericsson.com>
X-Enigmail-Version: 1.1.2
OpenPGP: id=5AF4B362
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 14:55:12 -0000

On 03/28/2012 10:50 AM, Magnus Westerlund wrote:
> WG,
>
> In todays RTCWEB WG meeting there was discussion around media security
> mechanism. In this meeting there was some clear consensus in the
> meeting which we would like to confirm on the list.
>
> The first was that there was overwhelming consensus that all RTP
> packets SHALL be protected by SRTP.
>
> Secondly that no one objected against making DTLS-SRTP a mandatory to
> implement and the default keying mechanism. Additional mechanisms are
> not precluded.
>
> WG participants may state their position regarding these consensus calls
> until 12th of April when the chairs will declare the final consensus. If
> you where present in the meeting room and comment on this, please
> indicate that.
>
> Best Regards
>
> Magnus Westerlund
> For the WG chairs
I already brought-up my concerns in the other thread, so I'll summarize
the core point I was making here.  Would using SRTP *require* a central
authority for establishing authenticity, or can authenticity be
established via a point-to-point means (e.g., how it's traditionally
done via SSH [i.e., upon first connection or via previous key exchange])?

This is about degrees of trust that the user is will to place upon
various methods, of course.  I am stating that the option should exist
for authenticity of an end point to be established outside of a central
authority (e.g., key exchange via other means).

v2.23.0 | Report a Bug | By Email