Re: [rtcweb] Comments on draft-ietf-rtcweb-security-06
Martin Thomson <martin.thomson@gmail.com> Fri, 21 February 2014 17:34 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A1FF1A02D0 for <rtcweb@ietfa.amsl.com>; Fri, 21 Feb 2014 09:34:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.797
X-Spam-Level:
X-Spam-Status: No, score=0.797 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FH_RELAY_NODNS=1.451, FREEMAIL_FROM=0.001, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.793, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fnfczqqlxbZt for <rtcweb@ietfa.amsl.com>; Fri, 21 Feb 2014 09:34:02 -0800 (PST)
Received: from mail-wg0-x233.google.com (unknown [IPv6:2a00:1450:400c:c00::233]) by ietfa.amsl.com (Postfix) with ESMTP id 089AC1A01DC for <rtcweb@ietf.org>; Fri, 21 Feb 2014 09:34:01 -0800 (PST)
Received: by mail-wg0-f51.google.com with SMTP id n12so2709929wgh.18 for <rtcweb@ietf.org>; Fri, 21 Feb 2014 09:33:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=V4WZH1KYk62iVfQJu4SN7BbQU4+4ePAi7VajdpDk4WM=; b=gAIhJFNeQOO4Yfir3/n78C6pW4zbGiKXn4x9g+V90eLbmEbgTJQ+nrq54q1Mn0n+3n rFVOiWDLBdrXhtjHjBkSdj2d83eK4/oOZMm/YrfPel3dStsAASw9GDeRRM/POOeN+7Xd eZ9VloGEie3VKUFtNwJHB/DIBsL9UAhTQF1/YiHynJBJXh1iTddern73muLUqnEs3s1I 3Xzh4d4LqKQGA+OvNG9V7K+L2OXbxuD1/Zo1aWn40L+9G0U1K8uvx3uAien0cb5DSf8z 0kd0xmXlPGC4GHiTCIXDjy2ai8377WvUEyeE5ifnt09FgVB4dGd0B69RvnAxg3KJhaS+ 98Ow==
MIME-Version: 1.0
X-Received: by 10.194.110.41 with SMTP id hx9mr8428107wjb.28.1393004037356; Fri, 21 Feb 2014 09:33:57 -0800 (PST)
Received: by 10.227.10.196 with HTTP; Fri, 21 Feb 2014 09:33:57 -0800 (PST)
In-Reply-To: <530627C7.30906@ericsson.com>
References: <530627C7.30906@ericsson.com>
Date: Fri, 21 Feb 2014 09:33:57 -0800
Message-ID: <CABkgnnUyx4-N9ZxyNwtGJ9B1hBNugRUfoG524e3kTya=R5E41Q@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/XfdUbPhYDW2CmIkXEcYIgMZXXpU
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Comments on draft-ietf-rtcweb-security-06
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Feb 2014 17:34:03 -0000
On 20 February 2014 08:05, Magnus Westerlund <magnus.westerlund@ericsson.com> wrote: > When I read this section, my immediate question was, doesn't RTP need > corresponding protection. To my understanding, the answer would be yes, > but it is more difficult to inject data and get a certain plaintext even > without the SRTP encryption scrambling the payload part. Still, that > assumes that an JS application, can write the payload data itself. > Secondly, it does assume that one MUST use encryption in SRTP. Yes, with WebAudio, I can construct an SRTP packet that contains ciphertext that I can control, assuming that I know the session keys (yes), and I'm prepared to do a lot of work. SRTP doesn't have the IV per-packet that DTLS does. What you can't do is make it look like a non-SRTP packet, the first byte, length and MAC would be extremely difficult to control (for the MAC, that's more or less the point...), if not impossible. So the question is, is there an intermediary that might be tricked into interpreting an SRTP packet in a way that might have negative consequences. When masking was added to websockets, it was because the confusion was demonstrated as being possible: intermediaries were searching for HTTP requests and responses in ways that were easily exploited and then caching the results. To a large extent, that attack relied on the fact that TCP is a stream-based protocol - it didn't matter where the request appeared. In this case, the mapping of SRTP onto UDP doesn't really lead to intermediaries looking for goodies inside packets. I'm not going to say that there is a risk, but I think that I'd be willing to take the risk given the plethora of mitigating circumstances here.
- [rtcweb] Comments on draft-ietf-rtcweb-security-06 Magnus Westerlund
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Ted Hardie
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Magnus Westerlund
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Martin Thomson
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Ted Hardie
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Martin Thomson
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Magnus Westerlund
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Martin Thomson
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Magnus Westerlund
- Re: [rtcweb] Comments on draft-ietf-rtcweb-securi… Randell Jesup
- [rtcweb] Comments on draft-ietf-rtcweb-security-06 John Mattsson