IETF Logo Mail Archive

Re: [rtcweb] SDP Security Descriptions (RFC 4568) and RTCWeb

Tim Panton <tim@phonefromhere.com> Thu, 09 May 2013 08:58 UTC

Return-Path: <tim@phonefromhere.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 255CC21F8E2C for <rtcweb@ietfa.amsl.com>; Thu, 9 May 2013 01:58:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nPkGlLucek8C for <rtcweb@ietfa.amsl.com>; Thu, 9 May 2013 01:58:24 -0700 (PDT)
Received: from smtp004.apm-internet.net (smtp004.apm-internet.net [85.119.248.54]) by ietfa.amsl.com (Postfix) with ESMTP id 2FA5021F8CEC for <rtcweb@ietf.org>; Thu, 9 May 2013 01:58:23 -0700 (PDT)
Received: (qmail 67819 invoked from network); 9 May 2013 08:58:21 -0000
X-AV-Scan: clean
Received: from unknown (HELO zimbra003.verygoodemail.com) (85.119.248.218) by smtp004.apm-internet.net with SMTP; 9 May 2013 08:58:21 -0000
Received: from zimbra003.verygoodemail.com (localhost [127.0.0.1]) by zimbra003.verygoodemail.com (Postfix) with ESMTP id D091918A04C2; Thu, 9 May 2013 09:58:21 +0100 (BST)
Received: from [192.67.4.33] (unknown [192.67.4.33]) by zimbra003.verygoodemail.com (Postfix) with ESMTPSA id AB49318A0255; Thu, 9 May 2013 09:58:21 +0100 (BST)
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/alternative; boundary="Apple-Mail=_86D4F89B-0BC4-4440-9DD2-00035C76D882"
From: Tim Panton <tim@phonefromhere.com>
In-Reply-To: <F3005B7CDE1DA5498B794C655CE1641E089287@GENSJZMBX03.msg.int.genesyslab.com>
Date: Thu, 09 May 2013 09:58:20 +0100
Message-Id: <A421197B-4C3C-4566-B06C-8EAA1511AC1F@phonefromhere.com>
References: <3FA2E46D-C98E-4FC0-9F1D-AD595A861CE1@iii.ca> <74300615-2293-4DCE-82A7-475F1A5A8256@gmail.com> <91B4F744-2201-4361-A8D8-7D36F47B865C@cisco.com> <CALiegfnqW26gEMYNpjJyzu=Nd6z9wCjvZbuY1N2tYvbfQiHyPA@mail.gmail.com> <95219856-8365-4A7E-BD0B-4EECE8868498@phonefromhere.com> <517A820F.9050807@alvestrand.no> <22E6A779-1573-4EDE-82D6-B1A831CE4833@cisco.com> <F3005B7CDE1DA5498B794C655CE1641E088481@GENSJZMBX03.msg.int.genesyslab.com> <EA463351-7630-4F9C-ABDC-E79A77158B7D@phonefromhere.com> <F3005B7CDE1DA5498B794C655CE1641E089287@GENSJZMBX03.msg.int.genesyslab.com>
To: Henry Lum <Henry.Lum@genesyslab.com>
X-Mailer: Apple Mail (2.1283)
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] SDP Security Descriptions (RFC 4568) and RTCWeb
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2013 08:58:30 -0000

On 7 May 2013, at 15:55, Henry Lum wrote:

> Does the signalling and DTLS media stream need to use the same certificate or the certificates can be from the same organization right? The contact center gateway and the recording element would be different components and hence have different certificates from the same organization.

Yep, you are right - sloppy thinking on my part:
same identity != same certificate

In my view they should both identify themselves as secure.xyzbank.com - that doesn't mean the same certificate, just the same identity.
I'm less keen on writing rules that match mediaserver.xyzbank.com up with www.xyzbank.com  and presume that these are the same entity.
>

v2.23.0 | Report a Bug | By Email