IETF Logo Mail Archive

Re: [rtcweb] SRTP not mandatory-to-use

Spencer Dawkins <spencer@wonderhamster.org> Tue, 10 January 2012 21:24 UTC

Return-Path: <spencer@wonderhamster.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEEF121F85A1 for <rtcweb@ietfa.amsl.com>; Tue, 10 Jan 2012 13:24:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.57
X-Spam-Level:
X-Spam-Status: No, score=-102.57 tagged_above=-999 required=5 tests=[AWL=0.029, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yYUejXaSdAAt for <rtcweb@ietfa.amsl.com>; Tue, 10 Jan 2012 13:24:48 -0800 (PST)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by ietfa.amsl.com (Postfix) with ESMTP id 50BAF21F8598 for <rtcweb@ietf.org>; Tue, 10 Jan 2012 13:24:48 -0800 (PST)
Received: from [10.0.0.232] (user.216.126.222.zhong-ren.net [222.126.216.9]) by mrelay.perfora.net (node=mrus2) with ESMTP (Nemesis) id 0MC4Ay-1RtUcr2LOC-009Ge4; Tue, 10 Jan 2012 16:24:46 -0500
Message-ID: <4F0CAC8C.8010203@wonderhamster.org>
Date: Tue, 10 Jan 2012 15:24:28 -0600
From: Spencer Dawkins <spencer@wonderhamster.org>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: Alan Johnston <alan.b.johnston@gmail.com>
References: <CAErhfrwu322=HTS0JZhum9EGfb73KmYS6CU_KMESyzEWhtvg2w@mail.gmail.com> <CABcZeBOeg-O+6===5tk0haxC8nLxUQyEUFRES2FAoFEf00fKng@mail.gmail.com> <CAErhfrxTKdo7Z+61x5ZcDt5ZM7C7ob5LNxMzwng_kk3Uqrp2_Q@mail.gmail.com> <4F01A790.4060704@alvestrand.no> <4F02A061.60905@jesup.org> <E44893DD4E290745BB608EB23FDDB762141EF8@008-AM1MPN1-042.mgdnok.nokia.com> <4F035DD5.3050305@jesup.org> <CAOJ7v-1dziaA_ePCuMxjn6uhBgOH=ZVybUmLBwQi5qiuyOzDMA@mail.gmail.com> <BLU152-W469B2EB104C104547FC42393960@phx.gbl> <CAD5OKxuE0VhSsjKggj1mLOseLeDXarujvAG44yHkuZttagJggw@mail.gmail.com> <CAKhHsXHnT2p7yncha5-BQ=-Lzk3-N+tuijM-UqwfP1mPUi173A@mail.gmail.com> <BLU152-W1140980759D89AC3C1D0CA93940@phx.gbl> <CA+9kkMBdX7YT1tPj5M3VrzAPKa6tXNGZVvvhjW9V4oOEC7g_kA@mail.gmail.com> <CAOJ7v-1_qMoHBb3K7rV=hG9EadqL=xn4KEdG0zdWnKZU9_TipQ@mail.gmail.com> <4AEFFC17-EF17-40F2-B83B-0B0CC44AD2C3@cisco.com> <CAKhHsXEes+Lf+uKdTrjXoy+3PMy2uNumNL-W-0s4_xRXW6FiZg@mail.gmail.com>
In-Reply-To: <CAKhHsXEes+Lf+uKdTrjXoy+3PMy2uNumNL-W-0s4_xRXW6FiZg@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Provags-ID: V02:K0:ylt7ToIlqDaxNt3fhFaduQuNmlgZJjeLNJRTkpjoNtU K7iph6/ZP3u2IDbAw4wGGcWPSrZ6iGVB3FdcvPVmVeVqaBjaFB OrRKXRipOoh5gcH87ENQy0cZKfLvUeEXBaxjhbpCTiFAdFHKax CVO2LD+TlzO60dXgskTcRf8CC0l5iuoBCKuztAkA4HiL9auyuV gMLKHRHP4KDIHvSgsSJK5F/NtmbGJKObLH/IW3bqHE7v+EzT3x VOyQxdVP0cEQKqg3OmeY3NP2sdgE8bnV+a06L5hrcPFuNCpJ3h s5IM6+62i1aSe2/tb/uR1kpcMS7RqLjTBTH/YSHaNtdtnnlZ/q sE1wG4PMAiSVkk2VRo5I3AON66j1uTlJxN0QtIha4
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] SRTP not mandatory-to-use
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2012 21:24:48 -0000

On 1/5/2012 11:08 AM, Alan Johnston wrote:
> On Thu, Jan 5, 2012 at 10:56 AM, Cullen Jennings<fluffy@cisco.com>  wrote:
>>
>> On Jan 4, 2012, at 8:36 PM, Justin Uberti wrote:
>>
>>>
>>> This argument about debugging keeps coming up, and although I am not persuaded by this argument, it is not a completely unreasonable request. However, I don't think this needs to be controllable from JS. One could easily imagine a plain-RTP option being available from a developer options dialog or console, for use by developers in debugging specific problems with their service.
>>> _______________________________________________
>>
>> I think the best solution for the debugging issue is to allow SRTP to negotiate a NULL cipher in special cases such as Justin described above. This keeps what you are debugging as close as possible to the version when debugging is turned off. I like Justin's idea of having to enable this in the browser and not having it under JS control.
>>
>> Cullen (in my individual contributor role)
>
>
> This seems like the right way to do this.
>
> - Alan -

And to me.

So, just to ask the next question ... if we require the use of SRTP and 
allow NULL ciphers (for debugging and whatnot), are there any remaining 
problems with requiring the use of SRTP?

Thanks,

Spencer

v2.23.0 | Report a Bug | By Email