IETF Logo Mail Archive

Re: [rtcweb] Consensus call regarding media security

Roman Shpount <roman@telurix.com> Wed, 28 March 2012 20:41 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A88F21F87D6 for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 13:41:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.677
X-Spam-Level:
X-Spam-Status: No, score=-2.677 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TJOdANSy40ce for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 13:41:53 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 3645121F877D for <rtcweb@ietf.org>; Wed, 28 Mar 2012 13:41:53 -0700 (PDT)
Received: by yhkk25 with SMTP id k25so1166177yhk.31 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 13:41:52 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=4bOc22qQpYEQ+ChRdA3EmHDZYrwVzkSftzSA+vSgqzw=; b=C7FnEeOk6qhmTQW/h23/5fPqquIn0HDX6mr+1sC6rmZjEc0TrdJk009dbs5iLgwet5 DlrJs4hmjN82l9swCH9rlSX0xCxwOFx48bdEMK+CGRFa3s7IFaWqyeQTT0WD4SPxB3Pj XPrEnmUNjUoBQV7MyMtJyIUWvINqbLsY3TsnEyK+zEnY1/WCWN0FP+T1H+2S4b014eLa oEs0hAF9yXhy0cXD3kx7zx01anRRQNrz1WAvRV/996TtJOmuVUzDUAYPlQs0dTdcJixh WjjXAAk4H6NY/zCPhXRza8f6toYSt8qR8yooXbp6E+He+NCna5STfuUTEvdKrpCQUsj0 QOXw==
Received: by 10.236.156.233 with SMTP id m69mr30962212yhk.128.1332967312480; Wed, 28 Mar 2012 13:41:52 -0700 (PDT)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by mx.google.com with ESMTPS id d25sm10700611yhe.4.2012.03.28.13.41.50 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 28 Mar 2012 13:41:50 -0700 (PDT)
Received: by ggmi1 with SMTP id i1so1188527ggm.31 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 13:41:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.221.10 with SMTP id qa10mr73888004pbc.139.1332967309832; Wed, 28 Mar 2012 13:41:49 -0700 (PDT)
Received: by 10.68.6.67 with HTTP; Wed, 28 Mar 2012 13:41:49 -0700 (PDT)
In-Reply-To: <CALiegfn4MZYb-qCnM62T7w4EgWqrC5baN+pAYBZF84kEA7Ko6A@mail.gmail.com>
References: <4F732531.2030208@ericsson.com> <CAD5OKxs6NHha2egNSTumEaHYJ0bB6qu_nfshmBM6dntx2n49HQ@mail.gmail.com> <CALiegfn4MZYb-qCnM62T7w4EgWqrC5baN+pAYBZF84kEA7Ko6A@mail.gmail.com>
Date: Wed, 28 Mar 2012 16:41:49 -0400
Message-ID: <CAD5OKxtDED1vSFrw4V9TKkUzdSSXNg+S_WBrxmnFo21hjJvqMA@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Iñaki Baz Castillo <ibc@aliax.net>
Content-Type: multipart/alternative; boundary="e89a8ff24801fff33404bc53a2db"
X-Gm-Message-State: ALoCoQktfn/ZRMsujLFVHnpS4HzfyyDlM6dZ7hpM6Iu8j/NNvSFSbFeLFyyKdfndzR5q0yvkotUu
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Consensus call regarding media security
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 20:41:54 -0000

On Wed, Mar 28, 2012 at 1:56 PM, Iñaki Baz Castillo <ibc@aliax.net> wrote:

> 2012/3/28 Roman Shpount <roman@telurix.com>:
> > As I have mentioned before on this list I am strongly against making SRTP
> > protection for RTP a requirement. I think this is an unnecessary
> requirement
> > that serves little real purpose except feeding into some marketing
> message
> > that most of the WebRTC users would not care about. Unless use of
> identity
> > is also a requirement, requiring SRTP will provide security only in a
> very
> > narrow sense of the word. At the same time I do believe that extra
> standard
> > requirements will stifle innovation and  will complicate new service or
> > application creation.
>
> SRTP (with SDES so without identity authentication) is still much
> better than plain RTP, right? If I'm in an airport connected to an
> open WiFi network, but I use HTTPS/WSS for signaling from my WebRTC
> browser, then I can be sure that no one in the airport can intercept
> my media streams (using SRTP-SDES).
>
> Of course this does not solve the fact that there could be some MiM
> attacker somewhere in the signaling path, but NOT in the airport! What
> is sure is that if I was using plain RTP then everyone in the open
> WiFi network could intercept my media streams.
>
> IMHO it's really clear that SRTP (even with SDES) is MUCH better than
> plain RTP. And so far I have not heard any advantage fof allowing
> plain RTP other than "it allows interoperability with my 5 years ago
> SIP device".
>
>
My main objection is that if an application developer does not take care to
develop a secure application, nothing you can do on the standard side will
make it a secure application. If I am building a public voice blog that
records a voice message that anybody can listen to on the web site security
is not needed. My assumption is that a fair number of applications would be
like this. So for such applications this is an unnecessary feature.

WebRTC will not exist in vacuum. It will communicate with other systems. It
is not limited to old SIP devices. It can be something new like server side
speech recognition that is integrated with web application. For such
application extra code and interop requirements to support security will
represent a real and significant cost. Any requirement, unless absolutely
necessary will create barriers to entry for new applications. I would like
to avoid as many of those as possible.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email