[rtcweb] Security Architecture: IdP for RTP and RTCP
Bernard Aboba <bernard.aboba@gmail.com> Tue, 08 July 2014 17:55 UTC
Return-Path: <bernard.aboba@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0DEC1A0418 for <rtcweb@ietfa.amsl.com>; Tue, 8 Jul 2014 10:55:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9OLvQ5EFkekc for <rtcweb@ietfa.amsl.com>; Tue, 8 Jul 2014 10:55:05 -0700 (PDT)
Received: from mail-wi0-x22d.google.com (mail-wi0-x22d.google.com [IPv6:2a00:1450:400c:c05::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C411F1A0332 for <rtcweb@ietf.org>; Tue, 8 Jul 2014 10:55:02 -0700 (PDT)
Received: by mail-wi0-f173.google.com with SMTP id cc10so1451005wib.12 for <rtcweb@ietf.org>; Tue, 08 Jul 2014 10:55:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=IIUF58mzeuxh3Oi4rYpEwBBq0rLbRTWiO2u8g2RTkks=; b=zJBPLrf4p4W4iEQSyt4KoByOpzAmJCZJo90ADvwdztGswFXYNA0oQ9j8SIcYy/vzGO AIYM3zmljygS1y5tk4mqOQAlZpwLCI/Q/wdLFqGEZh8PlcHdIyYCIhJOk614WC6Tfg/D xC4PHqkTj6++hbxI5JuVDeDX/RamOagN4cpt7JhPejns83Ti/F/43HvRJzZnLO/VVkKc CcmSz0uD0m1so8fl1DQdHVv9+GlRsXmH2rN48Je2uSqv/Rj9PSwQy78MN2khP4SWKXtl AsBqPV7I6C6ZkH65W4rkY+vGbsCv9GeGFJEao8k0CDKqUqtA78ETqdGLnr03a1nc9aoR XlSQ==
X-Received: by 10.180.37.42 with SMTP id v10mr5504091wij.43.1404842101339; Tue, 08 Jul 2014 10:55:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.216.80.10 with HTTP; Tue, 8 Jul 2014 10:54:41 -0700 (PDT)
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Tue, 08 Jul 2014 10:54:41 -0700
Message-ID: <CAOW+2dsVZj56aVL5+79d6RSTZFLwjfWdm=rs7FPnvdWQZHAdfA@mail.gmail.com>
To: "rtcweb@ietf.org" <rtcweb@ietf.org>
Content-Type: multipart/alternative; boundary="e89a8f6473c76a7e0304fdb24a7d"
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/NWiIru4QIteOdO2LikeBCbErZTs
Subject: [rtcweb] Security Architecture: IdP for RTP and RTCP
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jul 2014 17:55:07 -0000
In the situation where RTP and RTCP are not multiplexed, distinct DTLS transports and DTLS/SRTP key exchanges would occur for RTP and RTCP. In looking for guidance within the security architecture document, some questions came to mind: a. Are the certificates used for RTP and RTCP DTLS Transports necessarily the same on both the local and remote side? If they are supposed to be the same, what happens if they aren't? b. Can different identities be asserted for the RTP and RTCP DTLS Transports? Does this make sense in some circumstances? If so, when? Within a browser, it seems logical that the certificates used for RTP and RTCP DTLS Transports and the asserted identities should be the same (assuming that RTP and RTCP aren't multiplexed). The WebRTC 1.0 API Section 8.3 seems to indicate that this should always be the case: "It is possible that different values for the "a=identity" attribute is provided at a media level in SDP. A browser may either choose to treat this as an error or ignore the attribute. If multiple different assertions are validated, then they must produce identical identity values." However, I am wondering whether there can be legitimate cases where a browser communicating with a gateway or SFU might encounter distinct identities or certificates for RTP and RTCP. For example, could an SFU potentially terminate RTCP but not RTP, in which case the certificates and asserted identities might be different between RTP and RTCP? The WebRTC 1.0 spec seems to indicate that this should be treated as a fatal error, but I'm wondering whether the browser shouldn't be "strict in what it sends but liberal in handling what it receives" by just using the identity and certificates for RTP, and ignoring the RTCP identities. Trying to inform the user about different asserted identities for RTP and RTCP seems way too complicated to even be worth considering.
- [rtcweb] Security Architecture: IdP for RTP and R… Bernard Aboba
- Re: [rtcweb] Security Architecture: IdP for RTP a… Martin Thomson
- Re: [rtcweb] Security Architecture: IdP for RTP a… Bernard Aboba
- Re: [rtcweb] Security Architecture: IdP for RTP a… Iñaki Baz Castillo
- Re: [rtcweb] Security Architecture: IdP for RTP a… Bernard Aboba
- Re: [rtcweb] Security Architecture: IdP for RTP a… Martin Thomson
- Re: [rtcweb] Security Architecture: IdP for RTP a… Dan Wing
- Re: [rtcweb] Security Architecture: IdP for RTP a… Emil Ivov
- Re: [rtcweb] Security Architecture: IdP for RTP a… Justin Uberti
- Re: [rtcweb] Security Architecture: IdP for RTP a… Martin Thomson
- Re: [rtcweb] Security Architecture: IdP for RTP a… Justin Uberti
- Re: [rtcweb] Security Architecture: IdP for RTP a… Watson Ladd
- Re: [rtcweb] Security Architecture: IdP for RTP a… Martin Thomson
- Re: [rtcweb] Security Architecture: IdP for RTP a… Watson Ladd
- Re: [rtcweb] Security Architecture: IdP for RTP a… Martin Thomson