Re: [rtcweb] JSEP fingerprint hash requirements
Martin Thomson <martin.thomson@gmail.com> Tue, 22 October 2013 16:14 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B0E611E840C for <rtcweb@ietfa.amsl.com>; Tue, 22 Oct 2013 09:14:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.529
X-Spam-Level:
X-Spam-Status: No, score=-2.529 tagged_above=-999 required=5 tests=[AWL=0.071, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jSmVQgxULRft for <rtcweb@ietfa.amsl.com>; Tue, 22 Oct 2013 09:14:11 -0700 (PDT)
Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) by ietfa.amsl.com (Postfix) with ESMTP id B11FC11E8414 for <rtcweb@ietf.org>; Tue, 22 Oct 2013 09:14:10 -0700 (PDT)
Received: by mail-wi0-f170.google.com with SMTP id l12so7047107wiv.1 for <rtcweb@ietf.org>; Tue, 22 Oct 2013 09:14:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Kd1KdB4jKisMdLdf36V04W7ZRqsD1X5bZxbaPKtMpVo=; b=mls+3hAmqvb0ZV9PJwpG7hjTHK0IR00zH60BxKRTQOwj3T8y8Nu9GX+JVhGPXrjs6O mXRtL+E/LNobeHHpbU1o36THiXFE81TtFCC+ZhzPCvjk8sztjQbgWfD5Wju0ftE56sRc Rpyc+myRBN0C0vVBEwKokh+5XgYykX02VcDMWHf4XZHf1toKGi3Rfkg5/AX5knrEpmQH nm/mPNfiizdyxAzA6I9sKl2YkBIE7ubrGFkWnId6WSHLmNJfYFZAlCoSQnep7hqkXb0B ZiBLprNqO7JPffbBKyAogvfzM+OWw4HAHTRIsWJhfA3PMgi12xctbd1P5PsMDu7FBx7T Fjxw==
MIME-Version: 1.0
X-Received: by 10.180.9.139 with SMTP id z11mr15378767wia.22.1382458449680; Tue, 22 Oct 2013 09:14:09 -0700 (PDT)
Received: by 10.227.202.194 with HTTP; Tue, 22 Oct 2013 09:14:09 -0700 (PDT)
In-Reply-To: <CABcZeBNLYOJUeNe_7yF6p66uJ9f0oHkkhUBdcZ3+143L6rhmDg@mail.gmail.com>
References: <CAMvTgcfvaUMWJaD5zX2rt6DWOWBgHEA-SqNtOqxs_bOqw_Ygbg@mail.gmail.com> <CABkgnnXBdQOgs9OKYRrU4wYRghj3WH30=vo-q7iSVjUub1SKow@mail.gmail.com> <CABcZeBOGjsOTXPtAFh+KR9SDQv8tEtUDE3gLvSN+f5dZ2R2R1Q@mail.gmail.com> <CABkgnnVTv4jVZkCDHWKk_X8yb3VEGBLXh+sW00OCG6RXMNkpgA@mail.gmail.com> <5265386A.2020005@alvestrand.no> <CABkgnnUpwep1Gw+3t+bdc-vvatod-vQBpydSfcAqM93fk4vm+Q@mail.gmail.com> <52666E6E.5060206@alvestrand.no> <CABcZeBNLYOJUeNe_7yF6p66uJ9f0oHkkhUBdcZ3+143L6rhmDg@mail.gmail.com>
Date: Tue, 22 Oct 2013 09:14:09 -0700
Message-ID: <CABkgnnUHhxfF4K=kXdMCh2hLcJHdxnMLcwC68DEakbFABqgg0Q@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: text/plain; charset="UTF-8"
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] JSEP fingerprint hash requirements
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Oct 2013 16:14:11 -0000
On 22 October 2013 08:39, Eric Rescorla <ekr@rtfm.com> wrote: > On Tue, Oct 22, 2013 at 5:24 AM, Harald Alvestrand <harald@alvestrand.no> > wrote: >> If I don't support SHA-512, and the certificate says you have to use >> SHA-512 to verify the certificate, but I have a fingerprint using SHA-256, >> am I exposed to some attack I'd have been protected against if I understood >> SHA-512, or not? > > I'm not quite sure I follow. If the certificate isn't being third-party > validated, > it's irrelevant what digest was used to sign the certificate. What EKR said. It's all in the draft. For 4572, aside from secondary uses, the certificate is primarily used as a container for a public key. The hash forms a binding between the public key (by hashing its container) and the actual session description. Then, all you need is some form of trust in the integrity of the session description. Of course, once we go to webrtc, the integrity of the session description is immediately suspect. RFC 4572 provides close to zero utility for webrtc. Identity providers use a separate binding of the same form to bind an identity assertion to the public key that is independent of the integrity of the signaling channel.
- [rtcweb] JSEP fingerprint hash requirements Kevin Dempsey
- Re: [rtcweb] JSEP fingerprint hash requirements Martin Thomson
- Re: [rtcweb] JSEP fingerprint hash requirements Eric Rescorla
- Re: [rtcweb] JSEP fingerprint hash requirements Martin Thomson
- Re: [rtcweb] JSEP fingerprint hash requirements Cullen Jennings (fluffy)
- Re: [rtcweb] JSEP fingerprint hash requirements Justin Uberti
- Re: [rtcweb] JSEP fingerprint hash requirements Harald Alvestrand
- Re: [rtcweb] JSEP fingerprint hash requirements Martin Thomson
- Re: [rtcweb] JSEP fingerprint hash requirements Harald Alvestrand
- Re: [rtcweb] JSEP fingerprint hash requirements Martin Thomson
- Re: [rtcweb] JSEP fingerprint hash requirements Martin Thomson
- Re: [rtcweb] JSEP fingerprint hash requirements Justin Uberti
- Re: [rtcweb] JSEP fingerprint hash requirements Martin Thomson
- Re: [rtcweb] JSEP fingerprint hash requirements Harald Alvestrand
- Re: [rtcweb] JSEP fingerprint hash requirements Eric Rescorla
- Re: [rtcweb] JSEP fingerprint hash requirements Martin Thomson