Re: [rtcweb] DTLS-SRTP implementation diffusion: Why not SDES-SRTP?
Randell Jesup <randell-ietf@jesup.org> Sat, 31 March 2012 06:40 UTC
Return-Path: <randell-ietf@jesup.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FC1A21F8601 for <rtcweb@ietfa.amsl.com>; Fri, 30 Mar 2012 23:40:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.344
X-Spam-Level:
X-Spam-Status: No, score=-2.344 tagged_above=-999 required=5 tests=[AWL=0.255, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AGyGl6JdoJYP for <rtcweb@ietfa.amsl.com>; Fri, 30 Mar 2012 23:40:34 -0700 (PDT)
Received: from r2-chicago.webserversystems.com (r2-chicago.webserversystems.com [173.236.101.58]) by ietfa.amsl.com (Postfix) with ESMTP id 1F34921F85FD for <rtcweb@ietf.org>; Fri, 30 Mar 2012 23:40:33 -0700 (PDT)
Received: from pool-108-16-41-249.phlapa.fios.verizon.net ([108.16.41.249] helo=[192.168.1.12]) by r2-chicago.webserversystems.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <randell-ietf@jesup.org>) id 1SDrzE-00042y-V2 for rtcweb@ietf.org; Sat, 31 Mar 2012 01:40:33 -0500
Message-ID: <4F76A61E.80602@jesup.org>
Date: Sat, 31 Mar 2012 02:37:18 -0400
From: Randell Jesup <randell-ietf@jesup.org>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20120312 Thunderbird/11.0
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <4F73697D.5080006@infosecurity.ch> <CALiegfnF-8TCzkE9NiDsWz8PVNXtCtmpDKPYz65YLfdGVPQTqQ@mail.gmail.com> <4F7409C4.407@infosecurity.ch>
In-Reply-To: <4F7409C4.407@infosecurity.ch>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r2-chicago.webserversystems.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jesup.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: Re: [rtcweb] DTLS-SRTP implementation diffusion: Why not SDES-SRTP?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Mar 2012 06:40:35 -0000
On 3/29/2012 3:05 AM, Fabio Pietrosanti (naif) wrote: > On 3/28/12 9:53 PM, Iñaki Baz Castillo wrote: >> 2012/3/28 Fabio Pietrosanti (naif)<lists@infosecurity.ch>: >>> Hi all, >>> >>> i read that 80% of Sipit participant support SDES-SRTP but 0% support >>> DTLS-SRTP https://www.sipit.net/SIPit29_summary . >>> >>> At SIPit there were 34 attendees from 17 companies visiting from 12 >>> countries with 25 distinct VoIP implementations. >> >> Right, but this is rtcweb, not SIP. >> >> >> >>> I do not really see which is the rationale in making DTLS-SRTP mandatory >>> while plain SRTP with SDES key exchange is already so well know and used. >> >> That's a good reason to *also* allow (and mandate) SDES-SRTP support >> in WebRTC clients, much better than the interoperability with SIP >> (again: this is rtcweb, not SIP world). > > That's true, but it's also true that the "rtcweb world" will strictly > inter-operate with the "sip world". The meaning of this statement is unclear. If you mean "some rtcweb clients will connect to SIP gateways", or "some rtcweb clients will translate JSEP into SIP and send it to a SIP server", then that's true. Some (many) rtcweb clients will never talk to any sip equipment. > It would be reasonable to expect that current existing PBX software > would evolve also with support for Rtcweb, to provide Web phone systems. Which is no problem, the PBX can act as a WebRTC server, and provide the WebRTC JS app to the browsers, and also act as a gateway to SIP. There's no reason it can't terminate DTLS-SRTP for calls that connect to SIP devices. > In particular all opensource software will setup the path for the > adoption of the standard, as we know history will repeat. > > It appear me as natural behavior of diffusion of implementation, and for > that reason i see the need to "easily" inter-operate with the SIP world > is a key value point. Being able to gateway to SIP and to PSTN are both useful abilities for certain (popular) classes of potential apps. Note the earlier discussions showed that one requirement (consent) makes it hard (though not impossible) to directly connect WebRTC clients to PSTN gateways or to other SIP devices, even if you allow SDES. If consent forces you through a gateway (or some device that knows WebRTC), DTLS-SRTP-only becomes a much smaller hump. > Creating an incompatible "media format" would require a lot of more > effort because the "amount of compatibility testing to be done with > DTLS-SRTP will be significantly higher than SDES-SRTP" . > > So it would provide an advantage for the *few vendor* supporting it, > practically introducing a *technological entrance barrier*. Given the expectation that there will be a quality open-source version available (and Mozilla's implementation is of course open source), the barrier should be quite