Re: [rtcweb] Asking TLS for help with media isolation

Bernard Aboba <bernard.aboba@gmail.com> Fri, 04 April 2014 03:21 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 066BF1A036D for <rtcweb@ietfa.amsl.com>; Thu, 3 Apr 2014 20:21:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IQxhKs3W9PkA for <rtcweb@ietfa.amsl.com>; Thu, 3 Apr 2014 20:21:27 -0700 (PDT)
Received: from mail-pb0-x22b.google.com (mail-pb0-x22b.google.com [IPv6:2607:f8b0:400e:c01::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 51BEC1A030B for <rtcweb@ietf.org>; Thu, 3 Apr 2014 20:21:27 -0700 (PDT)
Received: by mail-pb0-f43.google.com with SMTP id um1so2814133pbc.30 for <rtcweb@ietf.org>; Thu, 03 Apr 2014 20:21:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:from:subject:date:to; bh=q20xNMXCRsrvFSsSgUuklnlOTZU9thWrWITdwpevwTU=; b=Av4kzO5EsJU7JM2Dy9EJJwJdJfTzGn3ZfNKYmP7eKTVUQiqTcuX67OZ2cLhLen0/Uj E3yGaviFsRw9S5z8ns/7np9VIQjoleU+/+jCvpfra1wdl082vxDkGJ/zqP269G+iCMqI 5GSk7BcvxQc/iD0PKz4kfS2SdZ6fAoHt5aFVwKTnQAupZHUnxf/z6gih/j6AcawkpJli njdJhVW4vzC6efLqfi76fJEPyXsHqlE4MKf0caS4AAjm7XCD3A4oWmiQHLMWilnlb2rs 6SJ/YKD1yLBMlz9BHoZ51DLtIg+d1mYLIiN1YqzI+3IG+/IH0gJ1XyJYTK6YrJixiNLC jdVA==
X-Received: by 10.66.136.71 with SMTP id py7mr12162841pab.2.1396581683055; Thu, 03 Apr 2014 20:21:23 -0700 (PDT)
Received: from [192.168.1.112] (c-24-19-246-140.hsd1.wa.comcast.net. [24.19.246.140]) by mx.google.com with ESMTPSA id kl1sm14368051pbd.73.2014.04.03.20.21.21 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 03 Apr 2014 20:21:21 -0700 (PDT)
References: <CABkgnnWWuU63Vd=gw+wrh2ADgVYtQzhoRzRE1sv5azJE=MhWDg@mail.gmail.com> <CACsn0cmX55Eewak8GBxBbSFF3v7tRTVqRt0eLwkR2-Tk_V7gHA@mail.gmail.com> <CAOW+2dtKq4S68rNJAKbKbwMEnuD8rMbW4K_LfcjPBg5ps22BGw@mail.gmail.com> <CACsn0cnJcwjcn8GV1bv4z3=b6RTXKQ1X02Sj6ec-jNmrO9G=bg@mail.gmail.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <CACsn0cnJcwjcn8GV1bv4z3=b6RTXKQ1X02Sj6ec-jNmrO9G=bg@mail.gmail.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Message-Id: <4D1601F5-27FA-441C-9EE8-4069D14B2351@gmail.com>
X-Mailer: iPad Mail (11D167)
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Thu, 3 Apr 2014 20:21:20 -0700
To: Watson Ladd <watsonbladd@gmail.com>
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/bQLI2JDOjuhKkc6X6-4rXjndY3o
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Asking TLS for help with media isolation
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 03:21:33 -0000

> On Apr 3, 2014, at 19:49, Watson Ladd <watsonbladd@gmail.com> wrote:
> 
> I don't see why the isolation status cannot be included as an
> extension to SRTP. You aren't asking TLS to make extensions for video
> resolution and codec after all.

[BA] The isolation request could be carried in an RTP header extension until, for example, a RR was obtained by the sender confirming it was received.  However, RTP extensions are optional and the sender wouldn't have confirmation from the receiver via the media plane that the isolation request was honored. So the TLS approach provides better semantics.