IETF Logo Mail Archive

Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples

Paul Kyzivat <pkyzivat@alum.mit.edu> Mon, 09 March 2015 14:17 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D04BD1A8957 for <rtcweb@ietfa.amsl.com>; Mon, 9 Mar 2015 07:17:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9CuAdr8WdcBw for <rtcweb@ietfa.amsl.com>; Mon, 9 Mar 2015 07:17:07 -0700 (PDT)
Received: from resqmta-po-12v.sys.comcast.net (resqmta-po-12v.sys.comcast.net [IPv6:2001:558:fe16:19:96:114:154:171]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2A371A89B4 for <rtcweb@ietf.org>; Mon, 9 Mar 2015 07:16:04 -0700 (PDT)
Received: from resomta-po-18v.sys.comcast.net ([96.114.154.242]) by resqmta-po-12v.sys.comcast.net with comcast id 1SFp1q00D5E3ZMc01SG46s; Mon, 09 Mar 2015 14:16:04 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([50.138.229.151]) by resomta-po-18v.sys.comcast.net with comcast id 1SG31q00X3Ge9ey01SG330; Mon, 09 Mar 2015 14:16:04 +0000
Message-ID: <54FDAB23.7070202@alum.mit.edu>
Date: Mon, 09 Mar 2015 10:16:03 -0400
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: Simon Perreault <sperreault@jive.com>, Christer Holmberg <christer.holmberg@ericsson.com>, Bernard Aboba <bernard.aboba@gmail.com>
References: <54F74B02.1070902@jive.com> <CALiegfkipJhsy7-40+=d9xMUf4RJGdn3_fABL3NN2KuFNvS2BA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D727570@ESESSMB209.ericsson.se> <CALiegfmfvz3NWSjcovGBytiOTbR6kFfyh0vx5cXoMJtytfGzRA@mail.gmail.com> <CAD5OKxsu3D0xHY-zYbDu1hyH_+4=3mWDvW2i98WCVZ+29BpKCw@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D728297@ESESSMB209.ericsson.se> <CALiegf=uPN+g546Ucv9s89z14cUTEme55y7B1siXZe97yj7Lig@mail.gmail.com> <E1FE4C082A89A246A11D7F32A95A17828E726EEC@US70UWXCHMBA02.zam.alcatel-lucent.com> <CALiegf=oVWk-8UcbQE2Edh=QSXSRUnSC=X-WMyGpvHYQ9SD1yg@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D728BE2@ESESSMB209.ericsson.se> <54FCD3BC.4070900@alum.mit.edu>, <F37736EA-2AEE-4022-A813-E21469420038@gmail.com> <7594FB04B1934943A5C02806D1A2204B1D72EE30@ESESSMB209.ericsson.se> <54FD964F.2070105@jive.com> <7594FB04B1934943A5C02806D1A2204B1D73015C@ESESSMB209.ericsson.se> <54FD9D50.4070202@jive.com>
In-Reply-To: <54FD9D50.4070202@jive.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1425910564; bh=xB9MBZeY0YxQ+D493wKCjr8oUTKhWdYqYSyP3Bnwal0=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=qwzP/sg3c08CTgzSJrl6lvHU1thkAtR/BPlZaxzcPvmjMTVmzC1ner/FnEA0pXQZI 7T0y/Hq7HTUAB/iaurciHXL4hu+uHuVHafzys/4Jp7AtqUfEN4Z3QJyW1WxC8I0W8P LJpuBUTrmrss5MO1Q8xMW4nPh8B3JbzSiBermwJzlUWn13szPGXaF8iJxctMvXCEO3 f6i71bXQNBFdtJKRTjVVzkMihNE9i2vbIyvkLPBBBy9itzd4n2eeemKJ5//wArGkD2 cA8x865rcNZdsQcmJb6ApdNDrmg963+GE+qVUB72CoKpDPz/D/pTL1JnTzR84R8kSY gmqw3bD/wU7JQ==
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/qDtfifUrMLzBbub0ACYzkmOtNgQ>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2015 14:17:08 -0000

On 3/9/15 9:17 AM, Simon Perreault wrote:
> Le 2015-03-09 08:54, Christer Holmberg a écrit :
>> DTLS itself knows nothing about ICE.
>>
>> So, IF DTLS assumes (implicitly or explicitly) that a single 5-tuple is used, the appropriate WG at least need to be consulted about whether usage of multiple 5-tuples will cause any issues - technical or security.

ISTM that this subject is closely related to multipath transports - TCP, 
RTP, UDP, SCTP. ICE provides a way to negotiate the multiple paths.

Looking around, work on multipath transports is spread around. For TCP 
and SCTP it was done in transport. There is a draft for multipath RTP in 
avtcore. I see a little email discussion of multipath UDP in transport, 
but (based on my one minute spent googling) not any real action.

To date ICE hasn't considered this to be a general multipath transport 
problem - just a way to negotiate a single path transport. But the 
discussion here is showing flaws in that approach. But 
draft-wing-mmusic-ice-mobility was closer to really dealing with multipath.

This may need a tactical solution to keep rtcweb going in a timely way 
and a more strategic approach to get this all properly cleaned up.

	Thanks,
	Paul

v2.23.0 | Report a Bug | By Email