Re: [rtcweb] DTLS-SRTP implementation diffusion: Why not SDES-SRTP?
"Fabio Pietrosanti (naif)" <lists@infosecurity.ch> Thu, 29 March 2012 07:05 UTC
Return-Path: <lists@infosecurity.ch>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9EF721E80E8 for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 00:05:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.399
X-Spam-Level:
X-Spam-Status: No, score=-3.399 tagged_above=-999 required=5 tests=[AWL=-0.100, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CFoUX2IiXtx8 for <rtcweb@ietfa.amsl.com>; Thu, 29 Mar 2012 00:05:46 -0700 (PDT)
Received: from mail-ey0-f172.google.com (mail-ey0-f172.google.com [209.85.215.172]) by ietfa.amsl.com (Postfix) with ESMTP id A0DF321E80DD for <rtcweb@ietf.org>; Thu, 29 Mar 2012 00:05:44 -0700 (PDT)
Received: by eaaq11 with SMTP id q11so798950eaa.31 for <rtcweb@ietf.org>; Thu, 29 Mar 2012 00:05:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:content-type :content-transfer-encoding:x-gm-message-state; bh=PMwYd1CCf2P1OOnT39iEk46EKmVI2bZsbFilVWtygQ4=; b=ULklUJ/DxTHgtAOMmvQ6PVMFQ1A2GHkQ40BfQigakIxhY7P6m2huO0+z15W6aMXZ4x ntpsTbPruz21jJKYLk+x52h4uHdNlBuS81MZ6t9c5xbQWJOaQgJ+89nHvOrAIYjbKuT6 bLiuedhEze9+dvlmmnpg25/tdskWSoUnD9PJ61dV7c8gEONw6WsXPkT8plqfe2GOn1LP 56wkCpcwPzTK7/2tHvw7ElRY1tdpr67H9RtXgFom9GK/LfRP48CRD/qjNuqZYMTjY8Vy bKfMKqBAeT3D76dFaWxr+erU3cF9ZNwZ7kysnG9fZ0uuiKQpGvWDC2AJ6u1YFwqjv2jQ tV7A==
Received: by 10.213.28.196 with SMTP id n4mr2353947ebc.0.1333004744133; Thu, 29 Mar 2012 00:05:44 -0700 (PDT)
Received: from sonyvaiop13.local (93-32-184-146.ip34.fastwebnet.it. [93.32.184.146]) by mx.google.com with ESMTPS id p57sm18586035eei.8.2012.03.29.00.05.42 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 00:05:43 -0700 (PDT)
Sender: Fabio Pietrosanti <naif@infosecurity.ch>
Message-ID: <4F7409C4.407@infosecurity.ch>
Date: Thu, 29 Mar 2012 09:05:40 +0200
From: "Fabio Pietrosanti (naif)" <lists@infosecurity.ch>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Iñaki Baz Castillo <ibc@aliax.net>
References: <4F73697D.5080006@infosecurity.ch> <CALiegfnF-8TCzkE9NiDsWz8PVNXtCtmpDKPYz65YLfdGVPQTqQ@mail.gmail.com>
In-Reply-To: <CALiegfnF-8TCzkE9NiDsWz8PVNXtCtmpDKPYz65YLfdGVPQTqQ@mail.gmail.com>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
X-Gm-Message-State: ALoCoQlpX3W7Y49dwNOzCNJ5GWo4WrsjdJVBfh+9cRfrFlIGp5aSyR1sac4hDOLlkhrX0L+1Lhm5
Cc: "<rtcweb@ietf.org>" <rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS-SRTP implementation diffusion: Why not SDES-SRTP?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 07:05:48 -0000
On 3/28/12 9:53 PM, Iñaki Baz Castillo wrote: > 2012/3/28 Fabio Pietrosanti (naif) <lists@infosecurity.ch>: >> Hi all, >> >> i read that 80% of Sipit participant support SDES-SRTP but 0% support >> DTLS-SRTP https://www.sipit.net/SIPit29_summary . >> >> At SIPit there were 34 attendees from 17 companies visiting from 12 >> countries with 25 distinct VoIP implementations. > > Right, but this is rtcweb, not SIP. > > > >> I do not really see which is the rationale in making DTLS-SRTP mandatory >> while plain SRTP with SDES key exchange is already so well know and used. > > That's a good reason to *also* allow (and mandate) SDES-SRTP support > in WebRTC clients, much better than the interoperability with SIP > (again: this is rtcweb, not SIP world). That's true, but it's also true that the "rtcweb world" will strictly inter-operate with the "sip world". It would be reasonable to expect that current existing PBX software would evolve also with support for Rtcweb, to provide Web phone systems. In particular all opensource software will setup the path for the adoption of the standard, as we know history will repeat. It appear me as natural behavior of diffusion of