IETF Logo Mail Archive

Re: [rtcweb] Retransmit: Summary of Alternatives for media keying

Hadriel Kaplan <HKaplan@acmepacket.com> Thu, 28 July 2011 15:13 UTC

Return-Path: <HKaplan@acmepacket.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C3FB21F873D for <rtcweb@ietfa.amsl.com>; Thu, 28 Jul 2011 08:13:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.483
X-Spam-Level:
X-Spam-Status: No, score=-2.483 tagged_above=-999 required=5 tests=[AWL=0.116, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I5H5kP87XzQU for <rtcweb@ietfa.amsl.com>; Thu, 28 Jul 2011 08:13:55 -0700 (PDT)
Received: from ETMail2.acmepacket.com (etmail2.acmepacket.com [216.41.24.9]) by ietfa.amsl.com (Postfix) with ESMTP id 7367A21F8C75 for <rtcweb@ietf.org>; Thu, 28 Jul 2011 08:13:55 -0700 (PDT)
Received: from mail.acmepacket.com (216.41.24.7) by ETMail2.acmepacket.com (216.41.24.9) with Microsoft SMTP Server (TLS) id 8.1.240.5; Thu, 28 Jul 2011 11:10:49 -0400
Received: from mailbox1.acmepacket.com ([216.41.24.12]) by mail ([127.0.0.1]) with mapi; Thu, 28 Jul 2011 11:13:54 -0400
From: Hadriel Kaplan <HKaplan@acmepacket.com>
To: Matthew Kaufman <matthew.kaufman@skype.net>
Date: Thu, 28 Jul 2011 11:13:53 -0400
Thread-Topic: [rtcweb] Retransmit: Summary of Alternatives for media keying
Thread-Index: AcxNOPbmkhEDoRpNSYuByH2zbrOCng==
Message-ID: <E1963869-9E21-4F1F-AB4A-E5D070CCA581@acmepacket.com>
References: <12BF9E55-662F-4762-9E47-2BBD3FA5FD93@acmepacket.com> <A444A0F8084434499206E78C106220CA08F1D75CF0@MCHP058A.global-ad.net> <2E6CBDE0-DA10-4792-8059-A01F554DB370@skype.net>
In-Reply-To: <2E6CBDE0-DA10-4792-8059-A01F554DB370@skype.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAgAAAUAAAAFU
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Retransmit: Summary of Alternatives for media keying
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jul 2011 15:13:56 -0000

On Jul 28, 2011, at 8:25 AM, Matthew Kaufman wrote:

>> Secondly, if interworking with legacy SIP, where DTLS-SRTP (or whatever we select) is terminated at a gateway, there is a real problem ensuring that the user knows the call is not necessarily secure end-to-end. Perhaps this argues towards option B, since if DTLS-SRTP is not used from browser to gateway, at least the browser should know to indicate a lesser level of security to the user.
> 
> If you are sitting in an Internet cafe using someone else's unencrypted wifi and a telephony service provider you trust would you rather 1) use DTLS-SRTP between you and the telephony provider and plain RTP past their gateway inside their internal network, or 2) use plain RTP on the wifi network and all the way to the telephony provider?

I would be perfectly happy with using sdes-based SRTP.  But if the call would otherwise fail altogether, I'd like the option to make the call no matter what (ie, even if it ends up being cleartext).

(And since you're sitting in an Internet cafe in hearing distance of everyone, any sense of privacy is gone anyway. ;)


> I agree that we can't display "this connection is secured everywhere" to the user... but look, HTTPS is the same. When I see a lock icon on my screen and click to see that yes, I'm really talking to who it says in the address bar, I still can't tell if they're terminating my HTTPS session in a front-end box and then using HTTP beyond it, or if the HTTPS really goes all the way to the server.

But the browser ties the identity of the name I typed in the address bar to the cert, so that if I typed "https://mybank.com", I know it's secure to mybank.com.  Of course it could be cleartext after whomever has a cert for mybank.com, and may even end up triggering protocols that exit mybank.com and go to evil.com, but I implicitly trust mybank.com to be careful with bank info.  That's not the same for DTLS-SRTP; until and unless the human being verifies the keys/SAS with the far end, nothing is known.  The DTLS-SRTP may only reach the NAT-router in the Internet Cafe, for example, be terminated by it and a separate DTLS-SRTP between it and the bank.  And if I'm talking to an IVR system (as one frequently does with banks), there is no human to verify the keys/SAS with.

-hadriel

v2.23.0 | Report a Bug | By Email