Re: [rtcweb] Consensus call regarding media security
Hadriel Kaplan <HKaplan@acmepacket.com> Wed, 28 March 2012 16:06 UTC
Return-Path: <HKaplan@acmepacket.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA59F21E827D for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 09:06:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.491
X-Spam-Level:
X-Spam-Status: No, score=-2.491 tagged_above=-999 required=5 tests=[AWL=0.107, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t-hbH3eBuymv for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 09:06:47 -0700 (PDT)
Received: from etmail.acmepacket.com (etmail.acmepacket.com [216.41.24.6]) by ietfa.amsl.com (Postfix) with ESMTP id B68A221E826C for <rtcweb@ietf.org>; Wed, 28 Mar 2012 09:06:46 -0700 (PDT)
Received: from MAIL1.acmepacket.com (10.0.0.21) by etmail.acmepacket.com (216.41.24.6) with Microsoft SMTP Server (TLS) id 8.2.254.0; Wed, 28 Mar 2012 12:06:45 -0400
Received: from MAIL2.acmepacket.com ([169.254.2.197]) by Mail1.acmepacket.com ([169.254.1.170]) with mapi id 14.02.0283.003; Wed, 28 Mar 2012 12:06:45 -0400
From: Hadriel Kaplan <HKaplan@acmepacket.com>
To: "<igor.faynberg@alcatel-lucent.com>" <igor.faynberg@alcatel-lucent.com>
Thread-Topic: [rtcweb] Consensus call regarding media security
Thread-Index: AQHNDPzFhnzzZTqOnkq4McxXkUzHHA==
Date: Wed, 28 Mar 2012 16:06:44 +0000
Message-ID: <91F0E66E-A75E-4369-A010-9712FF90258D@acmepacket.com>
References: <4F732531.2030208@ericsson.com> <CAD5OKxs6NHha2egNSTumEaHYJ0bB6qu_nfshmBM6dntx2n49HQ@mail.gmail.com> <4F733492.9040601@alcatel-lucent.com>
In-Reply-To: <4F733492.9040601@alcatel-lucent.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [216.41.24.34]
Content-Type: multipart/alternative; boundary="_000_91F0E66EA75E4369A0109712FF90258Dacmepacketcom_"
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAQAAAWE=
Cc: "<rtcweb@ietf.org>" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 16:06:47 -0000
Actually, I was confused about that - it seems to me it's still an open item whether to allow null cipher or not. -hadriel On Mar 28, 2012, at 5:56 PM, Igor Faynberg wrote: Roman, I think there is a misunderstanding (I assume you did not attend the meeting today). It has been clarified that SRTP allows the NULL encryption algorithm, and that this option will be available. Igor On 3/28/2012 11:49 AM, Roman Shpount wrote: As I have mentioned before on this list I am strongly against making SRTP protection for RTP a requirement. I think this is an unnecessary requirement that serves little real purpose except feeding into some marketing message that most of the WebRTC users would not care about. Unless use of identity is also a requirement, requiring SRTP will provide security only in a very narrow sense of the word. At the same time I do believe that extra standard requirements will stifle innovation and will complicate new service or application creation. I have no objection to making DTLS-SRTP a required to implement protocol. _____________ Roman Shpount On Wed, Mar 28, 2012 at 10:50 AM, Magnus Westerlund <magnus.westerlund@ericsson.com<mailto:magnus.westerlund@ericsson.com>> wrote: WG, In todays RTCWEB WG meeting there was discussion around media security mechanism. In this meeting there was some clear consensus in the meeting which we would like to confirm on the list. The first was that there was overwhelming consensus that all RTP packets SHALL be protected by SRTP. Secondly that no one objected against making DTLS-SRTP a mandatory to implement and the default keying mechanism. Additional mechanisms are not precluded. WG participants may state their position regarding these consensus calls until 12th of April when the chairs will declare the final consensus. If you where present in the meeting room and comment on this, please indicate that. Best Regards Magnus Westerlund For the WG chairs _______________________________________________ rtcweb mailing list rtcweb@ietf.org<mailto:rtcweb@ietf.org> https://www.ietf.org/mailman/listinfo/rtcweb _______________________________________________ rtcweb mailing list rtcweb@ietf.org<mailto:rtcweb@ietf.org> https://www.ietf.org/mailman/listinfo/rtcweb _______________________________________________ rtcweb mailing list rtcweb@ietf.org<mailto:rtcweb@ietf.org> https://www.ietf.org/mailman/listinfo/rtcweb
- [rtcweb] Consensus call regarding media security Magnus Westerlund
- Re: [rtcweb] Consensus call regarding media secur… Basil Mohamed Gohar
- Re: [rtcweb] Consensus call regarding media secur… Eric Rescorla
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Igor Faynberg
- Re: [rtcweb] Consensus call regarding media secur… Hadriel Kaplan
- Re: [rtcweb] Consensus call regarding media secur… Kevin P. Fleming
- Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
- Re: [rtcweb] Consensus call regarding media secur… Hadriel Kaplan
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Dan Wing
- Re: [rtcweb] Consensus call regarding media secur… Dan Wing
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Basil Mohamed Gohar
- Re: [rtcweb] Consensus call regarding media secur… Timothy B. Terriberry
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Justin Uberti
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Basil Mohamed Gohar
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Bernard Aboba
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Magnus Westerlund
- Re: [rtcweb] Consensus call regarding media secur… Bernard Aboba
- Re: [rtcweb] Consensus call regarding media secur… Justin Uberti
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Hutton, Andrew
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Basil Mohamed Gohar
- Re: [rtcweb] Consensus call regarding media secur… Hutton, Andrew
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Ravindran, Parthasarathi
- Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Fabio Pietrosanti (naif)
- Re: [rtcweb] Consensus call regarding media secur… Ravindran, Parthasarathi
- Re: [rtcweb] Consensus call regarding media secur… jesse
- Re: [rtcweb] Consensus call regarding media secur… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- Re: [rtcweb] Consensus call regarding media secur… Roman Shpount
- [rtcweb] Which servers to trust (Re: Consensus ca… Harald Alvestrand
- Re: [rtcweb] Which servers to trust (Re: Consensu… Iñaki Baz Castillo
- Re: [rtcweb] Which servers to trust (Re: Consensu… Iñaki Baz Castillo
- Re: [rtcweb] Which servers to trust (Re: Consensu… Randell Jesup
- Re: [rtcweb] Which servers to trust (Re: Consensu… Iñaki Baz Castillo
- Re: [rtcweb] Consensus call regarding media secur… Magnus Westerlund
- Re: [rtcweb] Consensus call regarding media secur… Eric Rescorla