Re: [rtcweb] Let's define the purpose of WebRTC

"Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com> Wed, 09 November 2011 13:19 UTC

Return-Path: <mperumal@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB2E121F8C39 for <rtcweb@ietfa.amsl.com>; Wed, 9 Nov 2011 05:19:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.857
X-Spam-Level:
X-Spam-Status: No, score=-6.857 tagged_above=-999 required=5 tests=[AWL=-0.258, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MY482exEYRUy for <rtcweb@ietfa.amsl.com>; Wed, 9 Nov 2011 05:19:41 -0800 (PST)
Received: from ams-iport-4.cisco.com (ams-iport-4.cisco.com [144.254.224.147]) by ietfa.amsl.com (Postfix) with ESMTP id B95CD21F8C0F for <rtcweb@ietf.org>; Wed, 9 Nov 2011 05:19:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=mperumal@cisco.com; l=1856; q=dns/txt; s=iport; t=1320844780; x=1322054380; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=rx+E5b4TRGstctrpiRjddCbYCyM6qKcG642GCxH87T0=; b=Px5Mws9vA+kv8N7gMYIOpy43poXkdmGNpAkBbfqM7AVdIwaLfVY+eKIS LxZFCube6Z0wLHdPab/G4FvObk31ZCQb5h1p6YXpta45770rf9usGEOkI /VKHNbKOJcB0C0iTbviQ25sOT6yEimHx3TyZrTFPvgoUS9GhhDfW8aaLg M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvIAAMN9uk5Io8US/2dsb2JhbABCmiePdoEFgXIBAQEEEgEdSQwEAgEIEQQBAQsGFwEGAUUJCAEBBAsICBqhDgGfIIkcYwSHWy+RWYw8
X-IronPort-AV: E=Sophos;i="4.69,484,1315180800"; d="scan'208";a="2724700"
Received: from bgl-core-3.cisco.com ([72.163.197.18]) by ams-iport-4.cisco.com with ESMTP; 09 Nov 2011 13:19:38 +0000
Received: from xbh-bgl-412.cisco.com (xbh-bgl-412.cisco.com [72.163.129.202]) by bgl-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id pA9DJb8s015859; Wed, 9 Nov 2011 13:19:37 GMT
Received: from xmb-bgl-414.cisco.com ([72.163.129.210]) by xbh-bgl-412.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 9 Nov 2011 18:49:37 +0530
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 9 Nov 2011 18:49:35 +0530
Message-ID: <1D062974A4845E4D8A343C653804920206D3BA43@XMB-BGL-414.cisco.com>
In-Reply-To: <34771C19-DD51-46B4-97ED-703A93F7329E@edvina.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [rtcweb] Let's define the purpose of WebRTC
Thread-Index: Acye0hYRvbMSpMtNRp+JNi/6bl4HrgADtrWQ
References: <CALiegfkVNVAs_MyU_-4koA4zRwSn1-FwLjY9g_oZVkhi9rSK5Q@mail.gmail.com> <8A61D801-D14D-408B-9875-63C37D0CC166@acmepacket.com> <CABw3bnPE=OY_h5bM7GA6wgrXiOBL8P4J0kw1jLv-GSpHAbg=Cg@mail.gmail.com> <CABcZeBNqdkh8u=gwOvKfDCQA7rXdAyQkfaM1r2Sx10787btP6A@mail.gmail.com> <B10FEFF6-0ADC-4DB1-83BB-50A11C65EC35@acmepacket.com> <CABcZeBNSXtim_VqzqAd8Z-u4zWSjaYmsVZPN=7sDYkJsgtRAHA@mail.gmail.com> <4EB7E6A5.70209@alvestrand.no> <F8003BA9-BCD8-4F02-B514-8B883FF90F91@acmepacket.com> <387F9047F55E8C42850AD6B3A7A03C6C01349D81@inba-mail01.sonusnet.com> <845C03B2-1975-4145-8F52-8CEC9E360AF3@edvina.net> <5454E693-5C34-4C77-BA07-2A9EE9EE4AFD@cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C01349FFE@inba-mail01.sonusnet.com> <1D062974A4845E4D8A343C653804920206D3B7FD@XMB-BGL-414.cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C0134A105@inba-mail01.sonusnet.com> <1F2A2C70609D9E41844A2126145FC09804691DA2@HKGMBOXPRD22.polycom.com> <CALiegfmf59jb4asUu9LA6YY_aMtKEnM1Wy34KbuLEn3_h1xBXA@mail.gmail.com> <1D0 62974A4 845E4D8A343C 653804920206D3B9C1@XMB-BGL-414.cisco.com> <34771C19-DD51-46B4-97ED-703A93F7329E@edvina.net>
From: "Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com>
To: "Olle E. Johansson" <oej@edvina.net>
X-OriginalArrivalTime: 09 Nov 2011 13:19:37.0479 (UTC) FILETIME=[3AE51170:01CC9EE2]
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Let's define the purpose of WebRTC
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Nov 2011 13:19:45 -0000

|That opens up for downgrade attacks and put a lot 
|of trust on the web browser UI to show what happens
|and on the users to understand what the web browser 
|UA is trying to tell them.

It isn't an attack per se (since a malicious JS no control over it), rather a choice we would have to make whether or not to allow insecure calling to non-WebRTC clients. Yes, it adds some burden on the UI, but could be as simple as a red cross you see on https URL when the browser detects either high-risk insecure content on the page or problems with the site's certificate.

Muthu

|-----Original Message-----
|From: Olle E. Johansson [mailto:oej@edvina.net]
|Sent: Wednesday, November 09, 2011 4:54 PM
|To: Muthu Arul Mozhi Perumal (mperumal)
|Cc: Iñaki Baz Castillo; Avasarala, Ranjit; Ravindran Parthasarathi; Cullen Jennings (fluffy);
|rtcweb@ietf.org
|Subject: Re: [rtcweb] Let's define the purpose of WebRTC
|
|
|9 nov 2011 kl. 11:57 skrev Muthu Arul Mozhi Perumal (mperumal):
|
|> |The "application" is untrusted by nature, and we don't want
|> |to make the end-user to decide whether to trust it or not.
|> |Explained many times in this maillist.
|>
|> I am thinking we could burn SRTP into the browser such that the decision of whether or not to use
|SRTP vests solely with the browser. If a WebRTC browser is exchanging media with another WebRTC
|browser they always do SRTP/SRTCP. If either side isn't WebRTC compliant they end up with RTP/RTCP.
|This way we don't need to trust the JS, instead trust only the browser. We can also interoperate with
|legacy devices without taxing them.
|
|That opens up for downgrade attacks and put a lot of trust on the web browser UI to show what happens
|and on the users to understand what the web browser UA is trying to tell them.
|
|/O