Re: [rtcweb] Use Case draft - Eavesdropping.
Eric Rescorla <ekr@rtfm.com> Tue, 01 May 2012 14:05 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91F0321E8384 for <rtcweb@ietfa.amsl.com>; Tue, 1 May 2012 07:05:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.977
X-Spam-Level:
X-Spam-Status: No, score=-102.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MRhCJ6ifbbfv for <rtcweb@ietfa.amsl.com>; Tue, 1 May 2012 07:05:41 -0700 (PDT)
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id EDEE621E835A for <rtcweb@ietf.org>; Tue, 1 May 2012 07:05:40 -0700 (PDT)
Received: by vbbez10 with SMTP id ez10so3236660vbb.31 for <rtcweb@ietf.org>; Tue, 01 May 2012 07:05:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding :x-gm-message-state; bh=Pb8OYFF5S0Feqe1blQ9N/piZFHBiwuVR6CPDGmvrFz4=; b=fyIJmO4r08t6AKN9e7JSxlqJg32pcm14UiuESssov9xRHONvJj2ZDYA80PugwOAU3X Bigyw9uetBI+artZBwXHsaWNOPmfwO4P5iKGJ/nXP4ks1GDUN1DrZXb39Iv4xaEEEanx ThDGMxIxa6nD4n/Ype51DWHUxSf5sML7+TftYV9Y4N5rGMv+3ulzm6222PJ7HXj9mwOx GcxisPiygYUpTpbP9QY1R8vgxvRcFp1Ua5ZslUrbt3yYUjTaGGdUCmcwZuYZaT915WWR 739w7845ZzDDYvaKBXN7PEXZG7AD7fsbwuHp03SM8mIAq90R20NR9iCs98B/UIV613d4 lpjQ==
Received: by 10.220.150.12 with SMTP id w12mr24952001vcv.39.1335881140479; Tue, 01 May 2012 07:05:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.19.233 with HTTP; Tue, 1 May 2012 07:05:00 -0700 (PDT)
X-Originating-IP: [128.107.46.83]
In-Reply-To: <101C6067BEC68246B0C3F6843BCCC1E312992828BD@MCHP058A.global-ad.net>
References: <CA+9kkMCYArLPRP3c00UdOja64WRT6ghN0PSy7XvM_wbxBBB+vA@mail.gmail.com> <101C6067BEC68246B0C3F6843BCCC1E312992828BD@MCHP058A.global-ad.net>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 01 May 2012 07:05:00 -0700
Message-ID: <CABcZeBPhv+=dPfy2rNOMoBFwp5e9Fzba+d8KAiJY5QsPcB-Auw@mail.gmail.com>
To: "Hutton, Andrew" <andrew.hutton@siemens-enterprise.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQmPlIdkFiUpXk8upCXiidt4p6GjpOFD7zbA2pSbodiPUus9EN7jbCrVsoJZQ/Ybko6cDf5O
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Use Case draft - Eavesdropping.
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 May 2012 14:05:41 -0000
On Tue, May 1, 2012 at 6:14 AM, Hutton, Andrew <andrew.hutton@siemens-enterprise.com> wrote: > Hi, > > A number of use cases within Draft-ietf-rtcweb-use-cases-and-requirements-07 contain the statement "It is essential that the communication cannot be eavesdropped" however there is no definition of what is actually meant by "eavesdropped" although I think we all have an idea of what it means. > > Maybe it would be better to replace these statements with something that refers to wiretapping and RFC 2804 (RAVEN) which actually has a definition of wiretapping. This seems like it's creeping into the security requirements question. Rather than try to make the use cases document more precise, I'd prefer to have those statements be in draft-ietf-rtcweb-security, which actually has (or at least is intended to) have fairly precise descriptions of what the relevant security properties are. -Ekr
- Re: [rtcweb] Use Case draft Timothy B. Terriberry
- [rtcweb] Use Case draft Ted Hardie
- Re: [rtcweb] Use Case draft Jim Barnett
- Re: [rtcweb] Use Case draft Bernard Aboba
- Re: [rtcweb] Use Case draft Ravindran, Parthasarathi
- Re: [rtcweb] Use Case draft Tim Panton
- Re: [rtcweb] Use Case draft Ravindran, Parthasarathi
- Re: [rtcweb] Use Case draft (privacy) Fabio Pietrosanti (naif)
- Re: [rtcweb] Use Case draft (privacy) Ravindran, Parthasarathi
- Re: [rtcweb] Use Case draft (privacy) Hutton, Andrew
- Re: [rtcweb] Use Case draft Stefan Hakansson LK
- Re: [rtcweb] Use Case draft Jim Barnett
- Re: [rtcweb] Use Case draft Tim Panton
- Re: [rtcweb] Use Case draft Igor Faynberg
