Re: [rtcweb] SDP Security Descriptions (RFC 4568) and RTCWeb
"Ejzak, Richard P (Richard)" <richard.ejzak@alcatel-lucent.com> Tue, 30 April 2013 19:28 UTC
Return-Path: <richard.ejzak@alcatel-lucent.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05AA021F9A50 for <rtcweb@ietfa.amsl.com>; Tue, 30 Apr 2013 12:28:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w8CBJsCVkvQK for <rtcweb@ietfa.amsl.com>; Tue, 30 Apr 2013 12:28:18 -0700 (PDT)
Received: from ihemail2.lucent.com (ihemail2.lucent.com [135.245.0.35]) by ietfa.amsl.com (Postfix) with ESMTP id 5835221F984B for <rtcweb@ietf.org>; Tue, 30 Apr 2013 12:28:17 -0700 (PDT)
Received: from us70tusmtp2.zam.alcatel-lucent.com (h135-5-2-64.lucent.com [135.5.2.64]) by ihemail2.lucent.com (8.13.8/IER-o) with ESMTP id r3UJSAso020920 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 30 Apr 2013 14:28:11 -0500 (CDT)
Received: from US70UWXCHHUB01.zam.alcatel-lucent.com (us70uwxchhub01.zam.alcatel-lucent.com [135.5.2.48]) by us70tusmtp2.zam.alcatel-lucent.com (GMO) with ESMTP id r3UJS7T8028457 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 30 Apr 2013 15:28:10 -0400
Received: from US70UWXCHMBA05.zam.alcatel-lucent.com ([169.254.10.44]) by US70UWXCHHUB01.zam.alcatel-lucent.com ([135.5.2.48]) with mapi id 14.02.0247.003; Tue, 30 Apr 2013 15:28:08 -0400
From: "Ejzak, Richard P (Richard)" <richard.ejzak@alcatel-lucent.com>
To: Eric Rescorla <ekr@rtfm.com>
Thread-Topic: [rtcweb] SDP Security Descriptions (RFC 4568) and RTCWeb
Thread-Index: AQHOQ19D/Cgh8/1Iw0eB7cqfjULVv5jtM2PAgAFh+gCAAEqnYIAAg/mA//++3cA=
Date: Tue, 30 Apr 2013 19:28:08 +0000
Message-ID: <03FBA798AC24E3498B74F47FD082A92F3BB9E658@US70UWXCHMBA05.zam.alcatel-lucent.com>
References: <BLU402-EAS17255F45B0904B070F0D43093B00@phx.gbl> <03FBA798AC24E3498B74F47FD082A92F3BB9C0F6@US70UWXCHMBA05.zam.alcatel-lucent.com> <517F658E.8010204@ericsson.com> <03FBA798AC24E3498B74F47FD082A92F3BB9D535@US70UWXCHMBA05.zam.alcatel-lucent.com> <CABcZeBMJvrERsYG8jnYT1tOunvHhmLvQAvL4qsSP8Ei8VuZ3BQ@mail.gmail.com>
In-Reply-To: <CABcZeBMJvrERsYG8jnYT1tOunvHhmLvQAvL4qsSP8Ei8VuZ3BQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.5.27.16]
Content-Type: multipart/alternative; boundary="_000_03FBA798AC24E3498B74F47FD082A92F3BB9E658US70UWXCHMBA05z_"
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.35
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] SDP Security Descriptions (RFC 4568) and RTCWeb
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Apr 2013 19:28:25 -0000
Ekr, Thanks for your response. I really just wanted to raise awareness of this issue, and to get clarification of what "SDES for WebRTC" really means. "Impractical" and "crazy talk" in this case are other ways of saying that it's more work than someone wants to do, but I respect that. Most of the benefit of SDES keying for WebRTC comes from addressing audio and video media. Richard From: Eric Rescorla [mailto:ekr@rtfm.com] Sent: Tuesday, April 30, 2013 1:52 PM To: Ejzak, Richard P (Richard) Cc: Salvatore Loreto; rtcweb@ietf.org Subject: Re: [rtcweb] SDP Security Descriptions (RFC 4568) and RTCWeb On Tue, Apr 30, 2013 at 8:14 AM, Ejzak, Richard P (Richard) <richard.ejzak@alcatel-lucent.com<mailto:richard.ejzak@alcatel-lucent.com>> wrote: Hi Salvatore, "are you proposing that when/if we will eventually use SDES we have to assure that the key exchanged is the same key used by the DTLS session, on top of which runs Datachannel?" is a reasonable interpretation of what I am proposing, although I would have described this as my "preference" rather than a concrete proposal. We could mix SDES for voice/video with DTLS for DataChannels in these scenarios, but an all-SDES approach (for keying) would be more efficient. I know that this option is not currently defined, although it does seem technically feasible (which is why I asked to ekr to comment). I don't think this is really practical. It would require defining a new crypto protocol to carry the SCTP. -Ekr
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman (SKYPE)
- [rtcweb] SDP Security Descriptions (RFC 4568) and… Cullen Jennings
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Alan Johnston
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Bernard Aboba
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Bogineni, Kalyani
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Ejzak, Richard P (Richard)
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Igor Faynberg
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Martin Thomson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Mandeep Singh
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Adam Roach
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Martin Thomson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Eric Rescorla
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Ejzak, Richard P (Richard)
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Martin Thomson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Eric Rescorla
