Re: [rtcweb] No Interim on SDES at this juncture

Richard Barnes <rlb@ipv.sx> Thu, 20 June 2013 22:25 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FF9421E809E for <rtcweb@ietfa.amsl.com>; Thu, 20 Jun 2013 15:25:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.373
X-Spam-Level: *
X-Spam-Status: No, score=1.373 tagged_above=-999 required=5 tests=[AWL=0.016, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 35U3sZFaQsvS for <rtcweb@ietfa.amsl.com>; Thu, 20 Jun 2013 15:25:17 -0700 (PDT)
Received: from mail-ob0-x22e.google.com (mail-ob0-x22e.google.com [IPv6:2607:f8b0:4003:c01::22e]) by ietfa.amsl.com (Postfix) with ESMTP id 3E5C721E8091 for <rtcweb@ietf.org>; Thu, 20 Jun 2013 15:25:17 -0700 (PDT)
Received: by mail-ob0-f174.google.com with SMTP id wd20so7823901obb.33 for <rtcweb@ietf.org>; Thu, 20 Jun 2013 15:25:16 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=BGCAkY7THlxX6I1/BDC1u03gfN2wxJn4DW9XwihkqK4=; b=W7x/BQChYnpjoJYippLKZ/c6mOZCywE2stZwryhjOvM1o+DPZ85tCel6knwrsPE/+E ENDJEUMZ2B9dXEA8UlhWrEntVNrSgNg6/Zpn8rBdH4mIRYLeU0pyLAdLiZBymzTXPApF HzsvJ+NEW77XTe1H1LWzmwcopQSxbYTGPvAo61/jl2zP4KwbLIWkp0bLICuUBYB+RyCf wSTIRSj5MFBZSxetSd+UmtA3OdQdkFZqWbbHV01mtR7snmUBYTz9Jbm9em8wmGK3KGBb WcsX4BMTtdfQzuyWJPxUwkwZsfy45p5WstBzrPubYd9CW568Zmt2GDpw1/JVWIo/v1Iy Z6fQ==
MIME-Version: 1.0
X-Received: by 10.182.246.198 with SMTP id xy6mr2446330obc.1.1371767116775; Thu, 20 Jun 2013 15:25:16 -0700 (PDT)
Received: by 10.60.26.135 with HTTP; Thu, 20 Jun 2013 15:25:16 -0700 (PDT)
X-Originating-IP: [108.18.40.68]
In-Reply-To: <9F33F40F6F2CD847824537F3C4E37DDF115D2D76@MCHP04MSX.global-ad.net>
References: <CA+9kkMDnjCNXGV0GU7x6gbbZMf4WiEuVvCRY8_Fix5tmdOB-Kg@mail.gmail.com> <AD220324-EEE7-4800-8512-FD7BADA9EC34@oracle.com> <CA+9kkMDY2Z_5_1uYJ1K_ZmrJB2a1-RE7V3aPqNHQg82DyagjCg@mail.gmail.com> <2975A93F-44DA-4020-B4DE-42E7ED98C08F@oracle.com> <51BAC9BC.6070708@ericsson.com> <94846970-4694-4EC8-AEFA-AEECEE0135AA@oracle.com> <51C02EE8.5070809@ericsson.com> <AE1A6B5FD507DC4FB3C5166F3A05A4841A2C78AD@TK5EX14MBXC273.redmond.corp.microsoft.com> <CAL02cgTFSbYSX7v3q37tsjzaPMshyyBroGWr=qmy-HGm82GJFg@mail.gmail.com> <AE1A6B5FD507DC4FB3C5166F3A05A4841A2C7EF8@TK5EX14MBXC273.redmond.corp.microsoft.com> <CAL02cgQMkHu-NqEeScT2ObfknJ+3OjXi7Y=7rUJtqeu3CbewMQ@mail.gmail.com> <8E9D2A9F-3D8B-4480-A85D-320CF30FEAA6@oracle.com> <9F33F40F6F2CD847824537F3C4E37DDF115D2D76@MCHP04MSX.global-ad.net>
Date: Thu, 20 Jun 2013 18:25:16 -0400
Message-ID: <CAL02cgQ=qVn5=taRmALke314PCO62gWV5sHnUGUxG4=2H2rPng@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: "Hutton, Andrew" <andrew.hutton@siemens-enterprise.com>
Content-Type: multipart/alternative; boundary=001a11c1bc04b5d81104df9d6bc0
X-Gm-Message-State: ALoCoQnAJxhEoO5V7pdJThCRsV5y7vyRdm9JQtSKGBuORoG8umZ4zDK6CyN1TPHNSm0118FcxcJX
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] No Interim on SDES at this juncture
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 22:25:21 -0000

