Re: [rtcweb] SRTP and "marketing"

"Richard L. Barnes" <> Wed, 28 March 2012 10:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6E03821F8A19 for <>; Wed, 28 Mar 2012 03:43:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -106.538
X-Spam-Status: No, score=-106.538 tagged_above=-999 required=5 tests=[AWL=0.061, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id iWrlYPjpDUu3 for <>; Wed, 28 Mar 2012 03:43:35 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 684E621F8A14 for <>; Wed, 28 Mar 2012 03:43:34 -0700 (PDT)
Received: from [] (port=58632 helo=neutrino.local) by with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from <>) id 1SCqLX-000Gh1-GT; Wed, 28 Mar 2012 06:43:19 -0400
Message-ID: <>
Date: Wed, 28 Mar 2012 12:43:31 +0200
From: "Richard L. Barnes" <>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20120313 Thunderbird/11.0
MIME-Version: 1.0
To: Harald Alvestrand <>
References: <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [rtcweb] SRTP and "marketing"
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 28 Mar 2012 10:43:36 -0000

>> I didn't make it to the mic at the meeting today, but I wanted to
>> express one concern about the possibility of making RTCWEB SRTP-only.
>> Hadriel mentioned the "marketing value" of having always-on
>> encryption, this idea that only supporting SRTP will make RTCWEB look
>> like something secure and trustworthy. I'm concerned that this might
>> not be the case, and in fact that being SRTP-only might effectively be
>> an over-promise, in light of the fact the absence of universal
>> authentication.
>> Hadriel noted that the competitors to this technology are Skype and
>> Flash, and it's worth considering the security situation with these
>> technologies, because they kind of bracket RTCWEB. With Skype
>> (assuming they've designed it properly), there is actually a universal
>> authentication, under a single authority. So you really do know that
>> you're talking to whatever Skype ID you intend to, and nobody else.
>> With Flash, well, does anyone expect it to be secure anyway?
>> What I'm concerned about in the RTCWEB context is that without a
>> universal authentication/identity infrastructure, we will end up
>> *promising* a secure call, but not *delivering* it. I haven't done the
>> analysis, but it does not seem implausible to me that FireSheep-like
>> vulnerabilities are lurking here.
> If there are, we need to close them before we ship the specs.
> Given reasonable practices (such as using only HTTPS for loading the
> pages and JS libraries), if we can't deliver security (against known
> attacks), we shouldn't ship the spec.

I agree that we should lock things down to the extent we can, and I 
think we will be able to do pretty well, using things such as you note.

But at base, without authentication, you cannot prevent MitM if someone 
is in the right place in the network.  You can just constrain the set of 
places from which an MitM can be launched.

>> So ISTM the "marketing" argument carries with it some serious risks as
>> well as some small possible benefit.
> Only if we don't deliver.

Except that "deliver" in this case entails a global 
authentication/identity infrastructure.  And it seems unlikely that 
we'll deliver that in the short run.