Re: [rtcweb] ICE and security

Dzonatas Sol <dzonatas@gmail.com> Sat, 17 September 2011 17:20 UTC

Return-Path: <dzonatas@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26EE521F899D for <rtcweb@ietfa.amsl.com>; Sat, 17 Sep 2011 10:20:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.845
X-Spam-Level:
X-Spam-Status: No, score=-3.845 tagged_above=-999 required=5 tests=[AWL=-0.246, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VeWw21l8HahB for <rtcweb@ietfa.amsl.com>; Sat, 17 Sep 2011 10:20:02 -0700 (PDT)
Received: from mail-pz0-f45.google.com (mail-pz0-f45.google.com [209.85.210.45]) by ietfa.amsl.com (Postfix) with ESMTP id 6C6AC21F8997 for <rtcweb@ietf.org>; Sat, 17 Sep 2011 10:20:02 -0700 (PDT)
Received: by pzk33 with SMTP id 33so8913309pzk.4 for <rtcweb@ietf.org>; Sat, 17 Sep 2011 10:22:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=gRc4kw++CArdk7FGBULVbjviCQa3Wr1jZ7oJmQnm4IE=; b=gTMwkf5scnzSRzUiFTBTrQCLtJj99sF08eDGARPkr2nUSU2drKYlb/RYv8uEk0Va9g lip0O5ScqaddDImgyVgrT7hyRVu8b0nLQT6MUOUFxt2pqJoGzoo7JRuB6MNqMWQnkU08 1M0e/NAZLyujtO4G7piOqTJmTbuulMBKvX+08=
Received: by 10.68.47.74 with SMTP id b10mr1261776pbn.293.1316280140290; Sat, 17 Sep 2011 10:22:20 -0700 (PDT)
Received: from [192.168.0.50] ([70.133.70.225]) by mx.google.com with ESMTPS id f8sm46120152pbc.3.2011.09.17.10.22.17 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 17 Sep 2011 10:22:18 -0700 (PDT)
Message-ID: <4E74D7CE.3090505@gmail.com>
Date: Sat, 17 Sep 2011 10:24:30 -0700
From: Dzonatas Sol <dzonatas@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20110818 Icedove/3.0.11
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <CALiegfnOCxyTo9ffQ272+ncdu5UdgrtDT-dn10BWGTZMEjZoCg@mail.gmail.com> <2E239D6FCD033C4BAF15F386A979BF510F0C0A@sonusinmail02.sonusnet.com> <05CAC192-E462-421F-B1E5-B78DC8F60306@ag-projects.com> <2E239D6FCD033C4BAF15F386A979BF510F0C93@sonusinmail02.sonusnet.com> <16880306-5B3A-4EFD-ADE4-1201138D9182@acmepacket.com> <4E73BA23.6040305@skype.net> <E8DBBD7D-BAD2-43A9-807B-C3663FD31A2B@edvina.net>
In-Reply-To: <E8DBBD7D-BAD2-43A9-807B-C3663FD31A2B@edvina.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [rtcweb] ICE and security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Sep 2011 17:20:03 -0000

On 09/17/2011 01:22 AM, Olle E. Johansson wrote:
>
> 16 sep 2011 kl. 23:05 skrev Matthew Kaufman:
>
>>> The only thing we need to do for rtcweb is make sure the RTP library 
>>> built into the browser supports media in such a way that it can 
>>> communicate with other RTP peers at a media plane, regardless of 
>>> what signaling protocol those peers might be using, preferably 
>>> without going through media gateways.
>>
>> This, and supports enough security/safety that the library can be 
>> trusted to run in the browser environment. (This is where the ICE 
>> requirement comes from.)
>
> Matt,
> Can you please elaborate how ice relates to security?
>

Physics prediction on the data channel is possible, yet that doesn't 
agree to all server models.

Win8 reminds me of mosaic reborn, for example. Some argue over the order 
of the service stack, and they consider those end up in-between as MITM.

-- 

---
<i>The wheel.</i metro-link=t dzonatasolyndra>