Re: [rtcweb] Consensus call regarding media security

Magnus Westerlund <magnus.westerlund@ericsson.com> Thu, 29 March 2012 12:35 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDC9921F8AD2 for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 05:35:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -108.114
X-Spam-Level:
X-Spam-Status: No, score=-108.114 tagged_above=-999 required=5 tests=[AWL=-1.865, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NfGNOR5VTmys for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 05:35:41 -0700 (PDT)
Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id EDFAD21F8AD1 for <rtcweb@ietf.org>; Thu, 29 Mar 2012 05:35:40 -0700 (PDT)
X-AuditID: c1b4fb2d-b7b76ae0000063d8-c6-4f74571bd0e0
Received: from esessmw0184.eemea.ericsson.se (Unknown_Domain [153.88.253.124]) (using TLS with cipher AES128-SHA (AES128-SHA/128 bits)) (Client did not present a certificate) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id 43.11.25560.B17547F4; Thu, 29 Mar 2012 14:35:39 +0200 (CEST)
Received: from [127.0.0.1] (153.88.115.8) by esessmw0184.eemea.ericsson.se (153.88.115.82) with Microsoft SMTP Server id 8.3.213.0; Thu, 29 Mar 2012 14:35:39 +0200
Message-ID: <4F745719.5090709@ericsson.com>
Date: Thu, 29 Mar 2012 14:35:37 +0200
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:11.0) Gecko/20120312 Thunderbird/11.0
MIME-Version: 1.0
To: Bernard Aboba <bernard_aboba@hotmail.com>
References: <4F732531.2030208@ericsson.com> <BLU169-W80FA8377288974CAF4716F93480@phx.gbl>
In-Reply-To: <BLU169-W80FA8377288974CAF4716F93480@phx.gbl>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: AAAAAA==
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 12:35:41 -0000

On 2012-03-29 08:02, Bernard Aboba wrote:
> I agree with proposition #1 (SRTP) unconditionally.
> 
> With respect to proposition #2 (DTLS-SRTP), perhaps the words "with
> details to be worked out" should have been added. 
> 
> I believe that the consensus achieved was only on a general direction,
> not an endorsement of particular proposals.
> 
> Personally, I would like to have more specifics about the required
> features of DTLS-SRTP in the RTCWEB context.

I hope someone that knows the details can elaborate on this. I thought
DTLS-SRTP has a core that you will need to implement. Then there is
clearly a question of crypto algorithms to be supported. But that also
applies to SRTP where we also need to select which crypto suites that
are to be implemented if any in addtion to the MITM. The WG will need to
select these details as part of the next steps.

Cheers

Magnus Westerlund

----------------------------------------------------------------------
Multimedia Technologies, Ericsson Research EAB/TVM
----------------------------------------------------------------------
Ericsson AB                | Phone  +46 10 7148287
Färögatan 6                | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
----------------------------------------------------------------------