IETF Logo Mail Archive

Re: [rtcweb] Identity assertion: impact by removal or adding of fingerprints?

Martin Thomson <martin.thomson@gmail.com> Mon, 13 August 2018 06:35 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E41F130E46 for <rtcweb@ietfa.amsl.com>; Sun, 12 Aug 2018 23:35:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hBahapKRzJlf for <rtcweb@ietfa.amsl.com>; Sun, 12 Aug 2018 23:35:29 -0700 (PDT)
Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com [IPv6:2607:f8b0:4003:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2491E130E0C for <rtcweb@ietf.org>; Sun, 12 Aug 2018 23:35:29 -0700 (PDT)
Received: by mail-oi0-x22a.google.com with SMTP id 8-v6so25491146oip.0 for <rtcweb@ietf.org>; Sun, 12 Aug 2018 23:35:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3JpDLRvgyzJ8nX1g1z+jiSDIKOxUIlTkcAiSeWItu/M=; b=FfvX453r19d0pxPxtb8z4hFUXzpF/IcW4L0Tk4mI4GdmDEkbCQtKP2mf5MxjykPtZw e2RaRxnQPHvZEXx2y8g5bJkHZbm6A1ECkvU+NmTJsahAP2LpNFaFlFZPTIzSF/3RXTN+ iryx9puvj993DkXEfFt8uP+mkYqKx10NWqiQIRLv1JhKaL5LUBlfRA1iLBS2Kx2IWwnD Nxq3eCW1bpZkKQCLv2te0Igbq/G2Nzm4jOcA6U0FNb8FzJWhqewDU5iCnIBPgOPeUGP+ 9Myz2u/8ub01GVMTyBk0Z1ii0l8WZ3JFLCzswpAHNK6y1GF7hQKBhBSmiwvePdLSyTIG B51Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3JpDLRvgyzJ8nX1g1z+jiSDIKOxUIlTkcAiSeWItu/M=; b=hTVk6xUqRWqQS+KXOvVsfppwsjKijfElT03kd8R+cWP57MolcWLC5Wj9dHloBwc+J9 z8pxJiHuxBROsZcRe9BbCf4joW6RiYx3QeaPLFFLGE5eglksJtHU5cAGu9b0qWT1PJZP H0RANp5Jn7azxOM/Pr23DzcaAsPdFWJ94j9MN3ytOAWiBmgAWHVzYNnIWlUWdCgkCX6L eJ1mZ4dg8ojxEtWBJGHs22xQusHH1wtZvDCVTo21CyVOWuzUvbJ9YtMhlSfukSh/FrQL +yrjMdrpc0wmatziJrsDjw/Kn5OhRgd3BO9Sjw6PN/z45/esej6Y/fWH4k1tl/OzWxrP IMTg==
X-Gm-Message-State: AOUpUlG54lcNyWR3WjfB2+pPzipzAzfeprPSQjizvzxL6KtbxU6Zv1HH VwHD8udgVAgjGgtxXiHzQ+OIBZyPg8B5/Z0QCdc=
X-Google-Smtp-Source: AA+uWPzFwf8C+tLW6aOyzaXpRkfTkh4gaQ3mTTckLkuflZauEk1JrssDkXOkBij9tKkKcZIDYVFkQuiip9qcBsMxuek=
X-Received: by 2002:aca:100f:: with SMTP id 15-v6mr17587984oiq.110.1534142128443; Sun, 12 Aug 2018 23:35:28 -0700 (PDT)
MIME-Version: 1.0
References: <D79701DE.34018%christer.holmberg@ericsson.com>
In-Reply-To: <D79701DE.34018%christer.holmberg@ericsson.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 13 Aug 2018 16:35:19 +1000
Message-ID: <CABkgnnXqgSLdGCFj914rMhpzW69knObdrwQ__=uMoPxOx35cqg@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Cc: RTCWeb IETF <rtcweb@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/h-EMy6gh80vnQ8NZHHydcXTa3l0>
Subject: Re: [rtcweb] Identity assertion: impact by removal or adding of fingerprints?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Aug 2018 06:35:31 -0000

Unused fingerprints aren't a problem.  a=fingerprint offers multiple
options, any of which could be used.  The a=identity attribute is no
different.  If a fingerprint is authenticated, but not used, that's OK
as long as the ones that are used are covered.

If a new fingerprint is added, that's OK, as long as the a=identity
previously covered that value, or is amended to include the new value.
On Mon, Aug 13, 2018 at 4:30 PM Christer Holmberg
<christer.holmberg@ericsson.com> wrote:
>
>
> Hi,
>
> One thing that came to my mind when working on the SDP Identity attribute pull request.
>
> In WebRTC, and in the draft, we assume that the identity assertion is bound to the fingerprints.
>
> What if fingerprints are removed, or added, during a session. Will that impact the identity assertion?
>
> A fingerprint can be removed if it is only used for one m- section, and that m- section is disabled.
>
> Regards,
>
> Christer
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email