On Thu, Jun 20, 2013 at 4:52 PM, Hutton, Andrew <
andrew.hutton@siemens-enterprise.com> wrote:

> Agree with Hadriel here I so no additional security benefit for EKT given
> that any media gateway is going to be in cahoots with the webserver and has
> access to the key.
>

See my reply to Hadriel on XSS and bid-down attacks.



> So all we are left with is the performance benefit of using SDES support
> in the browser which is significant and reduces the barrier to deploying
> WebRTC so let's go for the option that is easy to specify, easy to deploy,
> cheap to implement (already exists in Chrome), and we are all familiar with.
>
> SDES support looks like the obvious choice.
>
> Regards
> Andy
>
>
>
> > -----Original Message-----
> > From: rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] On
> > Behalf Of Hadriel Kaplan
> > Sent: 20 June 2013 08:11
> > To: Richard Barnes
> > Cc: rtcweb@ietf.org
> > Subject: Re: [rtcweb] No Interim on SDES at this juncture
> >
> >
> > On Jun 19, 2013, at 8:58 PM, Richard Barnes <rlb@ipv.sx> wrote:
> >
> > > I think we still disagree on the scenario.  I've tried to sketch out
> > the full sequence of operations to be clear.  (WebSequenceDiagrams
> > source below.)
> > > <http://goo.gl/uRi0W>
> > >
> > > ISTM that there are two major differences:
> > > -- In the SDES case, the JS and the Web Server both have access to
> > the media keys.  In the EKT case, the browser handles the keying update
> > directly.
> > > -- In the EKT case, the PBX/gateway has to be in the media path to do
> > EKT.  After EKT, it just switches packets (it's basically a TURN
> > server).
> > >
> > > So it seems like a security benefit for EKT and a performance benefit
> > for SDES.  Your quantitative valuation of these benefits / costs may
> > vary.
> >
> > I'm confused.  EKT has "a security benefit" for whom, exactly?
> > It's not more secure for the browser user, since a malicious web server
> > can simply *be* the PBX, terminate DTLS-EKT and get the key and the
> > browser user would never know it.
> > It's not more secure for the SIP user, since the SIP user is only doing
> > SDES and has no idea what's happening on the far-end.
> >
> > Who are you saying is being better protected from what?
> >
> > I suppose we could claim the owner of the PBX feels more secure, if
> > they're not the same as the owner of the web-server and don't trust the
> > web-server.  But again, if the web-server owner is malicious it will
> > just terminate the media pretending to be the PBX on one side, and
> > pretending to be the browser to the real PBX on the other side.  And
> > why would a PBX owner accept calls from a web-server it doesn't trust
> > to begin with?
> >
> > Afaict, the main security benefit of DTLS-EKT is the same as that of
> > DTLS-SRTP: the keys aren't sent in the JSON/SDP/whatever, so they can't
> > be sniffed even if cleartext HTTP is used.  So in a weird way, the
> > security benefit of it is it let's us use an insecure HTTP transport
> > for the JSON/SDP/HTML/whatever.  Luckily the ability to see and modify
> > what goes on there is no big deal... like for example be able to insert
> > a malicious DTLS-SRTP B2BUA that records everything.  Oh, wait...
> >
> > -hadriel
> >
> > _______________________________________________
> > rtcweb mailing list
> > rtcweb@ietf.org
> > https://www.ietf.org/mailman/listinfo/rtcweb
>