[rtcweb] Which hashes are valid for the fingerprint attribute?

Iñaki Baz Castillo <ibc@aliax.net> Fri, 11 July 2014 12:26 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 040EA1B2891 for <rtcweb@ietfa.amsl.com>; Fri, 11 Jul 2014 05:26:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.678
X-Spam-Status: No, score=-1.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id hmD2ZGQ8D00D for <rtcweb@ietfa.amsl.com>; Fri, 11 Jul 2014 05:26:44 -0700 (PDT)
Received: from mail-qa0-f41.google.com (mail-qa0-f41.google.com []) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE6E31B288F for <rtcweb@ietf.org>; Fri, 11 Jul 2014 05:26:44 -0700 (PDT)
Received: by mail-qa0-f41.google.com with SMTP id j7so146003qaq.14 for <rtcweb@ietf.org>; Fri, 11 Jul 2014 05:26:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=1jZhYCe8agV/LrmFoN8f5ofhBhJtwKGatg9UiIudwiI=; b=EOpgOPFc9nHdC4wzRop2sSVUtRxr6b+87SBoK0LMIIX9uE1iekt1DTFFj/AoR9CPYY RjDt0zn/G1gy3kj0Ig4avIuMszwPcrAZjzWHla0G0ON0+KIWwLybhaeRfEUj9FdPXmpi sAMndr3mKgEbKd3kRurqgeC+DekWcZgxjdBlUqm8x7LrwbCGwz+qWRY1XZtLJOL+LitB 5vn2i4v0e6WDNdF5ahFjsAd1FJKTHI/OrG2YNa7v+KmGV4kfZvvo42AyNUi4Q4Jt5+T5 TLIkNBOATh+S1CR5i5vggKfHDrAqurYuNVgYmFwFZw5QiUK2hk2C4xT3QbEITMkIueXs ckuw==
X-Gm-Message-State: ALoCoQlJOETg8z7Jm2025KSWcDOICnhDY112L8lkCP17BQdWz29c+MYxDo+DPLpzN746JBLkGEKX
X-Received: by with SMTP id k52mr85844747qgk.13.1405081603940; Fri, 11 Jul 2014 05:26:43 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Fri, 11 Jul 2014 05:26:23 -0700 (PDT)
From: =?UTF-8?Q?I=C3=B1aki_Baz_Castillo?= <ibc@aliax.net>
Date: Fri, 11 Jul 2014 14:26:23 +0200
Message-ID: <CALiegfmwrik8TMb2J=33WzR1mc+X1usq2vVBZW=u-PbX17sdaw@mail.gmail.com>
To: "rtcweb@ietf.org" <rtcweb@ietf.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/GslHXUKxjCRoxf3IfFbRL1isI3E
Subject: [rtcweb] Which hashes are valid for the fingerprint attribute?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jul 2014 12:26:46 -0000


Hi, RFC 5763 and RFC 5764 (DTLS-SRTP) do not mandate a specific hash
for the fingerprint attribute in the SDP. RFC 5763 refers to RFC 4572
"Connection-Oriented Media Transport over TLS in SDP”. Its section 5
clearly opens the door to multiple hash functions:

   hash-func    =  "sha-1" / "sha-224" / "sha-256" /
                         "sha-384" / "sha-512" /
                         "md5" / "md2" / token
                         ; Additional hash functions can only come
                         ; from updates to RFC 3279

I'm pretty sure that WebRTC implementations are not ready for all
those hash functions. Is there any WebRTC related draft constraining
the hash functions that can be used?

Thanks a lot.

PS: Not sure if this question should be placed here or in public-webrtc ML.

Iñaki Baz Castillo