Re: [rtcweb] WebRTC-SIP interop: and why SDES-SRTP is a need

Iñaki Baz Castillo <ibc@aliax.net> Thu, 05 April 2012 18:41 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9EE421F869C for <rtcweb@ietfa.amsl.com>; Thu, 5 Apr 2012 11:41:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.609
X-Spam-Level:
X-Spam-Status: No, score=-2.609 tagged_above=-999 required=5 tests=[AWL=0.068, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LA6+0DHL9xlt for <rtcweb@ietfa.amsl.com>; Thu, 5 Apr 2012 11:41:03 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 227CD21F8686 for <rtcweb@ietf.org>; Thu, 5 Apr 2012 11:41:03 -0700 (PDT)
Received: by yhkk25 with SMTP id k25so1020980yhk.31 for <rtcweb@ietf.org>; Thu, 05 Apr 2012 11:41:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=bI5gQHPbge7oom4siBUGsO2pkwhMFagbKjgEsFL4ScA=; b=PjzdUYxKSr7EBWnbHC4B0HrUv+p2bj+mhNeuBxPcKl2adSRhTSmBp+BexnxnYg82JC RJALJhvyYPztO99NmfH7lI+R5sqDiwtBm/+71eFm33UPi1u3jCNp0n0heRspetgdXMAZ uCSeUB6ELQQkVV/SnOnMnspkYDdjPpwel1yH/1qz9z1IowRSyAkh0RGGopMuNYYMtzt+ rRfvwe8y6Yny5HB/u4ewbpX3O0t6hgVbjGRLYHNYQpghNTeD087NcNWhPS+c+g4z4m5k m8i+KgQNwseDAD8jetwERdVnDagOTu8t6fh0I9uMq62CTScFZGdGPOLHUMRlJyizIzjE O39w==
Received: by 10.236.136.33 with SMTP id v21mr3579194yhi.17.1333651262749; Thu, 05 Apr 2012 11:41:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.170.165 with HTTP; Thu, 5 Apr 2012 11:40:42 -0700 (PDT)
In-Reply-To: <CAD5OKxsf-zDFSiVpGBYbTyn6cVA1QqWZbcJLiNQLHLoC7g7prQ@mail.gmail.com>
References: <CALiegfmz6tgm9WF3KWEK5qwaBGADKFyit=egB36zkjZXNKdeHw@mail.gmail.com> <CALiegfnA8_ntYd5f935P_E6vvMwjrzt+j6UhB9vjmo6h-RzfPA@mail.gmail.com> <CAD5OKxsxrDdsoV18KB1gZSsUBPno-k2zs4E2FTUaoUBdXfh5yA@mail.gmail.com> <CAE6kErhTOFP1qna-OKRmJzM=Rssc0UEXTyDgSyKmh2AM+PuviA@mail.gmail.com> <CAD5OKxuuC1q9uCnREqi_-i0unT=6Uza+oYsCWtanbSjmSi5_DQ@mail.gmail.com> <CALiegf=qo4uWjSBx6F5PmN_vqtbqYzQ9e5igqe_YJPKj0BHQvg@mail.gmail.com> <CAD5OKxu6n_yDAtsy9_pkcGyA8t15y3pY4sQoYmwoPnoL=8_=cA@mail.gmail.com> <4F7DD97D.6050109@jesup.org> <CAD5OKxvieFaapmjrxNs2WtcHbOVO1zKir5WC29UMtfs=dOBBMg@mail.gmail.com> <CALiegfnwjwKcYnSNxLZ=kXD1xPzv_qteSpMTUiTpFHc9otBRUA@mail.gmail.com> <CAD5OKxsf-zDFSiVpGBYbTyn6cVA1QqWZbcJLiNQLHLoC7g7prQ@mail.gmail.com>
From: =?UTF-8?Q?I=C3=B1aki_Baz_Castillo?= <ibc@aliax.net>
Date: Thu, 5 Apr 2012 20:40:42 +0200
Message-ID: <CALiegfnu=Fj9EYWD9=xLv1QmzNCz+s=7m5DjRQKxxQOtC=0SfQ@mail.gmail.com>
To: Roman Shpount <roman@telurix.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQnE43WzXH+VsYQnDpAFP0Y4zIwrrO69uM0GaZ1ZK33kRgEJcFmmj1vcvU1mLMZhjH5D6IL0
Cc: Randell Jesup <randell-ietf@jesup.org>, rtcweb@ietf.org
Subject: Re: [rtcweb] WebRTC-SIP interop: and why SDES-SRTP is a need
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2012 18:41:03 -0000

2012/4/5 Roman Shpount <roman@telurix.com>:
> This can be mitigated with either identity validation

This argument has been already refuted by Fabio, am I right? The
identity is provided by the signaling server so nothing new here.


> or via fingerprint
> validation via an independent channel.

Again, define such an "independent channel" and let me know how the
signaling server CANNOT alter it.


-- 
Iñaki Baz Castillo
<ibc@aliax.net>