Re: [rtcweb] draft-ietf-rtcweb-rtp-usage-12 Client-to-Mixer Audio Level

Justin Uberti <juberti@google.com> Wed, 05 March 2014 14:40 UTC

Return-Path: <juberti@google.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8ABE01A021D for <rtcweb@ietfa.amsl.com>; Wed, 5 Mar 2014 06:40:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.925
X-Spam-Level:
X-Spam-Status: No, score=-1.925 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Xv26ArRIUYE for <rtcweb@ietfa.amsl.com>; Wed, 5 Mar 2014 06:40:25 -0800 (PST)
Received: from mail-oa0-x231.google.com (mail-oa0-x231.google.com [IPv6:2607:f8b0:4003:c02::231]) by ietfa.amsl.com (Postfix) with ESMTP id 479FA1A0505 for <rtcweb@ietf.org>; Wed, 5 Mar 2014 06:40:25 -0800 (PST)
Received: by mail-oa0-f49.google.com with SMTP id g12so1075734oah.22 for <rtcweb@ietf.org>; Wed, 05 Mar 2014 06:40:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=YzFMGWcVX+wX20+Khf1j6hfpLbxphl0OJLhi1qUoA64=; b=GMWbB43hM8lN/v7XdNUMtnwK7v5rI3swrNlxQYXk34r9PY60zSx7WYQulPEZoCNviC gXe/fOUsqrFGj5UIhISKaliC7Pcwgze15HVbHsWDEhgPiRihAyBp2cGXBS9N1RzB3Hc6 m1BdFnNZfpbXhlBqcwCe7zyTn0uCzEp+7bW6ZL5FdcTosoV9hspzIBI4SDwvSXiqZFGc o+S706e4bTjeSSowmwn2s5zzeut+bi1DACVVHYpIIMprHCTOXEg0A4lnvHD3Q77uo7aQ VRl3eAWuRNq5wlr4v9VoQyzPqbzf82MDJrmqNUxHTMD92aWB2zr5N6+q2dk0nbzCdn0I XpfQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=YzFMGWcVX+wX20+Khf1j6hfpLbxphl0OJLhi1qUoA64=; b=MMKTpg5OaMLLyKcl+2ZzYp6Ym4ZLVL20VFPkF6iNxJQ4xmw/BnMTi8snhMrW5ZYxHk Wz5UiD9FsHqzpkEUodObWFftnM/7H/dUNwxXPuaRCnX9JqbonPo3M7WPSHnkpk7m9R5j mD2IU8N/4mh1sDKyaPbgHZNLwQjH71jZkt3JB2N11qMOhKPLcTmUaM5Wbbzun3bERHAz eUpgYucJ11pXjNrhatBwJqV1CF2DoRowhZ668kyAuf2WTD/ecVEXi/OjJl6ooBkrhGIY uH6d++MCpTHv0Dr8ayMoeLpvtL0BIqcvxSw0VDi8StnLGbC3CCkMY5FzR5GPUuUV6gmN Arsg==
X-Gm-Message-State: ALoCoQmxLATNOlTcfDLc6r0fH79g85EHzlRNFUTo1QAXE0bDfNnRl1Q6BI+tKpNqgDPC1N1lwPNwpsT2juylJZAifduhCeCrOMmJCYdE7n0EpfBYUhVIasOD0fecu3TMZUwo/GJT3KEFTi72EAlv+5Kq5jNnV0CXams5BRX0VpohHd7nEZ+CMdY/2GMnGzrHc+ygJhBgJBld
X-Received: by 10.60.102.37 with SMTP id fl5mr643330oeb.65.1394030421499; Wed, 05 Mar 2014 06:40:21 -0800 (PST)
MIME-Version: 1.0
Received: by 10.182.96.230 with HTTP; Wed, 5 Mar 2014 06:40:01 -0800 (PST)
In-Reply-To: <FEE68505-90BA-407F-ABEF-CE8819BA3189@cisco.com>
References: <1BC59A5D-D1C9-4E3F-ABFB-C1D664CD7ACF@cisco.com> <EEF5B1D0-7782-4EB8-90DF-F1D56B2D2ADC@phonefromhere.com> <0526965B-6AC9-42F4-9E62-CF3BF29872D3@cisco.com> <CAOJ7v-3JAKZDHtrx9J2v=hqksQ9xdz7XW_1HbqioEzWMqUrn7A@mail.gmail.com> <32D95060-6273-4804-A398-712311481E73@phonefromhere.com> <FEE68505-90BA-407F-ABEF-CE8819BA3189@cisco.com>
From: Justin Uberti <juberti@google.com>
Date: Wed, 5 Mar 2014 14:40:01 +0000
Message-ID: <CAOJ7v-0EnS0k8NXi++EA0yGjZce=ZvOXyPG2=hUyeTU_0ji-aw@mail.gmail.com>
To: "Cullen Jennings (fluffy)" <fluffy@cisco.com>
Content-Type: multipart/alternative; boundary=089e0111bce0147fc204f3dd009a
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/sPK3yBXV-460MF9LSSS5JFASTto
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] draft-ietf-rtcweb-rtp-usage-12 Client-to-Mixer Audio Level
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Mar 2014 14:40:27 -0000

Agree with Cullen (and FWIW the SRTP encryption uses keys vended from the
DTLS master secret, so I think even if you are able to crack the SRTP
crypto it would not be trivial to go backwards up to the DTLS key material)


On Wed, Mar 5, 2014 at 2:35 PM, Cullen Jennings (fluffy)
<fluffy@cisco.com>wrote;wrote:

>
> On Mar 5, 2014, at 2:33 PM, tim panton <tim@phonefromhere.com> wrote:
>
> >
> > On 5 Mar 2014, at 14:25, Justin Uberti <juberti@google.com> wrote:
> >
> >> So there are three things here:
> >> 1) MUST the implementation offer encrypted header extensions? (i.e.
> mandatory-to-implement)
> >> 2) MUST the implementation use encrypted header extensions? (i.e.
> mandatory-to-use)
> >> 3) MUST the implementation expose an API to control this? (i.e. no SDP
> munging needed)
> >>
> >> I think we want yes for #1, no for #2, and #3 is potentially
> interesting but out of scope for 1.0.
> >> That gives encrypted headers for audio on by default, but remote
> parties can negotiate this off using RFC 6904 mechanisms.
> >>
> >
> > In order to agree with that I’d need to be persuaded that there isn’t a
> known-plaintext attack risk there
> > (e.g. detecting a muted mic therefore knowing the ulaw content of a
> packet), since
> > any weakening  in DTLS also impacts the data channel and video channels
> - assuming bundle.
> >
> > Like I say, I’m not enough of a cryptographer to know.
>
> No - it does not weaken DTLS to know the plaintext (and if it did, DTLS
> would have series security problems )