IETF Logo Mail Archive

Re: [rtcweb] Which servers to trust (Re: Consensus call regarding media security)

Iñaki Baz Castillo <ibc@aliax.net> Tue, 03 April 2012 14:24 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F29911E80C2 for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 07:24:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.654
X-Spam-Level:
X-Spam-Status: No, score=-2.654 tagged_above=-999 required=5 tests=[AWL=0.023, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l38lR4MKvGNB for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 07:24:11 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id 8E67711E80C1 for <rtcweb@ietf.org>; Tue, 3 Apr 2012 07:24:11 -0700 (PDT)
Received: by vcbfk13 with SMTP id fk13so2883100vcb.31 for <rtcweb@ietf.org>; Tue, 03 Apr 2012 07:24:11 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=nueh+cAG4jqju8qWi6CQpO37XGW4RcruQiOmF4yjAT8=; b=G/muUSDfUCoXQG9ze4sKEYGioqenZJJ1DOJHImXJcCAoqSAPyNSLMUqZp3RkyuazNX OTTF66+dz+0idgw+xAxv67FUM/gX4PnUOj2O9nDK68ODm99gZp/1UaSokd6QWng4lh5F Ob9VXkcFgF1fUGUPKG+o8pqC+fLo+bKUHwsMIX2bsrp8U6Wfiwqcfe0TLPrV71NeD6FR 6vITdqVqqmouZu4eTfRnCqm4fB0tOccZQfvCgG2+heLGuLjHzel+Y/SWYSqvshFilFoZ RStzIckYshRf8A5oVt3/WujLkqxn2og3eNt0fqpPRPNQNhXctY5lrJAZfwQcQGnq/8nR GBQw==
Received: by 10.52.27.1 with SMTP id p1mr5712226vdg.17.1333463051029; Tue, 03 Apr 2012 07:24:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.170.165 with HTTP; Tue, 3 Apr 2012 07:23:50 -0700 (PDT)
In-Reply-To: <4F7AEDB6.8000907@jesup.org>
References: <4F732531.2030208@ericsson.com> <387F9047F55E8C42850AD6B3A7A03C6C0E221877@inba-mail01.sonusnet.com> <4F749C82.4070305@infosecurity.ch> <4F7ACC96.90206@alvestrand.no> <CALiegf=jJ6SfQhbxPXKdDDKqp7bOrpRNVE=RfBs8Ah8zqy9ftQ@mail.gmail.com> <4F7AEDB6.8000907@jesup.org>
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Tue, 03 Apr 2012 16:23:50 +0200
Message-ID: <CALiegfn59_i07zQhn355cpwyaoYbewJtLvCqMx6fHgpoGH7e7w@mail.gmail.com>
To: Randell Jesup <randell-ietf@jesup.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQnv4HVzD1iUtZoWwDkIKboz4QmGOUuDF+EXDBQ2AV/PIN/JqzMub1GqApMv7/Qx5XJXY/v5
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Which servers to trust (Re: Consensus call regarding media security)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 14:24:12 -0000

2012/4/3 Randell Jesup <randell-ietf@jesup.org>:
> On 4/3/2012 7:55 AM, Iñaki Baz Castillo wrote:
>> If you trust the Web server (i.e. due to HTTPS usage with a valid
>> server certificate) then you will also trust that the Web server will
>> not signal your WebRTC communication to a malicious destination, am I
>> wrong?
>
>
> Partly.  First, as you mention, the site can be hacked.

If the site is hacked then it does not matter whether SDES or DTLS is
being used. Both can be hacked as demostrated in some draft (whose
name cannot remember now).


> Another issue is that you may NOT trust the website to avoid tapping your communication

The communication is not just the RTP, but also the signaling. If my
wife (if I had) realizes that yesterday night I called to my
ex-girlfriend, that's important enough for me (regardless my wife does
not know what I talked with her). So what? no servers? no proxies?
pure P2P for all?


Also, as said in other mail (by other person in this maillist), if you
don't trust the web server, then we must also drop TURN from WebRTC
since TURN URI's are provided by the web server (and it can be hacked
and so...).


Regards.


-- 
Iñaki Baz Castillo
<ibc@aliax.net>

v2.23.0 | Report a Bug | By Email