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Randell Jesup
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Martin Thomson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Randell Jesup
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Martin Thomson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Eric Rescorla
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Harald Alvestrand
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Harald Alvestrand
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Randell Jesup
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Ted Hardie
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Hutton, Andrew
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Xavier Marjou
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Harald Alvestrand
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Matthew Kaufman
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Eric Rescorla
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Oscar Ohlsson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Cullen Jennings
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Suhas Nandakumar
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Alan Johnston
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Roman Shpount
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… DRUTA, DAN
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Roman Shpount
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Cullen Jennings (fluffy)
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Cullen Jennings
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Cullen Jennings
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Roman Shpount
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Martin Thomson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Eric Rescorla
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Salvatore Loreto
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Christer Holmberg
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Bernard Aboba
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Markus.Isomaki
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Binod
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Harald Alvestrand
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Emil Ivov
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Christer Holmberg
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Ejzak, Richard P (Richard)
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Ted Hardie
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Salvatore Loreto
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Ejzak, Richard P (Richard)
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Iñaki Baz Castillo
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Martin Thomson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Eric Rescorla
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Ejzak, Richard P (Richard)
- [rtcweb] Network times … was SDP Security Descrip… Cullen Jennings (fluffy)
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Tim Panton
- Re: [rtcweb] Network times . was SDP Security Des… Roy, Radhika R CIV USARMY (US)
- Re: [rtcweb] Network times . was SDP Security Des… Cullen Jennings (fluffy)
- Re: [rtcweb] Network times . was SDP Security Des… Justin Uberti
- Re: [rtcweb] Network times . was SDP Security Des… Michael Tuexen
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] Network times . was SDP Security Des… Randell Jesup
- Re: [rtcweb] Network times . was SDP Security Des… Randell Jesup
- Re: [rtcweb] Network times . was SDP Security Des… Roy, Radhika R CIV USARMY (US)
- Re: [rtcweb] Network times . was SDP Security Des… Justin Uberti
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Bo Burman
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Olle E. Johansson
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Daniel-Constantin Mierla
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Harald Alvestrand
- Re: [rtcweb] Network times . was SDP Security Des… Eric Rescorla
- Re: [rtcweb] Network times . was SDP Security Des… Daniel-Constantin Mierla
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] Network times . was SDP Security Des… Dan Wing
- Re: [rtcweb] Network times . was SDP Security Des… Cullen Jennings
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Harald Alvestrand
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Bernard Aboba
- Re: [rtcweb] Network times . was SDP Security Des… Justin Uberti
- Re: [rtcweb] Network times . was SDP Security Des… Karl Stahl
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Henry Lum
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Henry Lum
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Henry Lum
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Martin Thomson
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Tim Panton
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Cullen Jennings
- Re: [rtcweb] SDP Security Descriptions (RFC 4568)… Dan Wing