low. > This is a bad practice already see in other standard bodies. > >> >> >>> Anyone can provide some very strong and valuable point about using >>> DTLS-SRTP (considering it's weak diffusion and incompatibility risks)? >> >> Lot of recent threads about this topic in this maillist. But also >> check a recent presentation (yesterday in IETF Pairs): >> >> http://tools.ietf.org/agenda/83/slides/slides-83-rtcweb-3.pdf > > I would like to strongly argue against the SLIDE 3 statement that > "DTLS-SRTP meets RTCWEB's technical requirements" . > > DTLS-SRTP doesn't meet the RTCWEB's technical requirements because: > > - It does NOT provide inter-operation with existing SIP endpoints That is not an rtcweb requirement. The only mention of SIP in the use-case and requirements doc is the ability to use SIP to provide federation (F27). > This is confirmed by the October 2011 SIPit data, with 80% of > participants supporting, with good interoperability, SDES but with 0% > supporting DTLS-SRTP . As discussed, this is an only partially-relevant fact. SIPit is self-selected; most devices there are not representative of average devices in use, and devices deployed may not enable options used in SIPit tests. > In order to try to "try to improve it's non-interoperability issue" the > DTLS-SRTP is re-proposing him-selves as DTLS-SRTP-EKT . I wasn't particularly enthused about EKT. > To speaking about the fact that even EKT draft explain that: > " Today, Security Descriptions [RFC4568] is used for distributing SRTP > keys in several different IP PBX systems and is expected to be used > by 3GPP's Long Term Evolution (LTE). " > > http://tools.ietf.org/html/draft-ietf-avt-srtp-ekt-01#section-6.1 I have no belief that LTE devices will ever connect directly to WebRTC devices directly (even if they're the same device); that's just not how they work. > So: > - Internt is using SDES-SRTP > - 3GPP LTE is using SDES-SRTP > - WebRTC is going to use DTLS-SRTP > > I do not really see how we can rationally accept to follow this > different direction. > > I mean, we are discussing about a "new standard" that's based on "new > technologies" rather than using existing, widely implemented technology. > > Do we really understand how much effort we are going to cause on the > overall technological and security ecosystem by selecting DTLS-SRTP > rather than SDES-SRTP? > > All US Federal Government will not be able to use WebRTC because NSA > standardized SDES-SRTP for use in Classified communication: > http://www.nsa.gov/ia/programs/mobility_program/index.shtml They realize SDES is fundamentally insecure, and secure it by running it over a VPN link to their protected servers (and my understanding is that they consider even that a compromise). And the devices must be TOTALLY locked down to any unencrypted network access. These will not be using WebRTC anytime soon, under any circumstance. > The argument that DTLS is *more secure* must face the reality that > no-one is using it and that SDES-SRTP is *widely diffused and > interoperable*. Widely diffused and interoperable may be (mostly) true, though I'll tell you that probably 99.x% of *deployed* VoIP devices do not *use* SDES (even if they support it), so arguments about deployment numbers are mostly irrelevant. Not totally irrelevant, of course. > All Internet operators will have to introduce Protocol Gateway. Due to the 'consent' requirement and other issues, this is likely anyways. And who are the "internet operators" in your estimation? > All mobile operators will have to introduce Protocol Gateway. They will anyways I believe. > All that subjects, if using just SDES-SRTP, would just need to "update > the software they already use to run VoIP infrastructure" with no need > to handle modification to the Media for Interworking. > > So definitely the choice to go for DTLS-SRTP is imho a wrong choice, > against any rationale for the diffusion of WebRTC standard, introducing > artificially complexity where it may be possible to keep it simple. There certainly is an argument for SDES. I don't agree about what it leads us to, but it's a reasoned argument. However, many of your assertions here I would not accept. -- Randell Jesup randell-ietf@jesup.org
- [rtcweb] DTLS-SRTP implementation diffusion: Why … Fabio Pietrosanti (naif)
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Iñaki Baz Castillo
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Fabio Pietrosanti (naif)
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Iñaki Baz Castillo
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Igor Faynberg
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Randell Jesup