IETF Logo Mail Archive

Re: [rtcweb] Identity and PSTN gateways

Martin Thomson <martin.thomson@gmail.com> Tue, 03 April 2012 15:21 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D187D11E80DF for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 08:21:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.766
X-Spam-Level:
X-Spam-Status: No, score=-4.766 tagged_above=-999 required=5 tests=[AWL=-1.167, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DRTjgTLllHCy for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 08:21:08 -0700 (PDT)
Received: from mail-bk0-f44.google.com (mail-bk0-f44.google.com [209.85.214.44]) by ietfa.amsl.com (Postfix) with ESMTP id AF1F911E80DE for <rtcweb@ietf.org>; Tue, 3 Apr 2012 08:21:07 -0700 (PDT)
Received: by bkuw5 with SMTP id w5so3836166bku.31 for <rtcweb@ietf.org>; Tue, 03 Apr 2012 08:21:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=GILjhdmOzvdVdjVXIw0y5nlzKtz+C5SKL0hUXpm4jiE=; b=gaRbZE4yo815Vmx1LYImP0z5BNcj9gYVYt8+uzlQrfi63A7QaeEq5+MWQS3dNLYcBY 9r4bP+UPN9Bbdgg0JW7JdRgB/ixqik37CInrfTOyHVp5bVkwGTsZNG+gA+NAUBYNRldl 4VcNzenUgl2F/D1JNWWwfXvpCfsGaHMXR0Fdqz21CfRIi2NFQvUcy9jOCzRl+R3pnrJ+ wBwhY8UbkOiDeCfUqdZk68Z2qaRqS8d/6THpzUckPnczHa0ieys6kA6RIhjbsut+dzsO lxtDEWBNQROVfeDlmOjUkH6tSTFhdfW0PHOi4a1fddgn+l0/kAZ32vbLszTx6lnyyUG6 1GqQ==
MIME-Version: 1.0
Received: by 10.204.154.82 with SMTP id n18mr5563220bkw.85.1333466466542; Tue, 03 Apr 2012 08:21:06 -0700 (PDT)
Received: by 10.205.38.73 with HTTP; Tue, 3 Apr 2012 08:21:06 -0700 (PDT)
In-Reply-To: <0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B89B@USNAVSXCHMBSB3.ndc.alcatel-lucent.com>
References: <4F7AF40D.3010706@alvestrand.no> <A61DB206-1B56-44B5-AADE-E4A820D76B93@edvina.net> <0E96A74B7DFCF844A9BE2A0BBE2C425F098C18B89B@USNAVSXCHMBSB3.ndc.alcatel-lucent.com>
Date: Tue, 03 Apr 2012 17:21:06 +0200
Message-ID: <CABkgnnU6zTcBNyG9C-f4qcfKtorV_aaQgfzVqFup=NekfSBKog@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "Lu, Hui-Lan (Huilan)" <huilan.lu@alcatel-lucent.com>
Content-Type: text/plain; charset="UTF-8"
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Identity and PSTN gateways
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 15:21:09 -0000

On 3 April 2012 16:11, Lu, Hui-Lan (Huilan)
<huilan.lu@alcatel-lucent.com> wrote:
> It seems the same problem exists when a TURN relay is involved in an inter-browser call. The endpoints cannot verify each other's identity directly. They need to trust the relay to interconnect them and not to do anything evil, such as snooping.

TURN relays UDP packets.  Since DTLS operates at a higher layer, it
passes through the relay unmodified.  TURN isn't a problem.

Sure, the relay can copy packets, but it is no better off than any
other on-path attacker.

--Martin

v2.23.0 | Report a Bug | By Email