Re: [rtcweb] Consensus call regarding media security

"Ravindran, Parthasarathi" <> Sat, 31 March 2012 10:06 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B278521F86CF for <>; Sat, 31 Mar 2012 03:06:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.112
X-Spam-Status: No, score=-5.112 tagged_above=-999 required=5 tests=[AWL=1.187, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id h34Ni5bTb2bn for <>; Sat, 31 Mar 2012 03:06:38 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 5877921F86C1 for <>; Sat, 31 Mar 2012 03:06:38 -0700 (PDT)
Received: from ([]) (using TLSv1) by ([]) with SMTP ID DSNKT3bXLV2IjkwCLMMzbS4txGg0kbM/; Sat, 31 Mar 2012 03:06:38 PDT
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Sat, 31 Mar 2012 06:06:59 -0400
Received: from ([fe80::8d0f:e4f9:a74f:3daf]) by ([fe80::80b9:dc60:caf7:7dfc%11]) with mapi id 14.01.0355.002; Sat, 31 Mar 2012 15:36:33 +0530
From: "Ravindran, Parthasarathi" <>
To: =?utf-8?B?ScOxYWtpIEJheiBDYXN0aWxsbw==?= <>
Thread-Topic: [rtcweb] Consensus call regarding media security
Thread-Index: AQHNDPJEz8d54ZuGqkmrgP2aJufnWZaBgBgw//+tvoCAAwF88A==
Date: Sat, 31 Mar 2012 10:06:56 +0000
Message-ID: <>
References: <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: "" <>
Subject: Re: [rtcweb] Consensus call regarding media security
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 31 Mar 2012 10:06:40 -0000


I agree with your argument of allowing HTTP as it fit with this trust model. 

Please note that I request for plain RTP with user consent (configuration) as it will fit within trust model with exception. I'm saying that SRTP-DTLS is the only mechanism which meets all the requirement as of now in the listed candidates. Having said that, in case anybody convince for changing the trust model then SDES shall be considered or SDES may be preferred over SRTP-DTLS. IMO, trust model should help for selecting security key mechanism.

I'll reply to another thread separately.


>-----Original Message-----
>From: Iñaki Baz Castillo []
>Sent: Thursday, March 29, 2012 11:03 PM
>To: Ravindran, Parthasarathi
>Subject: Re: [rtcweb] Consensus call regarding media security
>2012/3/29 Ravindran, Parthasarathi <>:
>> WebRTC trust model has to be considered as one of the main factor for
>deciding the key mechanism. AFAIK, SDES does not fit into WebRTC as
>Dr.Evil HTTPS RTCWeb server must be trusted in case of SDES. There is no
>means to track or analyze whether Dr.Evil involves in monitoring or
>recording or terminate the media traffic.  It will be good in case
>whoever advocate for SDES explain how SDES fits within WebRTC trust
>If Dr. Evil attaks my back webpage and owns it, and then I visit it
>(HTTPS with valid certificate) and enter my back credentials... for me
>that is much worse than the case you describe. Should we drop HTTPS then
>because it does not fit 100% "security" requirements?
>BTW: previously you wanted to allow plain RTP in WebRTC... and now DTLS-
>SRTP is the only valid solution? :)
>Iñaki Baz Castillo