IETF Logo Mail Archive

Re: [rtcweb] How to determine TLS roles?

Eric Rescorla <ekr@rtfm.com> Mon, 10 February 2014 22:10 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C113D1A08B3 for <rtcweb@ietfa.amsl.com>; Mon, 10 Feb 2014 14:10:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GhRSdnLZGkv4 for <rtcweb@ietfa.amsl.com>; Mon, 10 Feb 2014 14:10:11 -0800 (PST)
Received: from mail-vb0-f45.google.com (mail-vb0-f45.google.com [209.85.212.45]) by ietfa.amsl.com (Postfix) with ESMTP id 592661A05F4 for <rtcweb@ietf.org>; Mon, 10 Feb 2014 14:10:11 -0800 (PST)
Received: by mail-vb0-f45.google.com with SMTP id m10so5355113vbh.32 for <rtcweb@ietf.org>; Mon, 10 Feb 2014 14:10:11 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=Ts7mgot6fFLBjJ8XB1Ro73l8aztsFddxioS3nuY40dQ=; b=NHiuikNmQ3tXDda5jgQwUm2m4hiyiq6TNl8l8Tl2r7+Mf44pEBOtbEoP3TpQKjdI1n QkjntRveB4uSFm/bEBsQNJyUoi1bbULdZnyCHqSZgi9aOLacG7IR6BFRPYpSklwXpt0k lj9n00AFVDPD/XOdAkBi4UTaN9QIUanJaOeoqZH72ndx2N+o/BUZdjoymE9eBsqXKmK+ +bgicjiFYgGmz2rNKnB6BPgw8TE4ISiDMLfrTFwwAn2FUKpq//ujPKrcTr96RytIhYg5 oMSl9TB9WB+mAMl/zbbNkGqZPsL+F+SQXfCpjwvnYva6/nFZFryFSrXFpVQ/mEq6ZtkJ ESWg==
X-Gm-Message-State: ALoCoQlaLGjfxLvhCSvSY8XUsISKE6/HNZ6+J8PKgjFU8mOaGNMGdC/0924uBLHWV/Xb+iP+tQF/
X-Received: by 10.58.134.101 with SMTP id pj5mr6074veb.38.1392070210974; Mon, 10 Feb 2014 14:10:10 -0800 (PST)
MIME-Version: 1.0
Received: by 10.58.106.162 with HTTP; Mon, 10 Feb 2014 14:09:30 -0800 (PST)
X-Originating-IP: [2620:101:8003:300:816b:de46:ae49:8a05]
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B1D167F68@ESESSMB209.ericsson.se>
References: <7594FB04B1934943A5C02806D1A2204B1D1672FC@ESESSMB209.ericsson.se> <9ADA7473-1F36-4D96-A875-D2DC0762E9C2@phonefromhere.com> <7594FB04B1934943A5C02806D1A2204B1D1673C4@ESESSMB209.ericsson.se> <54B6400D-3753-4285-96DB-08EDB23BD03F@phonefromhere.com> <7594FB04B1934943A5C02806D1A2204B1D1674E9@ESESSMB209.ericsson.se> <CABcZeBOyQeLSwYjKt7hNqn0WViHYhvLmsGecmwCWyGNgUdgSnA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D167825@ESESSMB209.ericsson.se> <CABcZeBM520F4BAuWkRrdFvUD7yha1CR8xMo74fnf=pQwSvj32g@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D167F68@ESESSMB209.ericsson.se>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 10 Feb 2014 14:09:30 -0800
Message-ID: <CABcZeBO2MvWOtK3Ok+SZTyGCfJRuW52yn3Ts4FJDD9foHFjb8Q@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Content-Type: multipart/alternative; boundary="089e01183daa6d8b5c04f2149a4b"
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] How to determine TLS roles?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Feb 2014 22:10:14 -0000

On Mon, Feb 10, 2014 at 12:54 PM, Christer Holmberg <
christer.holmberg@ericsson.com> wrote:

> Hi,
>
> >>This is defined in RFC 5763 S 5:
> >>http://tools.ietf.org/html/rfc5763#section-5
> >>
> >>Which points to:
> >>http://tools.ietf.org/html/rfc4145
> > Ok. So, a few questions to for clarification:
> >
> > Q1: This means that the JS App must set the setup attrbute value before
> passing an SDP to the browser?
> >
> > No. The browser does it.
> >
> >> Q2: If SDP O/A is not used on the wire, there needs to be another
> mechanism for the peers to negotiate/indicate who is "active" and who is
> "passive"?
> >
> > I don't see how this is our problem.
>
> Ok, let me rephrase: we use SDP O/A in the API between the JS App and the
> browser, and the RFCs you pointed to above say that the SDP setup attribute
> is used to negotiate the roles.
>
> So, can the JS App, using the setup attribute, control the DTLS role in
> the browser


That ties into the general question of which a-lines can be modified in
the JS app. It's no more decided than those questions.



> >> Q3: If you have mulitple m- lines, all using the same DTLS association,
> the setup attribute value must be identical in all m- lines?
> >
> > You mean because they are bundled? This should follow the same rules we
> generally use for things that are bundled.
>
> We haven't specified the rules for the setup attribute yet, but I assume
> it will have to be identical for each m- line within a BUNDLE group.
>

OK.


> And, in case the m- lines are NOT bundled, there will be separate DTLS
> associations, with separate roles, right?
>

Yes.

-Ekr



> Regards,
>
> Christer
>

v2.23.0 | Report a Bug | By Email