IETF Logo Mail Archive

Re: [rtcweb] SRTP not mandatory-to-use

Alan Johnston <alan.b.johnston@gmail.com> Wed, 04 January 2012 23:09 UTC

Return-Path: <alan.b.johnston@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32B5321F87CD for <rtcweb@ietfa.amsl.com>; Wed, 4 Jan 2012 15:09:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.486
X-Spam-Level:
X-Spam-Status: No, score=-103.486 tagged_above=-999 required=5 tests=[AWL=0.114, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id is7e7lomK8Bf for <rtcweb@ietfa.amsl.com>; Wed, 4 Jan 2012 15:09:23 -0800 (PST)
Received: from mail-tul01m020-f172.google.com (mail-tul01m020-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id 938EA21F87CA for <rtcweb@ietf.org>; Wed, 4 Jan 2012 15:09:23 -0800 (PST)
Received: by obcuz6 with SMTP id uz6so16586750obc.31 for <rtcweb@ietf.org>; Wed, 04 Jan 2012 15:09:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=NUuMJUkRMoHnbrUG2Ka69K4oaM+KXivVExyIuW3yGKQ=; b=Gv+BVhN/ySHyo5HrBQ30vRMw+CWm1LuolG7Xzcm4AgNfBwx+/P047F/t2M4VuwLPb3 ixPoNK3MZzDdwd039k2CiGIBzi0lxZslEJclIL6BY/pA9VLyJFgDB+6rDdht75i1R03s C+TZSJ0IGkA4OwK2JBGuQ/vxUMr0+hkjE3asQ=
MIME-Version: 1.0
Received: by 10.182.40.98 with SMTP id w2mr49551883obk.36.1325718563238; Wed, 04 Jan 2012 15:09:23 -0800 (PST)
Received: by 10.182.182.35 with HTTP; Wed, 4 Jan 2012 15:09:23 -0800 (PST)
In-Reply-To: <CAD5OKxuE0VhSsjKggj1mLOseLeDXarujvAG44yHkuZttagJggw@mail.gmail.com>
References: <CAErhfrwu322=HTS0JZhum9EGfb73KmYS6CU_KMESyzEWhtvg2w@mail.gmail.com> <CABcZeBOeg-O+6===5tk0haxC8nLxUQyEUFRES2FAoFEf00fKng@mail.gmail.com> <CAErhfrxTKdo7Z+61x5ZcDt5ZM7C7ob5LNxMzwng_kk3Uqrp2_Q@mail.gmail.com> <4F01A790.4060704@alvestrand.no> <4F02A061.60905@jesup.org> <E44893DD4E290745BB608EB23FDDB762141EF8@008-AM1MPN1-042.mgdnok.nokia.com> <4F035DD5.3050305@jesup.org> <CAOJ7v-1dziaA_ePCuMxjn6uhBgOH=ZVybUmLBwQi5qiuyOzDMA@mail.gmail.com> <BLU152-W469B2EB104C104547FC42393960@phx.gbl> <CAD5OKxuE0VhSsjKggj1mLOseLeDXarujvAG44yHkuZttagJggw@mail.gmail.com>
Date: Wed, 04 Jan 2012 17:09:23 -0600
Message-ID: <CAKhHsXHnT2p7yncha5-BQ=-Lzk3-N+tuijM-UqwfP1mPUi173A@mail.gmail.com>
From: Alan Johnston <alan.b.johnston@gmail.com>
To: Roman Shpount <roman@telurix.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] SRTP not mandatory-to-use
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2012 23:09:24 -0000

Here is the problem - allowing RTP opens up WebRTC to a bid down
attack on media security.  There are few good ways to prevent this bid
down attack, and none of them work given the lack of standardization
and control over WebRTC signaling.

Also, allowing both RTP and SRTP is a user interface nightmare for the
browsers.  They have had all kinds of problems in the past with simple
HTTP/HTTPS, and this will be even uglier.

Mandating SRTP avoids both these problems.

- Alan -

On Wed, Jan 4, 2012 at 4:28 PM, Roman Shpount <roman@telurix.com> wrote:
>> Justin Uberti said:
>>
>> "If we make SRTP mandatory to use, people will figure out a way to make
>> SRTP work in their scenarios. If we don't, people will continue to use the
>> same old objections as to why they can't deploy SRTP.
>>
>>
>
> I thought our goal is to design a web based real time communication network
> with the widest possible set of capabilities. I never thought that the goal
> of this group is to promote other architectural agendas, even the ones as
> such as spreading communications security. Security of communications would
> be defined by the application developer. If application developer designs
> something that is meant to be insecure (like place all calls through a
> middle server that will record everything and publish it on an open web
> site), it would be. I do not understand why application developer with
> WebRTC should not have an option to communicate without SRTP. Ability for
> developer to specify that RTP is allowed for certain connection takes
> nothing from security of WebRTC, and makes a lot of issues (such as interop,
> getting initial application developed and tested, etc) a lot simpler.
>
> I do believe that SRTP CPU load argument is nonsense (especially with newer
> CPUs where there is hardware AES offload), but I the only argument I heard
> so far for mandatory SRTP use was that future WebRTC developers are so
> incompetent and ignorant that they will never use SRTP unless we force them.
> Make it simple to specify that SRTP is required via an API, make it default,
> and developers will use it. As long as WebRTC connection does not
> automatically fall back to RTP if SRTP connection is required and cannot be
> established, I simply don't see what the problem is.
> _____________
> Roman Shpount
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>

v2.23.0 | Report a Bug | By Email