Re: [rtcweb] Unsolicited DTLS Handshake

"Schwarz, Albrecht (Albrecht)" <albrecht.schwarz@alcatel-lucent.com> Tue, 02 December 2014 09:47 UTC

Return-Path: <albrecht.schwarz@alcatel-lucent.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A5951A1A3C for <rtcweb@ietfa.amsl.com>; Tue, 2 Dec 2014 01:47:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.045
X-Spam-Level:
X-Spam-Status: No, score=-5.045 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FRT_LOLITA1=1.865, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9F1vKe8dMATs for <rtcweb@ietfa.amsl.com>; Tue, 2 Dec 2014 01:46:58 -0800 (PST)
Received: from smtp-fr.alcatel-lucent.com (fr-hpida-esg-02.alcatel-lucent.com [135.245.210.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65FEB1A0381 for <rtcweb@ietf.org>; Tue, 2 Dec 2014 01:46:57 -0800 (PST)
Received: from fr712usmtp2.zeu.alcatel-lucent.com (unknown [135.239.2.42]) by Websense Email Security Gateway with ESMTPS id 9FBB9C3AFD092; Tue, 2 Dec 2014 09:46:50 +0000 (GMT)
Received: from FR711WXCHHUB02.zeu.alcatel-lucent.com (fr711wxchhub02.zeu.alcatel-lucent.com [135.239.2.112]) by fr712usmtp2.zeu.alcatel-lucent.com (GMO) with ESMTP id sB29kqiO004146 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 2 Dec 2014 10:46:52 +0100
Received: from FR711WXCHMBA03.zeu.alcatel-lucent.com ([169.254.3.75]) by FR711WXCHHUB02.zeu.alcatel-lucent.com ([135.239.2.112]) with mapi id 14.03.0195.001; Tue, 2 Dec 2014 10:46:52 +0100
From: "Schwarz, Albrecht (Albrecht)" <albrecht.schwarz@alcatel-lucent.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Thread-Topic: [rtcweb] Unsolicited DTLS Handshake
Thread-Index: AQHQDbgxEt8/vgw9SE+iQU4BLGVkCJx7Tk6AgAAmLgCAAA71AIAAU10AgAActYCAABmfYA==
Date: Tue, 2 Dec 2014 09:46:51 +0000
Message-ID: <786615F3A85DF44AA2A76164A71FE1AC36CCE2@FR711WXCHMBA03.zeu.alcatel-lucent.com>
References: <CAD5OKxtyy2Djh5ssE69qLJq7deQU9LP=J2vpn_Y3eO=4D2vpmg@mail.gmail.com> <CALiegfnh3pHA=Z6O_PYuhoECzzex3quDh1fUk=yRvbFp+xKGNQ@mail.gmail.com> <CABkgnnUppq01v1vo8H6WY80nS5XUhf+mjuNMreYyCQagKFgOGQ@mail.gmail.com> <CAD5OKxsbt4O8xuphthvEJqEYgPfubhpvY1sNDi_GkzcyEQXkyw@mail.gmail.com> <CABkgnnX8ufq1YQm+6S1xE+zDMQ42qAcvYiViKmAdG49Tj3HXUA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D56BFB2@ESESSMB209.ericsson.se>
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B1D56BFB2@ESESSMB209.ericsson.se>
Accept-Language: de-DE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.239.27.39]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/XIVQIxnLh3v4RlFb4dTS_bgLt3I
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Unsolicited DTLS Handshake
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Dec 2014 09:47:00 -0000

Hello Christer,

fail to see any tight coupling between bundling and (D)TLS session resumption. Both are orthogonal capabilities.
You could execute a (D)TLS session resumption procedure for an established/active (D)TLS session (under the condition of a resumable session) which is shared by a bundled media group.
Why not?

Regards,
Albrecht

-----Original Message-----
From: rtcweb [mailto:rtcweb-bounces@ietf.org] On Behalf Of Christer Holmberg
Sent: Dienstag, 2. Dezember 2014 10:11
To: Martin Thomson; Roman Shpount
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Unsolicited DTLS Handshake

Hi,

Related to this, session resumption is another feature not commonly supported, afaik.

(Of course, when using BUNDLE you don't need it.)

Regards,

Christer

-----Original Message-----
From: rtcweb [mailto:rtcweb-bounces@ietf.org] On Behalf Of Martin Thomson
Sent: 2. joulukuuta 2014 9:28
To: Roman Shpount
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Unsolicited DTLS Handshake

On 1 December 2014 at 16:29, Roman Shpount <roman@telurix.com> wrote:
> I am talking about renegotiation, such as in 
> https://tools.ietf.org/html/rfc5764#section-5.2, which is essentially 
> a new handshake.

ekr corrected me.  Firefox explicitly disables renegotiation.  We don't have the machinery in place to re-export SRTP keying material anyway (I suspect that it requires use of MKI).

As for the text in RFC 5763, I read that as : if you have a connection, use it; if you don't, or the existing one is "bad" for any reason, make a new one.  That is not renegotiation.

_______________________________________________
rtcweb mailing list
rtcweb@ietf.org
https://www.ietf.org/mailman/listinfo/rtcweb

_______________________________________________
rtcweb mailing list
rtcweb@ietf.org
https://www.ietf.org/mailman/listinfo/rtcweb