Re: [rtcweb] Mandating encryption of RTP header extensions for MID and RID SDES items
Christer Holmberg <christer.holmberg@ericsson.com> Sun, 09 October 2016 10:24 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E618912953B for <rtcweb@ietfa.amsl.com>; Sun, 9 Oct 2016 03:24:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jid9zLHnD5xA for <rtcweb@ietfa.amsl.com>; Sun, 9 Oct 2016 03:24:25 -0700 (PDT)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCC61129535 for <rtcweb@ietf.org>; Sun, 9 Oct 2016 03:24:24 -0700 (PDT)
X-AuditID: c1b4fb30-b87ff70000000cb2-f7-57fa1ad61ce7
Received: from ESESSHC024.ericsson.se (Unknown_Domain [153.88.183.90]) by (Symantec Mail Security) with SMTP id D0.0D.03250.6DA1AF75; Sun, 9 Oct 2016 12:24:23 +0200 (CEST)
Received: from ESESSMB209.ericsson.se ([169.254.9.177]) by ESESSHC024.ericsson.se ([153.88.183.90]) with mapi id 14.03.0319.002; Sun, 9 Oct 2016 12:24:22 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: "Mo Zanaty (mzanaty)" <mzanaty@cisco.com>, Bernard Aboba <bernard.aboba@gmail.com>
Thread-Topic: [rtcweb] Mandating encryption of RTP header extensions for MID and RID SDES items
Thread-Index: AQHSH9lMExaUQsC7kESlGYxjwYhpQqCdIvSAgAClHACAALujgIABaqEw
Date: Sun, 09 Oct 2016 10:24:21 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B4BD3D9C8@ESESSMB209.ericsson.se>
References: <e536bad2-08b1-4f77-8c75-6bc3b639c398@ericsson.com> <B6ECFC24-F28E-4E35-9437-B7DACB41EF69@iii.ca>, <DD1447CA-29F2-44FF-B08F-3CC0814C9748@gmail.com> <E772E39B-80FA-4C82-901F-CE1DBE750027@cisco.com>
In-Reply-To: <E772E39B-80FA-4C82-901F-CE1DBE750027@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.154]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmphkeLIzCtJLcpLzFFi42KZGbE9Sve61K9wg9dTeC027PvPbPHiwRwm i7X/2tkdmD2m/N7I6rFz1l12jyVLfjIFMEdx2aSk5mSWpRbp2yVwZfyccJ2xYJJKxY//h9ka GC/JdjFyckgImEhMfDyTuYuRi0NIYD2jxLIze9kgnMWMEhtWrWfqYuTgYBOwkOj+pw3SICIQ IdHe/ZIJxGYWUJT4snw+G4gtLJAgsWveZBaImkSJ5tt9zCCtIgJuEmvvSoGYLAIqEkeuVYOY vAK+EndfeUIsusYo8frIQrBOTgFbiWtnpjGC2IwCYhLfT62B2iQucevJfCaIkwUkluw5zwxh i0q8fPyPFcJWklh0+zNUvZ7EjalT2CBsbYllC1+D1fMKCEqcnPmEZQKj6CwkY2chaZmFpGUW kpYFjCyrGEWLU4uTctONjPRSizKTi4vz8/TyUks2MQLj5uCW3wY7GF8+dzzEKMDBqMTDm5Dz M1yINbGsuDL3EKMEB7OSCO8h0V/hQrwpiZVVqUX58UWlOanFhxilOViUxHnNVt4PFxJITyxJ zU5NLUgtgskycXBKNTAK56gcKNjOfGxdpuYfrVq2OCb2efVsi57tFpY/HuzEylKx5tDzxNdB H5xqtL2esZxJerjkiG/s6ePxsQ8WiO/vtPnx0L8weomyfMdDvS1S1yz0KmeIB1de8+887pDy XYD7lthsJonzHMFVLu6B8/OcXNb2Xr97I2Byxt06rpsij9YeX3Ew+YISS3FGoqEWc1FxIgBW 9NG6lwIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/WyEORZ3aQo8CwU7xJUHWEWuzMbs>
Cc: RTCWeb IETF <rtcweb@ietf.org>
Subject: Re: [rtcweb] Mandating encryption of RTP header extensions for MID and RID SDES items
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Oct 2016 10:24:27 -0000
Hi, On the MMUSIC list Jonathan L informed the community about the following text in RFC 7904 (SDES header extensions): "In RTP sessions where any type of confidentiality protection is enabled for RTCP, the SDES item header extensions MUST also be protected." So, *IF* we assume that "any type of confidentiality protection" is enabled for RTCP, I guess the answer is pretty clear, or? Regards, Christer -----Original Message----- From: rtcweb [mailto:rtcweb-bounces@ietf.org] On Behalf Of Mo Zanaty (mzanaty) Sent: 08 October 2016 17:44 To: Bernard Aboba <bernard.aboba@gmail.com> Cc: RTCWeb IETF <rtcweb@ietf.org> Subject: Re: [rtcweb] Mandating encryption of RTP header extensions for MID and RID SDES items MID and RID are similar to PT in this regard. They are all arbitrary values that only have semantic meaning when combined with a media description in external signaling. Any genuine concern over privacy or fingerprinting issues with MID and RID should first consider PT. I'm unaware of any concerns expressed over unencrypted PT. Note that it is possible to use encrypted SRTCP to convey MID and RID without including them in SRTP packets. One proposed version of the RTP demux rules has explicitly noted this approach of using RTCP to latch MID/RID to an SSRC even if RTP does not contain