Re: [rtcweb] Asking TLS for help with media isolation

Watson Ladd <watsonbladd@gmail.com> Fri, 04 April 2014 03:25 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4B8C1A008D for <rtcweb@ietfa.amsl.com>; Thu, 3 Apr 2014 20:25:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fALUo4FCHJXg for <rtcweb@ietfa.amsl.com>; Thu, 3 Apr 2014 20:25:26 -0700 (PDT)
Received: from mail-yh0-x236.google.com (mail-yh0-x236.google.com [IPv6:2607:f8b0:4002:c01::236]) by ietfa.amsl.com (Postfix) with ESMTP id CCCD21A03E8 for <rtcweb@ietf.org>; Thu, 3 Apr 2014 20:25:25 -0700 (PDT)
Received: by mail-yh0-f54.google.com with SMTP id f73so2614661yha.13 for <rtcweb@ietf.org>; Thu, 03 Apr 2014 20:25:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=yOWA897ANrOwB/8WK1trsFoM07deXiM1fAuXqKlJlS0=; b=J3GTmk7BptIN+6YyV0gghq9OCbYD3Bgl/DL22kBEWQj6mXvJ+N8J267nZ50RwwVTnA hw19UTAQMI2gu2CpL7taXWkwj9D/jof9kJb0in8g0WRuA48ylJDK9gGWKrgKZhhSeNZk FYVIkmWDRk5dHzVOVlgynB+j+WvMQMK/eLYexIYZBR38eCb2cIvDg090DxuTK9ELqTcY kLJhf/eHs9aYcqOWdhF3890dYmIN2Zd7g7Tn4rpskqIW4es+J7M2SUhcSYG5WmiGp3/q LMTeWF1utbdHQD1gziRj+TEGuTjlPLffCkQrxUj8aJmg6upW3O3MhY7/z5dm2JbrMl6b gQkA==
MIME-Version: 1.0
X-Received: by 10.236.148.143 with SMTP id v15mr13488608yhj.58.1396581921385; Thu, 03 Apr 2014 20:25:21 -0700 (PDT)
Received: by 10.170.63.197 with HTTP; Thu, 3 Apr 2014 20:25:21 -0700 (PDT)
In-Reply-To: <4D1601F5-27FA-441C-9EE8-4069D14B2351@gmail.com>
References: <CABkgnnWWuU63Vd=gw+wrh2ADgVYtQzhoRzRE1sv5azJE=MhWDg@mail.gmail.com> <CACsn0cmX55Eewak8GBxBbSFF3v7tRTVqRt0eLwkR2-Tk_V7gHA@mail.gmail.com> <CAOW+2dtKq4S68rNJAKbKbwMEnuD8rMbW4K_LfcjPBg5ps22BGw@mail.gmail.com> <CACsn0cnJcwjcn8GV1bv4z3=b6RTXKQ1X02Sj6ec-jNmrO9G=bg@mail.gmail.com> <4D1601F5-27FA-441C-9EE8-4069D14B2351@gmail.com>
Date: Thu, 3 Apr 2014 20:25:21 -0700
Message-ID: <CACsn0cmNwK92sK6bb4e30YkKhDpnHGSX4JKPnPrLugE7w=GYkg@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Bernard Aboba <bernard.aboba@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/ANhaudluUsoYq1LHWuxYtTEKPjU
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Asking TLS for help with media isolation
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 03:25:33 -0000

On Thu, Apr 3, 2014 at 8:21 PM, Bernard Aboba <bernard.aboba@gmail.com> wrote:
>
>
>> On Apr 3, 2014, at 19:49, Watson Ladd <watsonbladd@gmail.com> wrote:
>>
>> I don't see why the isolation status cannot be included as an
>> extension to SRTP. You aren't asking TLS to make extensions for video
>> resolution and codec after all.
>
> [BA] The isolation request could be carried in an RTP header extension until, for example, a RR was obtained by the sender confirming it was received.  However, RTP extensions are optional and the sender wouldn't have confirmation from the receiver via the media plane that the isolation request was honored. So the TLS approach provides better semantics.

I feel this isn't worth changing TLS for, because you don't change
transports for each application because the application didn't do it
right the first time. But we have ALPN, so maybe a tag on that could
work. The right fix IMHO, is clearly to fix RTP to send this data and
keep the transport layer clean.

Sincerely,
Watson Ladd