[rtcweb] Which servers to trust (Re: Consensus call regarding media security)

Harald Alvestrand <harald@alvestrand.no> Tue, 03 April 2012 10:10 UTC

Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 557FC21F871C for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 03:10:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id N5S6F7r+ITer for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 03:10:35 -0700 (PDT)
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no []) by ietfa.amsl.com (Postfix) with ESMTP id 6CCFA21F871A for <rtcweb@ietf.org>; Tue, 3 Apr 2012 03:10:30 -0700 (PDT)
Received: from localhost (localhost []) by eikenes.alvestrand.no (Postfix) with ESMTP id 78F5D39E173 for <rtcweb@ietf.org>; Tue, 3 Apr 2012 12:10:29 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at eikenes.alvestrand.no
Received: from eikenes.alvestrand.no ([]) by localhost (eikenes.alvestrand.no []) (amavisd-new, port 10024) with ESMTP id MMnxKAEdLJG3 for <rtcweb@ietf.org>; Tue, 3 Apr 2012 12:10:28 +0200 (CEST)
Received: from [] (unknown []) by eikenes.alvestrand.no (Postfix) with ESMTPSA id C962F39E146 for <rtcweb@ietf.org>; Tue, 3 Apr 2012 12:10:28 +0200 (CEST)
Message-ID: <4F7ACC96.90206@alvestrand.no>
Date: Tue, 03 Apr 2012 12:10:30 +0200
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20120313 Thunderbird/3.1.20
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <4F732531.2030208@ericsson.com> <387F9047F55E8C42850AD6B3A7A03C6C0E221877@inba-mail01.sonusnet.com> <4F749C82.4070305@infosecurity.ch>
In-Reply-To: <4F749C82.4070305@infosecurity.ch>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [rtcweb] Which servers to trust (Re: Consensus call regarding media security)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 10:10:36 -0000

Changing the subject, since this message is not a position on the 
consensus call.

On 03/29/2012 07:31 PM, Fabio Pietrosanti (naif) wrote:
> On 3/29/12 7:02 PM, Ravindran, Parthasarathi wrote:
>> WebRTC trust model has to be considered as one of the main factor for deciding the key mechanism. AFAIK, SDES does not fit into WebRTC as Dr.Evil HTTPS RTCWeb server must be trusted in case of SDES. There is no means to track or analyze whether Dr.Evil involves in monitoring or recording or terminate the media traffic.  It will be good in case whoever advocate for SDES explain how SDES fits within WebRTC trust model.
> Sure!
> From:
> http://datatracker.ietf.org/doc/draft-ietf-rtcweb-security-arch/?include_text=1
> "   The basic assumption of this architecture is that network resources
>     exist in a hierarchy of trust, rooted in the browser, which serves as
>     the user's TRUSTED COMPUTING BASE (TCB).  Any security property which
>     the user wishes to have enforced must be ultimately guaranteed by the
>     browser (or transitively by some property the browser verifies)."
> So, it means that if the browser already have a hierarchy of trust to
> use TLS for HTTPS, then SDES-SRTP will inherit the trust-properties of
> the HTTPS website from which it's loaded.
Ahem.... SDES-SRTP will "inherit" the property that as long as the HTTPS 
trust chain is intact, only attacks where the HTTPS website, or entities 
that the HTTPS website chooses to reveal the key to (voluntarily or 
involuntarily) can listen in on the call.

(The plenary at the IETF made interesting background for this claim.)
> It seems to me quite easy to fit SDES-SRTP into the browser model, as it
> allow you to assure that the communication path between the client and
> the server is secure.
> Do you expect WebRTC to be only peer-to-peer/client-to-client?
> I sincerly expect *a lot* of communications to goes trough SIP/RTP media
> proxy for security purpose, for billing purposes, for value added
> service purpose.
In the cases where a gateway needs to decrypt the packets, the gateway 
is the logical peer with the browser in the (DTLS-)SRTP trust relationship.
> SDES-SRTP provide a very reliable and simple way to let a WebRTC peer to
> establish security with the server, assuming that it already have
> established security trough HTTPS/TLS that's a consolidate trust method.
The term "the server" is a fallacy. The Web server and the media gateway 
(if there is one) are likely not the same server, and may even be 
operated by different entities.
SDES-SRTP forces you to trust both.