Re: [rtcweb] Consensus call regarding media security

Roman Shpount <roman@telurix.com> Thu, 29 March 2012 15:33 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 174F721E8225 for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 08:33:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.686
X-Spam-Level:
X-Spam-Status: No, score=-2.686 tagged_above=-999 required=5 tests=[AWL=-0.010, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8HDhjfILW+nJ for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 08:33:49 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 4EAD421E8223 for <rtcweb@ietf.org>; Thu, 29 Mar 2012 08:33:49 -0700 (PDT)
Received: by yhkk25 with SMTP id k25so1708909yhk.31 for <rtcweb@ietf.org>; Thu, 29 Mar 2012 08:33:49 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:x-gm-message-state:content-type; bh=5i3TK4PYenC4CEO/9+uZoAub8K1m9KDXCmKkO0JAA00=; b=Kk2XtdqBmmO9siZ0hORmhnrLDbkvp9BLQjF+OYQtNutBN23i3dE5uoQPL1kSXXuvh6 wNZRIQTPc07FE0d5JojLLcXY2zA14Q1kA0ZP7uq4co9rEM/wEjB+VRx+MHfbAzj4ZjOD bz+T516NJadbq/U/2gv6ileEnKrw1V3r6DxDfCcsI8EcFX6xyxeRz6SZ4nlitmGRScW+ Yb1Ctl6/bfLTmx0BEFhzXK79M90+uwmbsFyKfWp49IUGc8pI8Ozx0LmEPtrLeFnAO2OZ aM9wdNXTeH6C3VESgdYOfnesQgKwxNpnHxzDnnrwjMHFTrS/Zyq8FPpvYR6+UNQB7TXW 40Zg==
Received: by 10.68.219.34 with SMTP id pl2mr836915pbc.56.1333035228587; Thu, 29 Mar 2012 08:33:48 -0700 (PDT)
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by mx.google.com with ESMTPS id w6sm5229934pbf.66.2012.03.29.08.33.47 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 08:33:47 -0700 (PDT)
Received: by pbbrq13 with SMTP id rq13so274988pbb.31 for <rtcweb@ietf.org>; Thu, 29 Mar 2012 08:33:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.230.99 with SMTP id sx3mr816235pbc.55.1333035227024; Thu, 29 Mar 2012 08:33:47 -0700 (PDT)
Received: by 10.68.6.67 with HTTP; Thu, 29 Mar 2012 08:33:46 -0700 (PDT)
In-Reply-To: <CALiegfmFb2=AxbPpOhM5_-75O8NPmGTK275gbs9gGXgTE94NFQ@mail.gmail.com>
References: <4F732531.2030208@ericsson.com> <CAD5OKxs6NHha2egNSTumEaHYJ0bB6qu_nfshmBM6dntx2n49HQ@mail.gmail.com> <CALiegfn4MZYb-qCnM62T7w4EgWqrC5baN+pAYBZF84kEA7Ko6A@mail.gmail.com> <CAD5OKxtDED1vSFrw4V9TKkUzdSSXNg+S_WBrxmnFo21hjJvqMA@mail.gmail.com> <CALiegfkmckSar175LDYouvPkp0Vm1QCKhmTuiGNnD62QTDhamg@mail.gmail.com> <CAD5OKxur4FKAw8PprjfxLQVekmOWGuQegqN02mHsP+Hr-k_UNg@mail.gmail.com> <CALiegf=gZs_h4SqvQgwrb1Nec7TZZ6rpHRHgyKGVYtvED78jpw@mail.gmail.com> <CAD5OKxs+ijUt6pXz7OEAtQEyAwZ54rHmJFwnMg5BmL9zYCiOEQ@mail.gmail.com> <CALiegfmFb2=AxbPpOhM5_-75O8NPmGTK275gbs9gGXgTE94NFQ@mail.gmail.com>
Date: Thu, 29 Mar 2012 11:33:46 -0400
Message-ID: <CAD5OKxuK7GLtCaHTk_gQokPAHsRrLqGYjv8pJR_r8eaFXtspMg@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: =?ISO-8859-1?Q?I=F1aki_Baz_Castillo?= <ibc@aliax.net>
X-Gm-Message-State: ALoCoQlNdvg+qPzokwyMK1Yn2h2YabS8KC8wxuKBeK8z2rFzLFOhfZCyuUH7i7/ypZf9LJWgWVRN
Content-Type: multipart/alternative; boundary=047d7b2edf032e0d9104bc63736f
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 15:33:50 -0000

On Thu, Mar 29, 2012 at 11:21 AM, Iñaki Baz Castillo <ibc@aliax.net> wrote:

> You miss something:
>
> 1) I access some web using HTTPS with a valid certificate and so.
>
> 2) Some HTML and JavaScript is got.
>
> 3) The JS code opens a *non* secure WebSocket connection to some other
> server (same domain or not, it does not matter here).
>
> 4) WebRTC signaling goes through the WebSocket connection (so forget
> the initial HTTPS hyper-secure-and-verified connection).
>
> 5) SDES-SRTP is negotiated and accepted by both peers.
>
> 6) So signaling can be intercepted (unsecure WebSocket connection),
> and therefore also the SDES keys. Interception possible regardless the
> initial communication was HTTPS.
>
> 7) FAIL.
>

First of  all, HTTP WebSocket connection are normally not allowed from
HTTPS initiated sessions (or generate a warning).

Second, my point was that SDES-SRTP is no more secure then plain RTP when
signaling is transmitted over clear channel. You are saying the same thing.
If SDES-SRTP is allowed, there is no harm in allowing plain RTP from HTTP,
since, as far as security is concerned, there is no difference.

> _____________
Roman Shpount