Re: [rtcweb] consent freshness [was RE: STUN for keep-alive]

"Muthu Arul Mozhi Perumal (mperumal)" <> Thu, 22 September 2011 13:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id EB2DD21F8BF0 for <>; Thu, 22 Sep 2011 06:58:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.494
X-Spam-Status: No, score=-10.494 tagged_above=-999 required=5 tests=[AWL=0.105, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id IfkmixRKbHqu for <>; Thu, 22 Sep 2011 06:58:17 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id D2AB621F8C1E for <>; Thu, 22 Sep 2011 06:58:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=2564; q=dns/txt; s=iport; t=1316700048; x=1317909648; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=rRaAaTPWqjR3mT8ixs93dmsPNmP1dBkGt6wQyC/3bvc=; b=diuMfQIUTM5sRs0WJPWbdVvHK5E/6bvOdvWg032Xg+2zEX6z2BnNc2nB ABMcFqhEVxXuyjoNgip/mGT9OOpv2bueGr0au88DfyZRlKP+8EMxwH1yh aqvN/wJ5IgnegDfUvzONMUyaFxySCVghKzorgcCJ9eJb9P6SszXAx5r6i E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="4.68,423,1312156800"; d="scan'208";a="116695197"
Received: from ([]) by with ESMTP; 22 Sep 2011 14:00:42 +0000
Received: from ( []) by (8.14.3/8.14.3) with ESMTP id p8ME0fUY008312; Thu, 22 Sep 2011 14:00:41 GMT
Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.4675); Thu, 22 Sep 2011 19:30:41 +0530
X-Mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 22 Sep 2011 19:30:40 +0530
Message-ID: <>
In-Reply-To: <>
Thread-Topic: [rtcweb] consent freshness [was RE: STUN for keep-alive]
Thread-Index: Acx5JG/Kh8QlUKqfRCq9SmI82jVcxwACrnwg
References: <><><><><><><><><><092401cc749b$8fd64940$af82dbc0$@com><><><0ced01cc76de$28731630$79594290$@com> <> <> <> <> <4E7B2C04.401 0204@eri>
From: "Muthu Arul Mozhi Perumal (mperumal)" <>
To: Magnus Westerlund <>
X-OriginalArrivalTime: 22 Sep 2011 14:00:41.0543 (UTC) FILETIME=[03C36570:01CC7930]
Subject: Re: [rtcweb] consent freshness [was RE: STUN for keep-alive]
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 22 Sep 2011 13:58:18 -0000

|Secondly, I think in those cases a timer on the inactivity
|from both parties should be considered to terminate the session.

If the timer is based on RTP inactivity it would terminate the session. If it is based on RTCP inactivity (which many implementations do) it wouldn't.


|-----Original Message-----
|From: Magnus Westerlund []
|Sent: Thursday, September 22, 2011 6:07 PM
|To: Muthu Arul Mozhi Perumal (mperumal)
|Cc: Dan Wing (dwing);
|Subject: Re: [rtcweb] consent freshness [was RE: STUN for keep-alive]
|On 2011-09-22 14:19, Muthu Arul Mozhi Perumal (mperumal) wrote:
|> |That is a possibility, but I think one can start by ensuring |that
|> one actually check for ones own traffic being reported |back. That
|> gives you some entropy. Which is a slightly longer |context gives you
|> good verification that you are not contining |sending into a location
|> where there receiver you intended to |have sent to moves away.
|> Agree it would suffice in general. However, for cases like double
|> hold (SDP offer with a=inactive) where you would be neither sending
|> nor receiving media the attacker can keep replaying the RTCP packets
|> with an empty report block (that no zero entropy) making you think
|> the other end is still alive.
|> Of course, you may ultimately disconnect the call but it could mean a
|> DOS attack..
|If neither party is actually transmitting media then the only traffic is
|RTCP in either directions. Thus one RTCP compound packet per SSRC per
|regular reporting interval. Unless you have an app that open a lot of
|media streams that is usually pretty low bit-rate. And if you actually
|have a lot of streams, then the bit-rate will saturate at the configured
|RTCP rate. But I would note this is in fact a potential attack vector if
|one can set the RTCP bit-rate arbitrary high.
|Secondly, I think in those cases a timer on the inactivity from both
|parties should be considered to terminate the session.
|Magnus Westerlund
|Multimedia Technologies, Ericsson Research EAB/TVM
|Ericsson AB                | Phone  +46 10 7148287
|Färögatan 6                | Mobile +46 73 0949079
|SE-164 80 Stockholm, Sweden| mailto: