Re: [rtcweb] Should consent checks be optimized further?

Martin Thomson <martin.thomson@gmail.com> Wed, 19 March 2014 18:18 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 130C21A0451 for <rtcweb@ietfa.amsl.com>; Wed, 19 Mar 2014 11:18:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UegUtMR-qsph for <rtcweb@ietfa.amsl.com>; Wed, 19 Mar 2014 11:18:32 -0700 (PDT)
Received: from mail-wg0-x22a.google.com (mail-wg0-x22a.google.com [IPv6:2a00:1450:400c:c00::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 662531A042C for <rtcweb@ietf.org>; Wed, 19 Mar 2014 11:18:32 -0700 (PDT)
Received: by mail-wg0-f42.google.com with SMTP id y10so7286992wgg.1 for <rtcweb@ietf.org>; Wed, 19 Mar 2014 11:18:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=IhghE+vNVgWGqDehNiSaTHAdgmG5lxYdHOGyRE6A95g=; b=lo9ujfotQXX2Ol/6WaQEGWVRlh+6ahKzsU/gytqvpiXnJH6rLeoESYYcZQOWWdYHvM tFXzmJdIhUpKeUCLFQDFnYkDFav/dJ78KiYx713Yh+K8WGHWweratRKtGp3B1Ppk7iE6 PGvRJziaB2qllLlRd84/nxzxG+SoLsZM79tqYeG6M7EbtDbDHhq/AfycPfi1HgDWPzxF QjBKwYo3LkjTy+R4yLFwSx0QwJuy4FW0D9xxGzxPpmU+YY8Jloxj7zCTMT+0WCZoCqHj EEyXRb56j8kz95oXI19Z4girtU4ay08gzWTXJKyAvMEZCzAZ8gRe6sJ8DBGP3MZC9XYt MRjg==
MIME-Version: 1.0
X-Received: by 10.180.75.202 with SMTP id e10mr21079256wiw.50.1395253103295; Wed, 19 Mar 2014 11:18:23 -0700 (PDT)
Received: by 10.227.147.10 with HTTP; Wed, 19 Mar 2014 11:18:23 -0700 (PDT)
In-Reply-To: <E721D8C6A2E1544DB2DEBC313AF54DE22E319CE5@xmb-rcd-x02.cisco.com>
References: <E721D8C6A2E1544DB2DEBC313AF54DE22E319CE5@xmb-rcd-x02.cisco.com>
Date: Wed, 19 Mar 2014 11:18:23 -0700
Message-ID: <CABkgnnXdgYMenHdMh6emZzuLdDRA5PkWo2B6ygq0di_JsFjD7A@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/YrRMWSgjTGzk5ReH36jIATTaAYE
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Should consent checks be optimized further?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Mar 2014 18:18:34 -0000

On 19 March 2014 08:01, Muthu Arul Mozhi Perumal (mperumal)
<mperumal@cisco.com> wrote:
> Should reception of authenticated traffic from the peer on the inverted
> 5-tuple be considered as peer granting consent to send traffic to it? Should
> the browser refrain from performing consent freshness when it continues to
> receive such traffic from the peer?


You forgot to mention another concern here, which is that the receipt
of an authenticated packet is not sufficient if the path has changed.
You need to verify that the peer on the new path has both consented to
receive data AND is in possession of the session keys.  Otherwise, in
combination with source IP/port spoofing, you get an attack that a
victim cannot opt out of.