Re: [rtcweb] SRTP and "marketing"

Oscar Ohlsson <oscar.ohlsson@ericsson.com> Mon, 02 April 2012 12:32 UTC

Return-Path: <oscar.ohlsson@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FF0521F8669 for <rtcweb@ietfa.amsl.com>; Mon, 2 Apr 2012 05:32:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.612
X-Spam-Level:
X-Spam-Status: No, score=-6.612 tagged_above=-999 required=5 tests=[AWL=-0.363, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XmAUn6I1Gq0j for <rtcweb@ietfa.amsl.com>; Mon, 2 Apr 2012 05:32:48 -0700 (PDT)
Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id C7D0121F866A for <rtcweb@ietf.org>; Mon, 2 Apr 2012 05:32:47 -0700 (PDT)
X-AuditID: c1b4fb2d-b7b76ae0000063d8-f4-4f799c6e83c7
Received: from esessmw0237.eemea.ericsson.se (Unknown_Domain [153.88.253.124]) (using TLS with cipher AES128-SHA (AES128-SHA/128 bits)) (Client did not present a certificate) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id EE.FF.25560.E6C997F4; Mon, 2 Apr 2012 14:32:46 +0200 (CEST)
Received: from ESESSCMS0360.eemea.ericsson.se ([169.254.1.51]) by esessmw0237.eemea.ericsson.se ([153.88.115.90]) with mapi; Mon, 2 Apr 2012 14:32:46 +0200
From: Oscar Ohlsson <oscar.ohlsson@ericsson.com>
To: Gregory Maxwell <gmaxwell@juniper.net>, Randell Jesup <randell-ietf@jesup.org>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Date: Mon, 2 Apr 2012 14:32:45 +0200
Thread-Topic: [rtcweb] SRTP and "marketing"
Thread-Index: Ac0N903AuI/AsopKSqCZGCBYPaD84QAjG+neAJHOMjA=
Message-ID: <A1B638D2082DEA4092A268AA8BEF294D19460D6C81@ESESSCMS0360.eemea.ericsson.se>
References: <4F72D6B3.40803@bbn.com> <5D67671F-417C-4C78-A560-0B16AC65E4E2@acmepacket.com> <4F73B2B6.9080008@jesup.org> <6493BD08-5A9B-48AB-8D5C-8778384948A3@acmepacket.com>, <4F74DAA1.4080103@jesup.org> <BCB3F026FAC4C145A4A3330806FEFDA94086731AFA@EMBX01-HQ.jnpr.net>
In-Reply-To: <BCB3F026FAC4C145A4A3330806FEFDA94086731AFA@EMBX01-HQ.jnpr.net>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: sv-SE, en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAA==
Subject: Re: [rtcweb] SRTP and "marketing"
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Apr 2012 12:32:49 -0000

> -----Original Message-----
> From: rtcweb-bounces@ietf.org 
> [mailto:rtcweb-bounces@ietf.org] On Behalf Of Gregory Maxwell
> Sent: Friday, March 30, 2012 5:38 PM
> To: Randell Jesup; rtcweb@ietf.org
> Subject: Re: [rtcweb] SRTP and "marketing"
> 
> 
> A point which needs to be emphasized is that undetectable 
> attacks are not at all the same thing as detectable attacks: 
> Even when the chance of detection is somewhat low, if the 
> cost of detection is high the possibility of it can be an 
> effective deterrent.
> 

It is definely important to distinguish between detectable and un-detectable interception. But as I mentioned earlier, I don't think enabling SDES in WebRTC will enable un-detectable interception. If both parties open up Tools->PageInfo->Media->session-security and see something like:

Is SDES turned on? Yes
Is this endpoint capable of DTLS-SRTP? Yes

Then they could automatically assume that they're are beeing intercepted. In my opinion this is not that much different from comparing fingerprints.

Regards,

Oscar