IETF Logo Mail Archive

Re: [rtcweb] SRTP not mandatory-to-use

Ted Hardie <ted.ietf@gmail.com> Thu, 12 January 2012 22:18 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAC8D11E80A3 for <rtcweb@ietfa.amsl.com>; Thu, 12 Jan 2012 14:18:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.382
X-Spam-Level:
X-Spam-Status: No, score=-3.382 tagged_above=-999 required=5 tests=[AWL=0.217, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m7Oc+J0k2BRE for <rtcweb@ietfa.amsl.com>; Thu, 12 Jan 2012 14:18:04 -0800 (PST)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id EA4C211E8073 for <rtcweb@ietf.org>; Thu, 12 Jan 2012 14:18:03 -0800 (PST)
Received: by ghbg2 with SMTP id g2so677956ghb.31 for <rtcweb@ietf.org>; Thu, 12 Jan 2012 14:18:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=Ac7ly69F6n8YhJ1Swq7esSvwcwyomEZr8sjGq+V5B44=; b=ldgJdItAf1jUS13+Y3R65jebDKO/C6w+dxx7oM0J4hBkecuWF46BQchl4PQgkTMFcG 1sxo/AT4HmcD2t+3sPA9OHRJwqUsy40yBaG+DuSgwUSIxO9Qw8e+I8qfH3GKPTM07mIy KdMon4W8QOjwKlMX/mJn84WaOZQ6aU9m20LV0=
MIME-Version: 1.0
Received: by 10.236.152.35 with SMTP id c23mr8507281yhk.58.1326406683467; Thu, 12 Jan 2012 14:18:03 -0800 (PST)
Received: by 10.236.116.165 with HTTP; Thu, 12 Jan 2012 14:18:03 -0800 (PST)
In-Reply-To: <A1B638D2082DEA4092A268AA8BEF294D193F92BE22@ESESSCMS0360.eemea.ericsson.se>
References: <CAErhfrwu322=HTS0JZhum9EGfb73KmYS6CU_KMESyzEWhtvg2w@mail.gmail.com> <BLU152-W1140980759D89AC3C1D0CA93940@phx.gbl> <CA+9kkMBdX7YT1tPj5M3VrzAPKa6tXNGZVvvhjW9V4oOEC7g_kA@mail.gmail.com> <CAOJ7v-1_qMoHBb3K7rV=hG9EadqL=xn4KEdG0zdWnKZU9_TipQ@mail.gmail.com> <4AEFFC17-EF17-40F2-B83B-0B0CC44AD2C3@cisco.com> <CAKhHsXEes+Lf+uKdTrjXoy+3PMy2uNumNL-W-0s4_xRXW6FiZg@mail.gmail.com> <4F0CAC8C.8010203@wonderhamster.org> <1D062974A4845E4D8A343C6538049202074ABD3A@XMB-BGL-414.cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCF907@inba-mail02.sonusnet.com> <CALiegfkejnU2rTe-FibUVxTrRS9SivkhGXB5eK+FhD8Vu6iTMA@mail.gmail.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCF9FC@inba-mail02.sonusnet.com> <CALiegfn07bS58B+4ZyzRTnO4LCpw1e96dnqpSM+TT1y3QG2Zwg@mail.gmail.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCFBC1@inba-mail02.sonusnet.com> <CAOJ7v-20+yL7r+_ODx_czHTiujXZZWESaZRB7MQjhvScg3RFtw@mail.gmail.com> <4F0DFD0B.2000009@jesup.org> <4F0E125D.8000605@jesup.org> <A1B638D2082DEA4092A268AA8BEF294D193F92BE22@ESESSCMS0360.eemea.ericsson.se>
Date: Thu, 12 Jan 2012 14:18:03 -0800
Message-ID: <CA+9kkMBXGADTxU+n=kvPB3jCbqvhZN2ZV9FsNkZLzpcsDnrKPg@mail.gmail.com>
From: Ted Hardie <ted.ietf@gmail.com>
To: Oscar Ohlsson <oscar.ohlsson@ericsson.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: Randell Jesup <randell-ietf@jesup.org>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] SRTP not mandatory-to-use
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jan 2012 22:18:05 -0000

On Thu, Jan 12, 2012 at 1:42 PM, Oscar Ohlsson
<oscar.ohlsson@ericsson.com> wrote:
>
>
>
> There are a number of reasons why key continuity doesn't work in a web context. EKR mention the problem of multiple browsers but there are other issues as well (e.g., public key not bound to an id, an increasing amount of public keys stored over time, anonymous users with one time public keys, etc). It is therefore unlikely that the user will react if the peer's fingerprint is replaced by the web application.
>
> The new identity mechanism doesn't help eiter unless it is made mandatory to use. In the same way as the web application can downgrade from DTLS-SRTP to SDES it can downgrade from DTLS-SRTP+identity to plain DTLS-SRTP. I doubt that the identity mechanism can be made mandatory since:
>

I think this points out something I had assumed, but not be
well-stated anywhere:  that any identity associations are stored
outside the javascript applications.  My mental model for that had
been the "known_hosts" file you find in .ssh directories in unix
systems; I had imagined that a browser or an OS would store the
associations.  That doesn't give you great guarantees about identity,
but it does give you reasonable guarantees about persistence of
identity.  To put this another way, with this, I think the bid-down
attack is really effective only the first time the association is
created.

There is always the UI problem of how to notify folks when the
association cannot be validated by the stored data, but I think that's
a separate problem.

Had you not assumed that, or are you drawing different conclusions of
the result of its availablity?

Ted

v2.23.0 | Report a Bug | By Email