- Re: [rtcweb] Use Case draft Hutton, Andrew
- Re: [rtcweb] Use Case draft Randell Jesup
- Re: [rtcweb] Use Case draft Randell Jesup
- Re: [rtcweb] Use Case draft Stephan Wenger
- Re: [rtcweb] Use Case draft Randell Jesup
- Re: [rtcweb] Use Case draft Marshall Eubanks
- Re: [rtcweb] Use Case draft Stefan Hakansson LK
- Re: [rtcweb] Use Case draft Tim Panton
- Re: [rtcweb] Use Case draft Jim Barnett
- Re: [rtcweb] Use Case draft Jim Barnett
- Re: [rtcweb] Use Case draft - Eavesdropping. Stefan Hakansson LK
- Re: [rtcweb] Use Case draft Marshall Eubanks
- Re: [rtcweb] Use Case draft - Eavesdropping. Hutton, Andrew
- Re: [rtcweb] Use Case draft - Eavesdropping. Fabio Pietrosanti (naif)
- Re: [rtcweb] Use Case draft - Eavesdropping. Eric Rescorla
- Re: [rtcweb] Use Case draft - Eavesdropping. Cavigioli, Chris
- Re: [rtcweb] Use Case draft - Eavesdropping. Marshall Eubanks
- Re: [rtcweb] Use Case draft Randell Jesup
- Re: [rtcweb] Use Case draft - Eavesdropping. Randell Jesup
- Re: [rtcweb] Use Case draft Stefan Hakansson LK
- Re: [rtcweb] Use Case draft Ravindran, Parthasarathi
- Re: [rtcweb] Use Case draft - Eavesdropping. Harald Alvestrand
- Re: [rtcweb] Use Case draft Stefan Hakansson LK
- Re: [rtcweb] Use Case draft Jim Barnett
- Re: [rtcweb] Use Case draft Stefan Hakansson LK
- Re: [rtcweb] Use Case draft Igor Faynberg
- [rtcweb] interworking with non-WEBRTC endpoints [… Dan Wing
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Iñaki Baz Castillo
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Marshall Eubanks
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Lorenzo Miniero
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Mary Barnes
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Marshall Eubanks
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Fabio Pietrosanti (naif)
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Dan Wing
- Re: [rtcweb] Use Case draft Ravindran, Parthasarathi
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Ravindran, Parthasarathi
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Harald Alvestrand
- Re: [rtcweb] Use Case draft Harald Alvestrand
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Fabio Pietrosanti (naif)
- Re: [rtcweb] Use Case draft Ravindran, Parthasarathi
- Re: [rtcweb] Use Case draft Harald Alvestrand
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] Use Case draft Jim Barnett
- Re: [rtcweb] Use Case draft Stefan Hakansson LK
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Bernard Aboba
- Re: [rtcweb] Use Case draft Jim Barnett
- Re: [rtcweb] Use Case draft - legacy interop Harald Alvestrand
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Neil Stratford
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Iñaki Baz Castillo
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Christer Holmberg
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Iñaki Baz Castillo
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Richard Shockey
- Re: [rtcweb] interworking with non-WEBRTC endpoin… Xavier Marjou
- Re: [rtcweb] Use Case draft - legacy interop Bernard Aboba
- Re: [rtcweb] Use Case draft - legacy interop Iñaki Baz Castillo
- Re: [rtcweb] Use Case draft - legacy interop Dan Wing
- Re: [rtcweb] Use Case draft - legacy interop Iñaki Baz Castillo
- Re: [rtcweb] Use Case draft - legacy interop Bernard Aboba
- Re: [rtcweb] Use Case draft - legacy interop Dan Wing
- Re: [rtcweb] Use Case draft - legacy interop Harald Alvestrand
- [rtcweb] Consent freshness and message-integrity … Harald Alvestrand
- Re: [rtcweb] Consent freshness and message-integr… Dan Wing
- Re: [rtcweb] Consent freshness and message-integr… Harald Alvestrand