Re: [rtcweb] Traffic should be encrypted. (Re: Let's define the purpose of WebRTC)

Eric Rescorla <ekr@rtfm.com> Fri, 11 November 2011 14:59 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BEAB21F8A71 for <rtcweb@ietfa.amsl.com>; Fri, 11 Nov 2011 06:59:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.941
X-Spam-Level:
X-Spam-Status: No, score=-102.941 tagged_above=-999 required=5 tests=[AWL=0.036, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OYBpuu2cDehT for <rtcweb@ietfa.amsl.com>; Fri, 11 Nov 2011 06:59:54 -0800 (PST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id AFAF121F8A6F for <rtcweb@ietf.org>; Fri, 11 Nov 2011 06:59:54 -0800 (PST)
Received: by vws5 with SMTP id 5so4171110vws.31 for <rtcweb@ietf.org>; Fri, 11 Nov 2011 06:59:54 -0800 (PST)
Received: by 10.52.65.14 with SMTP id t14mr21457063vds.47.1321023594145; Fri, 11 Nov 2011 06:59:54 -0800 (PST)
MIME-Version: 1.0
Received: by 10.220.118.132 with HTTP; Fri, 11 Nov 2011 06:59:13 -0800 (PST)
X-Originating-IP: [74.95.2.173]
In-Reply-To: <CAD5OKxs-pWwDBjwAu=mQVWRZa4H_YPpzQ31=0qxUUj-pJOErcg@mail.gmail.com>
References: <CALiegfkVNVAs_MyU_-4koA4zRwSn1-FwLjY9g_oZVkhi9rSK5Q@mail.gmail.com> <5454E693-5C34-4C77-BA07-2A9EE9EE4AFD@cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C01349FFE@inba-mail01.sonusnet.com> <1D062974A4845E4D8A343C653804920206D3B7FD@XMB-BGL-414.cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C0134A105@inba-mail01.sonusnet.com> <1F2A2C70609D9E41844A2126145FC09804691DA2@HKGMBOXPRD22.polycom.com> <CALiegfmf59jb4asUu9LA6YY_aMtKEnM1Wy34KbuLEn3_h1xBXA@mail.gmail.com> <CALiegfmM1PB=VAQjfh4rW3-3C8aumHdWy9nZxD0-BWBq9Kq_tg@mail.gmail.com> <1D062974A4845E4D8A343C653804920206D3BA57@XMB-BGL-414.cisco.com> <CALiegfkWnRT8m4S9pXTxuLsc-p_bhkG3d=PX3qgiFFt5gW5yfw@mail.gmail.com> <CAD5OKxvQYVKOZF88WLCiRseg-qXQdOpKeDU_t9b-yA2GcDBT-w@mail.gmail.com> <CABcZeBOiPxz_swdaG6Aqoch1WAUtjNh4eOQy1QObCDXT_B8azg@mail.gmail.com> <CAD5OKxtp+LQBRCHgbWdJyrSRcpNQ82i64TJgGtGPrE7+GKcEog@mail.gmail.com> <4EBC3475.90706@alvestrand.no> <CAD5OKxu_-+ZRsqpUBkFSj=tYtOKG0pK3JoQTZHwQGMuBCnp0Gw@mail.gmail.com> <CAD5OKxuaWJ3SBv+0gac6EQy6-Lsb-LS_SBXk5FqObKy4mN6wNg@mail.gmail.com> <CCF4FC92-D5AA-43C8-A0B2-8041C9B8E1BD@edvina.net> <CAD5OKxs-pWwDBjwAu=mQVWRZa4H_YPpzQ31=0qxUUj-pJOErcg@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 11 Nov 2011 06:59:13 -0800
Message-ID: <CABcZeBPe=LmDMRgU51x2x5OWsZaw3tD4PX_w19Dazxiu5TGf9Q@mail.gmail.com>
To: Roman Shpount <roman@telurix.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Traffic should be encrypted. (Re: Let's define the purpose of WebRTC)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Nov 2011 14:59:55 -0000

On Fri, Nov 11, 2011 at 4:02 AM, Roman Shpount <roman@telurix.com> wrote:
> On Fri, Nov 11, 2011 at 3:49 AM, Olle E. Johansson <oej@edvina.net> wrote:
o, I wanted expand on the debug requirements: I do hope we will make key
> exchange mechanism, different from SDES, mandatory for WebRTC. Passing
> actual encryption keys through JavaScript makes media encryption to easy to
> circumvent. This means some type of public/private key encryption used for
> key exchange. If we do this right, getting to the actual key used for media
> session encryption will be very difficult, so most of the tools currently
> used for SRTP debugging will stop working.

This simply isn't "very difficult". There are existing tools for doing SSL/TLS
diagnostics and for recovering the encrypted data (e.g., ssldump, wireshark)
and it's not going to be hard to adapt them to this application.


> One more benefit of having RTP as fallback for legacy interop is that it
> will allow us to specify something that will be more secure for WebRTC. If
> SDES support would no longer be needed, we can concentrate on using key
> exchange mechanism that is actually secure.

I think it's important to distinguish between legacy interop and WebRTC-WebRTC
cases. I'm more positive (though still not exactly thrilled) about the
claim that we
should support RTP for interop modes provided that WebRTC-WebRTC calls are
secure.


> Finally, (going slightly off topic here) it would probably be a good idea to
> make key exchange part of the initial ICE transaction. This way we can use
> this key exchange as an additional verification of the remote party, and
> reduce the number of round trips required before the media flow is
> established.

There's no real need for additional verification of the remote party at the ICE
level. My suspicion is that the RTTs won't be a significant factor here, but
certainly it would be possible to embed the DTLS messages into the
ICE exchange if it turned out to be.

-Ekr