Re: [rtcweb] SRTP requirement - wiretapping (Re: Let's define the purpose of WebRTC)

"Ravindran, Parthasarathi" <pravindran@sonusnet.com> Thu, 10 November 2011 05:19 UTC

Return-Path: <pravindran@sonusnet.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FCB921F87C2 for <rtcweb@ietfa.amsl.com>; Wed, 9 Nov 2011 21:19:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.62
X-Spam-Level:
X-Spam-Status: No, score=-2.62 tagged_above=-999 required=5 tests=[AWL=-0.021, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NGIEjF3ALh9S for <rtcweb@ietfa.amsl.com>; Wed, 9 Nov 2011 21:19:20 -0800 (PST)
Received: from mail-ma01.sonusnet.com (sonussf2.sonusnet.com [208.45.178.27]) by ietfa.amsl.com (Postfix) with ESMTP id 5B1B721F8797 for <rtcweb@ietf.org>; Wed, 9 Nov 2011 21:19:20 -0800 (PST)
Received: from sonusmail05.sonusnet.com (sonusmail05.sonusnet.com [10.128.32.155]) by sonuspps2.sonusnet.com (8.14.3/8.14.3) with ESMTP id pAA5JsWw012364; Thu, 10 Nov 2011 00:19:54 -0500
Received: from sonusinmail02.sonusnet.com ([10.70.51.30]) by sonusmail05.sonusnet.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 10 Nov 2011 00:19:14 -0500
Received: from INBA-HUB01.sonusnet.com ([10.70.51.86]) by sonusinmail02.sonusnet.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 10 Nov 2011 10:49:23 +0530
Received: from INBA-HUB02.sonusnet.com (10.70.51.87) by inba-hub01.sonusnet.com (10.70.51.86) with Microsoft SMTP Server (TLS) id 14.1.339.1; Thu, 10 Nov 2011 10:49:23 +0530
Received: from INBA-MAIL01.sonusnet.com ([fe80::8d0f:e4f9:a74f:3daf]) by inba-hub02.sonusnet.com ([fe80::80b9:dc60:caf7:7dfc%11]) with mapi id 14.01.0339.001; Thu, 10 Nov 2011 10:49:23 +0530
From: "Ravindran, Parthasarathi" <pravindran@sonusnet.com>
To: Eric Rescorla <ekr@rtfm.com>
Thread-Topic: [rtcweb] SRTP requirement - wiretapping (Re: Let's define the purpose of WebRTC)
Thread-Index: AQHMnoiMLXoobGtfx0Kkx8oSZTnrRJWj1oYwgABiqoCAAVQz4A==
Date: Thu, 10 Nov 2011 05:19:23 +0000
Message-ID: <387F9047F55E8C42850AD6B3A7A03C6C0134A6B5@inba-mail01.sonusnet.com>
References: <CALiegfkVNVAs_MyU_-4koA4zRwSn1-FwLjY9g_oZVkhi9rSK5Q@mail.gmail.com> <8A61D801-D14D-408B-9875-63C37D0CC166@acmepacket.com> <CABw3bnPE=OY_h5bM7GA6wgrXiOBL8P4J0kw1jLv-GSpHAbg=Cg@mail.gmail.com> <CABcZeBNqdkh8u=gwOvKfDCQA7rXdAyQkfaM1r2Sx10787btP6A@mail.gmail.com> <B10FEFF6-0ADC-4DB1-83BB-50A11C65EC35@acmepacket.com> <CABcZeBNSXtim_VqzqAd8Z-u4zWSjaYmsVZPN=7sDYkJsgtRAHA@mail.gmail.com> <4EB7E6A5.70209@alvestrand.no> <F8003BA9-BCD8-4F02-B514-8B883FF90F91@acmepacket.com> <387F9047F55E8C42850AD6B3A7A03C6C01349D81@inba-mail01.sonusnet.com> <4EB9ACF5.80805@alvestrand.no> <387F9047F55E8C42850AD6B3A7A03C6C01349F60@inba-mail01.sonusnet.com> <CAD6AjGTn2WPaVQh01y-PVYZtpVYKopocqzQBSEMQadozjEd-Tw@mail.gmail.com> <387F9047F55E8C42850AD6B3A7A03C6C01349FE6@inba-mail01.sonusnet.com> <CABcZeBNvGVWgNiLcP9=n+hnfvV1P4_uF1+Q2oC6dwgya80BwGQ@mail.gmail.com>
In-Reply-To: <CABcZeBNvGVWgNiLcP9=n+hnfvV1P4_uF1+Q2oC6dwgya80BwGQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.70.54.164]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 10 Nov 2011 05:19:23.0995 (UTC) FILETIME=[4F2212B0:01CC9F68]
Cc: "&lt,rtcweb@ietf.org&gt," <rtcweb@ietf.org>
Subject: Re: [rtcweb] SRTP requirement - wiretapping (Re: Let's define the purpose of WebRTC)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Nov 2011 05:19:21 -0000

Eric,

I agree with you about performance in case of desktop as I'm able to execute Skype video call and other application simultaneously without any performance impact. AFAIK in case of telepresence or equivalent endpoint, it requires the special hardware to encrypt/decrypt the whole bunch of media from it. WebRTC browser could be executed on any of these kind of endpoint as well.

As you mentioned, I often heard that Enterprise is not secure which requires different level of security but this argument is not well accepted in the deployment so far :-( 

Thanks
Partha

>-----Original Message-----
>From: Eric Rescorla [mailto:ekr@rtfm.com]
>Sent: Wednesday, November 09, 2011 7:40 PM
>To: Ravindran, Parthasarathi
>Cc: Cameron Byrne; &lt,rtcweb@ietf.org&gtg&gt,
>Subject: Re: [rtcweb] SRTP requirement - wiretapping (Re: Let's define
>the purpose of WebRTC)
>
>On Tue, Nov 8, 2011 at 6:50 PM, Ravindran Parthasarathi
><pravindran@sonusnet.com> wrote:
>> Cameron,
>>
>>
>>
>> I guess that we are in the same w.r.t IETF privacy policy and it is
>main
>> reason, I take back my comment #2. But, Please look into comment #1
>for
>> Enterprise WebRTC application wherein SRTP is not required to be
>mandated.
>>
>
>Partha,
>
>I don't understand what resource you are conserving here by avoiding
>multiple encryption.
>
>Even if we stipulate that the enterprise network is secure (which as
>Cameron has suggested, is often not the case even when people believe it
>is),
>the actual cost to encrypt the data on the endpoints is quite low,
>especially when compared to the added complexity cost of trying to make
>the
>(extremely difficult) determination of whether whatever network
>encryption
>is in place is sufficient to protect your call. Better to just encrypt
>all
>the time.
>
>-Ekr