IETF Logo Mail Archive

Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples

Christer Holmberg <christer.holmberg@ericsson.com> Wed, 04 March 2015 20:06 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A5F21A886F for <rtcweb@ietfa.amsl.com>; Wed, 4 Mar 2015 12:06:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.6
X-Spam-Level:
X-Spam-Status: No, score=-3.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, J_CHICKENPOX_14=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KQY69zDsWBwr for <rtcweb@ietfa.amsl.com>; Wed, 4 Mar 2015 12:06:50 -0800 (PST)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88BE21A889C for <rtcweb@ietf.org>; Wed, 4 Mar 2015 12:06:49 -0800 (PST)
X-AuditID: c1b4fb3a-f79036d000001e94-1c-54f765d70265
Received: from ESESSHC010.ericsson.se (Unknown_Domain [153.88.253.124]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id FD.57.07828.7D567F45; Wed, 4 Mar 2015 21:06:47 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.214]) by ESESSHC010.ericsson.se ([153.88.183.48]) with mapi id 14.03.0210.002; Wed, 4 Mar 2015 21:06:46 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>, Roman Shpount <roman@telurix.com>
Thread-Topic: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples
Thread-Index: AQHQVqbHfYSbCv5RRE+VguSZdJaU4Z0MmygAgAACNQCAAB9EuP//8M8AgAASNNiAAACK+A==
Date: Wed, 04 Mar 2015 20:06:46 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D726BFE@ESESSMB209.ericsson.se>
References: <54F74B02.1070902@jive.com> <CAD5OKxs8JYG3-Vvndi59ZrdPE7UTj22ozD4tcWTHgzWrHv=q7Q@mail.gmail.com> <54F756B2.60408@jive.com> <7594FB04B1934943A5C02806D1A2204B1D726AD8@ESESSMB209.ericsson.se>, <CAD5OKxu7py3HbrFjxTDZS5ECFzx7vd=wpjve-gT6gWwksjEu+g@mail.gmail.com>, <7594FB04B1934943A5C02806D1A2204B1D726B71@ESESSMB209.ericsson.se>
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B1D726B71@ESESSMB209.ericsson.se>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_7594FB04B1934943A5C02806D1A2204B1D726BFEESESSMB209erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrJLMWRmVeSWpSXmKPExsUyM+Jvje711O8hBv2vlC1mXJjKbLH2Xzu7 A5PHkiU/mTxuTSkIYIrisklJzcksSy3St0vgytgwexpbQY95xZUVB5gbGP/odzFyckgImEis eP2cDcIWk7hwbz2QzcUhJHCEUeLg3BOMEM5iRok1u1aydjFycLAJWEh0/9MGaRARiJb48GEB E4jNLKAucWfxOXYQW1jAWOLbzCeMEDUmEhufP2eCsMMkZs29xQpiswioSFy6cQ2snlfAV2Li 8VvsELtuMElcvPcYrIFTwE+i/d03MJsR6Lrvp9ZALROXaPqykhXiagGJJXvOM0PYohIvH/9j hajJl7ix9QQbxAJBiZMzn7BMYBSZhaR9FpKyWUjKIOIGEl/e34aytSWWLXzNDGHrS3S/P82E LL6AkX0Vo2hxanFxbrqRkV5qUWZycXF+nl5easkmRmBcHdzy22oH48HnjocYBTgYlXh4DUq/ hQixJpYVV+YeYpTmYFES57UzPhQiJJCeWJKanZpakFoUX1Sak1p8iJGJg1OqgXHGn5vWTzc0 shr8n6XBkpSXfUJDdJakgWKucWbpm72FD30eMZTp9W7POBX147eZ+NzNt048l7TOPjZPKTGH YWb1m9/zLSfuFSo1e7Hm5rxvt1clFeVbfxH9bNA6VXRy4726N+uDy95qSN92XRmxtHbeae3g Dj6uW9vKCxZfXzON77WN4cq2kBlKLMUZiYZazEXFiQC3GWOQjAIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/rvB4YWw888fukwpsLsuRz3eZ6lk>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Mar 2015 20:06:52 -0000

Correction. You are not jumping to TLS, if you use framing for DTLS when TCP is used.

Regards,

Christer

Sent from my Windows Phone
________________________________
From: Christer Holmberg<mailto:christer.holmberg@ericsson.com>
Sent: ‎04/‎03/‎2015 22:05
To: Roman Shpount<mailto:roman@telurix.com>
Cc: rtcweb@ietf.org<mailto:rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples

Hi,

What if you jump from an UDP candidate to a TCP candidate? At the same time you would be jumping from DTLS to TLS (even for SRTP, where DTLS is only used for key management).

Regards,

Christer

Sent from my Windows Phone
________________________________
From: Roman Shpount<mailto:roman@telurix.com>
Sent: ‎04/‎03/‎2015 21:59
To: Christer Holmberg<mailto:christer.holmberg@ericsson.com>
Cc: Simon Perreault<mailto:sperreault@jive.com>; rtcweb@ietf.org<mailto:rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples

On Wed, Mar 4, 2015 at 2:54 PM, Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>> wrote:
Didn't we last week agree that, if the underlying transport changes, the DTLS connection MUST be re-established?

Jumping from one candidate to another is a transport change, isn't it?


In cases where ICE is used jump from on candidate to another should not constitute a transport change. A change in ICE ufrag should constitute the transport change. All ICE candidates are a single virtual transport channel. Without this a lot of ICE setup scenarios, such as rapid nomination, break down. Even changes in the c= line address, m=line port port, or list of candidates is not a transport change if ufrag stays the same.

In cases where ICE is not used, changes of address in c= line or port in m= line are a transport change.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email