IETF Logo Mail Archive

Re: [rtcweb] Consensus call regarding media security

"Fabio Pietrosanti (naif)" <lists@infosecurity.ch> Wed, 28 March 2012 16:12 UTC

Return-Path: <lists@infosecurity.ch>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D689B21F898A for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 09:12:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.691
X-Spam-Level:
X-Spam-Status: No, score=-1.691 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_ILLEGAL_IP=1.908, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nsh4LPfmCQO7 for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 09:12:17 -0700 (PDT)
Received: from mail-ee0-f44.google.com (mail-ee0-f44.google.com [74.125.83.44]) by ietfa.amsl.com (Postfix) with ESMTP id 8E4AA21F85A7 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 09:12:16 -0700 (PDT)
Received: by eeke51 with SMTP id e51so406349eek.31 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 09:12:15 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:x-enigmail-version:content-type :content-transfer-encoding:x-gm-message-state; bh=jWxHbCDNqXLNptRPPUoiIMZ67h2+p/3YQum1F4i7Urk=; b=GrHZRnKGL8Jhxf4t8Nfm/2QAi7pDmgcn0NpfHlMjAaq1eL9TKkd+UPkxn7OLxO/olx ES1+tWi7wAOwz+kEQ0kS0zCDIv2xzT49FPUNliODuc/cHaSdqsnEKZLd+xpyFKPJKl9A GywpLHI6HnuUOKU3lPHSOGRgRpeaD+aEbpzPSeUfBtqWsB4aTH4/morV4CZTTQhP4RtR BSDpi3oaCbyl8gulHmwBRzEU8glbnb1qaVUOQB4mj99V2fIKrigR97URFhLGub9MOjQM oIRIWWHhWuojZqZWwEHSlyPo2jyMYysiasgckvyIVDJrYAAbfVWEgdTfwZbu46p4bJYy W6+A==
Received: by 10.14.37.12 with SMTP id x12mr3997584eea.78.1332951135638; Wed, 28 Mar 2012 09:12:15 -0700 (PDT)
Received: from sonyvaiop13.local (host30-198-static.115-2-b.business.telecomitalia.it. [2.115.198.30]) by mx.google.com with ESMTPS id e56sm11993840eea.11.2012.03.28.09.12.13 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 28 Mar 2012 09:12:14 -0700 (PDT)
Sender: Fabio Pietrosanti <naif@infosecurity.ch>
Message-ID: <4F733853.7040900@infosecurity.ch>
Date: Wed, 28 Mar 2012 18:12:03 +0200
From: "Fabio Pietrosanti (naif)" <lists@infosecurity.ch>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: "<rtcweb@ietf.org>" <rtcweb@ietf.org>
References: <4F732531.2030208@ericsson.com> <CAD5OKxs6NHha2egNSTumEaHYJ0bB6qu_nfshmBM6dntx2n49HQ@mail.gmail.com> <4F733492.9040601@alcatel-lucent.com>
In-Reply-To: <4F733492.9040601@alcatel-lucent.com>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Gm-Message-State: ALoCoQncEQbdpnMIT/za2FbjdmCSihW4KqUL2nIxlhQ+96FuSjgNBTCdrzJjzrVzvX1ur37ZKOLZ
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 16:12:18 -0000

I agree with Igor and Magnus, it's better to have "Security by Default"
in place, and then leave to the open options for:
- Key Agreement
- Encryption algorithms

Interesting consideration on RTP encryption by default:

          Why RTP Does Not Mandate a Single Security Mechanism
	http://tools.ietf.org/html/draft-ietf-avt-srtp-not-mandatory-08

Also a must read, while designing IETF widely spread protocols:

                   Strong Security Requirements for
           Internet Engineering Task Force Standard Protocols
		http://tools.ietf.org/html/rfc3365


It's up the Telecommunication Regulators, Telecommunication Providers,
Telecommunication Equipment Manufacturer and Security Monitoring
equipment to handle the rules for Lawful interception, where an agency
have the rights to listen to a conversation.

But this is "a particular case" for which, even when there is
encryption-by-default, it's possible to listen/record the conversation.

Please remind that today there are multiple asymmetric cyberwar in
action and is an irresponsible action to even think not to include
security-by-default in any new protocol.

It's ok not to over-complicate the first version of the standard by
introducing dozen of different key management systems (SDES/ZRTP/MIKEY),
but imho it's not ok to leave in 2012 the standardizaton of a
non-encrypted-by-default protocol.

Again, imho it's an act of irresponsibility, what's defined in IETF
environment, have chance to get adopted by *billions* of people.

We must act responsibly.

-- 
Fabio Pietrosanti
Founder, CTO

Tel: +39 02 911930893 + ext: 907
Mobile: +39 340 1801049
E-mail: fabio.pietrosanti@privatewave.com
Skype: fpietrosanti
Linkedin: http://linkedin.com/in/secret

PrivateWave Italia S.p.A.
Via Gaetano Giardino 1 - 20123 Milano - Italy
www.privatewave.com

On 3/28/12 5:56 PM, Igor Faynberg wrote:
> Roman,
> 
> I think there is a misunderstanding (I assume you did not attend the
> meeting today).  It has been clarified that SRTP allows the NULL
> encryption algorithm, and that this option will be available.
> 
> Igor

v2.23.0 | Report a Bug | By Email