IETF Logo Mail Archive

Re: [rtcweb] I-D Action: draft-ietf-rtcweb-data-protocol-01.txt

Paul Kyzivat <pkyzivat@alum.mit.edu> Tue, 29 October 2013 18:59 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B31DE11E82A2 for <rtcweb@ietfa.amsl.com>; Tue, 29 Oct 2013 11:59:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.238
X-Spam-Level:
X-Spam-Status: No, score=-0.238 tagged_above=-999 required=5 tests=[AWL=0.199, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BhVORfJlYltT for <rtcweb@ietfa.amsl.com>; Tue, 29 Oct 2013 11:59:47 -0700 (PDT)
Received: from qmta07.westchester.pa.mail.comcast.net (qmta07.westchester.pa.mail.comcast.net [IPv6:2001:558:fe14:43:76:96:62:64]) by ietfa.amsl.com (Postfix) with ESMTP id B40A011E827E for <rtcweb@ietf.org>; Tue, 29 Oct 2013 11:59:46 -0700 (PDT)
Received: from omta07.westchester.pa.mail.comcast.net ([76.96.62.59]) by qmta07.westchester.pa.mail.comcast.net with comcast id j0ZW1m0051GhbT8576zm9E; Tue, 29 Oct 2013 18:59:46 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([50.138.229.164]) by omta07.westchester.pa.mail.comcast.net with comcast id j6zl1m00m3ZTu2S3T6zllA; Tue, 29 Oct 2013 18:59:46 +0000
Message-ID: <527005A1.7000007@alum.mit.edu>
Date: Tue, 29 Oct 2013 14:59:45 -0400
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.0.1
MIME-Version: 1.0
To: Eric Rescorla <ekr@rtfm.com>
References: <20131021191343.32574.60876.idtracker@ietfa.amsl.com> <03FBA798AC24E3498B74F47FD082A92F3D86C821@US70UWXCHMBA04.zam.alcatel-lucent.com> <A87B4291-FA11-43BB-B8F0-55C59CF63421@lurchi.franken.de> <CAOJ7v-20YkvazNLqmbjQcOkhaedd+MKm8d6x2oeL46imvuLrzA@mail.gmail.com> <03FBA798AC24E3498B74F47FD082A92F3D86C8DB@US70UWXCHMBA04.zam.alcatel-lucent.com> <120FE29C-150E-47BF-951C-B8124EB7A262@lurchi.franken.de> <03FBA798AC24E3498B74F47FD082A92F3D86C9A2@US70UWXCHMBA04.zam.alcatel-lucent.com> <5269F3B5.2020308@alvestrand.no> <03FBA798AC24E3498B74F47FD082A92F3D86CD4C@US70UWXCHMBA04.zam.alcatel-lucent.com> <526C4297.2000006@alum.mit.edu> <526CE0BE.90606@jesup.org> <526FD2D8.7000709@alum.mit.edu> <CABcZeBOiKboabmjRqWxzD8-SD9M01FkuQEH9M4+jN8dV=t0Z8Q@mail.gmail.com> <526FFEBC.7090302@alum.mit.edu> <CABcZeBMdqJuRdrrRmxq8M-1AiX2cikxRN2NbPTg2k9rRytmpjQ@mail.gmail.com>
In-Reply-To: <CABcZeBMdqJuRdrrRmxq8M-1AiX2cikxRN2NbPTg2k9rRytmpjQ@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1383073186; bh=Eu+mt2jYW32Dlea6ey98XaP6zahyvuzwK5J0gRcQSxM=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=kJvZidXtwtggBUkJ2oya2y07vK4wHYKmgpfG9ARveQg03Icbt0+q23MVrKVAfJQbN kL2V9pTGjAJDKyiYWtupChuftKP3tIt1A0oAp5/VQ58gg2tUWax1ymhA/qp7c3hmQJ sNLon/lI6TGZfkurE5/EwOgKwLDAu9GMMe5stx6wgYfYB38tvhAbShM8ady+Z4b4mZ Iu9rwDqeLex2yZ8bDxaDxTuj7eLKij3M7n6O349neOK9+k8nqt/gOVrN4FSSpcz32I LV94b09443ITUjV5RbAHYLoOobcLqnuR5ER0ij1ZPKfJF26BUlaxp7nFfMr/z3lja+ Wk0N6KSCjLeoA==
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] I-D Action: draft-ietf-rtcweb-data-protocol-01.txt
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Oct 2013 18:59:54 -0000

(trimming)

On 10/29/13 2:46 PM, Eric Rescorla wrote:

>              Is it not possible for an intermediary on the signaling path to
>              insert itself in the media path, manipulating the SDP such
>         that the
>              two ends both establish the DTLS with the intermediary?
>
>         There is a separate role negotiation for DTLS (actpass, etc.)
>         that works
>         even if both sides think they are the offerer or answerer.
>
>
>     I know about that. That mechanism is also used for TCP negotiation
>     in SDP. And that is one place where an intermediary sometimes sticks
>     its nose in explicitly to manipulate the roles, allowing both ends
>     to be active.
>
>     In the current case, ICE and possible TURN result in getting the
>     media path established without those games. So maybe there is less
>     motivation for an intermediary. But still, they still seem to show
>     up because administrators think they need them. And once there,
>     couldn't the intermediary still end up making both ends think they
>     are active?
>
> Well, it could but then they wouldn't be able to negotiate DTLS.

Couldn't it negotiation independently on each side - becoming a true MITM.

(I'm not advocating this as a good thing. But if it is possible, there 
will be someone who wants to do it, and somebody willing to sell them 
stuff to do it.)

	Thanks,
	Paul

v2.39.1 | Report a Bug | By Email | System Status