implementation, and for that reason i see the need to "easily" inter-operate with the SIP world is a key value point. Creating an incompatible "media format" would require a lot of more effort because the "amount of compatibility testing to be done with DTLS-SRTP will be significantly higher than SDES-SRTP" . So it would provide an advantage for the *few vendor* supporting it, practically introducing a *technological entrance barrier*. This is a bad practice already see in other standard bodies. > > >> Anyone can provide some very strong and valuable point about using >> DTLS-SRTP (considering it's weak diffusion and incompatibility risks)? > > Lot of recent threads about this topic in this maillist. But also > check a recent presentation (yesterday in IETF Pairs): > > http://tools.ietf.org/agenda/83/slides/slides-83-rtcweb-3.pdf I would like to strongly argue against the SLIDE 3 statement that "DTLS-SRTP meets RTCWEB's technical requirements" . DTLS-SRTP doesn't meet the RTCWEB's technical requirements because: - It does NOT provide inter-operation with existing SIP endpoints This is confirmed by the October 2011 SIPit data, with 80% of participants supporting, with good interoperability, SDES but with 0% supporting DTLS-SRTP . In order to try to "try to improve it's non-interoperability issue" the DTLS-SRTP is re-proposing him-selves as DTLS-SRTP-EKT . To speaking about the fact that even EKT draft explain that: " Today, Security Descriptions [RFC4568] is used for distributing SRTP keys in several different IP PBX systems and is expected to be used by 3GPP's Long Term Evolution (LTE). " http://tools.ietf.org/html/draft-ietf-avt-srtp-ekt-01#section-6.1 So: - Internt is using SDES-SRTP - 3GPP LTE is using SDES-SRTP - WebRTC is going to use DTLS-SRTP I do not really see how we can rationally accept to follow this different direction. I mean, we are discussing about a "new standard" that's based on "new technologies" rather than using existing, widely implemented technology. Do we really understand how much effort we are going to cause on the overall technological and security ecosystem by selecting DTLS-SRTP rather than SDES-SRTP? All US Federal Government will not be able to use WebRTC because NSA standardized SDES-SRTP for use in Classified communication: http://www.nsa.gov/ia/programs/mobility_program/index.shtml The argument that DTLS is *more secure* must face the reality that no-one is using it and that SDES-SRTP is *widely diffused and interoperable*. All Internet operators will have to introduce Protocol Gateway. All mobile operators will have to introduce Protocol Gateway. All that subjects, if using just SDES-SRTP, would just need to "update the software they already use to run VoIP infrastructure" with no need to handle modification to the Media for Interworking. So definitely the choice to go for DTLS-SRTP is imho a wrong choice, against any rationale for the diffusion of WebRTC standard, introducing artificially complexity where it may be possible to keep it simple. -- Fabio Pietrosanti Founder, CTO Tel: +39 02 911930893 + ext: 907 Mobile: +39 340 1801049 E-mail: fabio.pietrosanti@privatewave.com Skype: fpietrosanti Linkedin: http://linkedin.com/in/secret PrivateWave Italia S.p.A. Via Gaetano Giardino 1 - 20123 Milano - Italy www.privatewave.com
- [rtcweb] DTLS-SRTP implementation diffusion: Why … Fabio Pietrosanti (naif)
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Iñaki Baz Castillo
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Fabio Pietrosanti (naif)
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Iñaki Baz Castillo
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Igor Faynberg
- Re: [rtcweb] DTLS-SRTP implementation diffusion: … Randell Jesup