Re: [rtcweb] End-to-end encryption vs end-to-end authentication (DTLS-SRTP / SDES-SRTP)

Roman Shpount <roman@telurix.com> Thu, 05 April 2012 18:24 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC2B621F84B5 for <rtcweb@ietfa.amsl.com>; Thu, 5 Apr 2012 11:24:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.629
X-Spam-Level:
X-Spam-Status: No, score=-2.629 tagged_above=-999 required=5 tests=[AWL=0.047, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lxLtL9TxWtH9 for <rtcweb@ietfa.amsl.com>; Thu, 5 Apr 2012 11:24:22 -0700 (PDT)
Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com [209.85.210.54]) by ietfa.amsl.com (Postfix) with ESMTP id 0491421F86AA for <rtcweb@ietf.org>; Thu, 5 Apr 2012 11:24:21 -0700 (PDT)
Received: by dady13 with SMTP id y13so2656242dad.27 for <rtcweb@ietf.org>; Thu, 05 Apr 2012 11:24:21 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=cUFMVdlz8ib6GL2pcNcbEYjXEvaUs74UQBRxmNuTE/c=; b=JcW2g05F3TaEHVNCwG3M4qEk2lCSYlU/qEKZxyQoP0muKC7sYyxHPRB3aW9zEiKATX dS6U9X8JhAGoh7bC82JlNqq+11zyhteD58Mv3DmjQwWqePuAo5o+p+nwrICraaDfbnug Wd84BTyts8LfObLWI7bc4cVrzRLanhQRYnGamD79BOQK1dOzJTBhCoLXmeb4VZLCwNo/ BWIxCol7q10EKI5Mvlroiya28QqJ9J75Wka0NS6kkL3DFqBdnb9gCtI2ll11kJ88XPpQ fOLCxTzm7h/35CRqQsfB5CRacYXE3zhtlskY8Nz6+FN8nZd5rmOJtNsRgL7E42lffKnE nx6w==
Received: by 10.68.234.228 with SMTP id uh4mr3889888pbc.78.1333650261859; Thu, 05 Apr 2012 11:24:21 -0700 (PDT)
Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com [209.85.210.54]) by mx.google.com with ESMTPS id f7sm3900158pbr.3.2012.04.05.11.24.20 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 05 Apr 2012 11:24:21 -0700 (PDT)
Received: by dady13 with SMTP id y13so2656215dad.27 for <rtcweb@ietf.org>; Thu, 05 Apr 2012 11:24:20 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.226.42 with SMTP id rp10mr8651612pbc.162.1333650260391; Thu, 05 Apr 2012 11:24:20 -0700 (PDT)
Received: by 10.68.6.67 with HTTP; Thu, 5 Apr 2012 11:24:20 -0700 (PDT)
In-Reply-To: <CALiegf=Bf5Q7ODUZccJiEOn-ibWk7aDx9-MGNmGLCusGGjfvxg@mail.gmail.com>
References: <4F7D7103.6040102@infosecurity.ch> <4F7DBEFC.6040302@alcatel-lucent.com> <4F7DD13F.2010006@infosecurity.ch> <CAD5OKxv_e9Ncw7xt3eh9jNM9HWX1snDN1wVynkFT2GPoA+y1_w@mail.gmail.com> <4F7DE01C.4040800@infosecurity.ch> <CAD5OKxtDXX1A1hewxZeFZMcs4f4o6BqCy8UYpi5LMngj2GudfQ@mail.gmail.com> <CALiegf=Bf5Q7ODUZccJiEOn-ibWk7aDx9-MGNmGLCusGGjfvxg@mail.gmail.com>
Date: Thu, 5 Apr 2012 14:24:20 -0400
Message-ID: <CAD5OKxs1nwNgaPOxcjW1=yJS-CMZLWj1rzx8wzmcHzOF6j9Z3Q@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: =?ISO-8859-1?Q?I=F1aki_Baz_Castillo?= <ibc@aliax.net>
Content-Type: multipart/alternative; boundary=e89a8ff2521c0675f904bcf2a6c6
X-Gm-Message-State: ALoCoQnK2HNJqVg5Zp5qHrnZE3j0mr8emY1dQu9kDf9lfDKo8Kqe1Cauhn/o+Vp55bMla58NxXcP
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] End-to-end encryption vs end-to-end authentication (DTLS-SRTP / SDES-SRTP)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2012 18:24:23 -0000

On Thu, Apr 5, 2012 at 2:19 PM, Iñaki Baz Castillo <ibc@aliax.net> wrote:

> Define such an "alternative communications channel" and explain me how
> the signaling server cannot alter that channel.
>
>
I will send it to you using Frogo, my trusty carrier pidgin ;).

I can read them to you (possible to modify but much harder then simple
signaling), I can email them to you using some sort of trusted service, or
I can call you using old fashioned telephone. I remember times when such
keys were exchanged via fax.
______________
Roman Shpount