those header extensions for that SSRC. Mandating encrypted SRTCP seems more palatable than mandating encrypted RTP header extensions. But I don't think a good case has been made yet for either, especially considering PT is always unencrypted. Mo On Oct 7, 2016, at 11:33 PM, Bernard Aboba <bernard.aboba@gmail.com> wrote: I don't see how snooping the MID and RID would provide info that could not be obtained in other ways. For example, an observer can tell audio from video traffic just by looking at packet sizes. Similarly, simulcast streams will originate from different SSRCs so no need to snoop the RID to figure out that there are multiple streams being sent (or even which ones are related since traffic will be correlated). > On Oct 7, 2016, at 10:41, Cullen Jennings <fluffy@iii.ca> wrote: > > > How are these a significant fingerprinting problem ? > > >> On Oct 6, 2016, at 7:55 AM, Magnus Westerlund <magnus.westerlund@ericsson.com> wrote: >> >> WG, >> >> After discussion in AVTEXT and MMUSIC regarding the inclusion of MID and RID as SDES items that this do exposes labels that previously only have existed in the signalling plane in the media plane. And especially in the RTP header extensions, where even if the media payload is encrypted the header extension is not encrypted. >> >> The risk with this is primarily a privacy and fingerprinting risk. And the proposed mitgation is encryption of the RTP header extensions in both the bundle and avtext-rid documents. >> >> This leads to the conclusion that for RTCWeb, we must consider to act on these recommendations and decide on which implementation and usage requirement the protection of these field should have. >> >> My proposal is that implementation and use of RFC6904 encryption of the RTP header extensions are REQUIRED. For RTCP it is actually unclear if there is mandatory to use encrypted SRTCP. I think it should be required and that can be clarified in Section 5.5 of draft-ietf-rtcweb-security-arch. >> >> >> Opinions? >> >> >> Cheers >> >> Magnus Westerlund >> >> --------------------------------------------------------------------- >> - Services, Media and Network features, Ericsson Research EAB/TXM >> ---------------------------------------------------------------------- >> Ericsson AB | Phone +46 10 7148287 >> Färögatan 6 | Mobile +46 73 0949079 >> SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com >> --------------------------------------------------------------------- >> - >> >> _______________________________________________ >> rtcweb mailing list >> rtcweb@ietf.org >> https://www.ietf.org/mailman/listinfo/rtcweb > > _______________________________________________ > rtcweb mailing list > rtcweb@ietf.org > https://www.ietf.org/mailman/listinfo/rtcweb _______________________________________________ rtcweb mailing list rtcweb@ietf.org https://www.ietf.org/mailman/listinfo/rtcweb _______________________________________________ rtcweb mailing list rtcweb@ietf.org https://www.ietf.org/mailman/listinfo/rtcweb
- [rtcweb] Mandating encryption of RTP header exten… Magnus Westerlund
- Re: [rtcweb] Mandating encryption of RTP header e… Cullen Jennings
- Re: [rtcweb] Mandating encryption of RTP header e… Bernard Aboba
- Re: [rtcweb] Mandating encryption of RTP header e… Mo Zanaty (mzanaty)
- Re: [rtcweb] Mandating encryption of RTP header e… Christer Holmberg
- Re: [rtcweb] Mandating encryption of RTP header e… Magnus Westerlund
- Re: [rtcweb] Mandating encryption of RTP header e… Cullen Jennings (fluffy)
- Re: [rtcweb] Mandating encryption of RTP header e… Cullen Jennings
- Re: [rtcweb] Mandating encryption of RTP header e… Christer Holmberg
- Re: [rtcweb] Mandating encryption of RTP header e… Magnus Westerlund
- Re: [rtcweb] Mandating encryption of RTP header e… Cullen Jennings (fluffy)
- Re: [rtcweb] Mandating encryption of RTP header e… Jonathan Lennox
- Re: [rtcweb] Mandating encryption of RTP header e… Magnus Westerlund
- Re: [rtcweb] Mandating encryption of RTP header e… Christer Holmberg
- Re: [rtcweb] Mandating encryption of RTP header e… Christer Holmberg