IETF Logo Mail Archive

Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples

Christer Holmberg <christer.holmberg@ericsson.com> Wed, 04 March 2015 20:04 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD1391A0AF7 for <rtcweb@ietfa.amsl.com>; Wed, 4 Mar 2015 12:04:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.6
X-Spam-Level:
X-Spam-Status: No, score=-3.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, J_CHICKENPOX_14=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ls-4Z3uXqXK8 for <rtcweb@ietfa.amsl.com>; Wed, 4 Mar 2015 12:04:54 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B73F21A0390 for <rtcweb@ietf.org>; Wed, 4 Mar 2015 12:04:53 -0800 (PST)
X-AuditID: c1b4fb30-f79c86d000000fc0-e6-54f7656360a8
Received: from ESESSHC006.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 92.8C.04032.36567F45; Wed, 4 Mar 2015 21:04:51 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.214]) by ESESSHC006.ericsson.se ([153.88.183.36]) with mapi id 14.03.0210.002; Wed, 4 Mar 2015 21:04:51 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Roman Shpount <roman@telurix.com>
Thread-Topic: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples
Thread-Index: AQHQVqbHfYSbCv5RRE+VguSZdJaU4Z0MmygAgAACNQCAAB9EuP//8M8AgAASNNg=
Date: Wed, 04 Mar 2015 20:04:50 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D726B71@ESESSMB209.ericsson.se>
References: <54F74B02.1070902@jive.com> <CAD5OKxs8JYG3-Vvndi59ZrdPE7UTj22ozD4tcWTHgzWrHv=q7Q@mail.gmail.com> <54F756B2.60408@jive.com> <7594FB04B1934943A5C02806D1A2204B1D726AD8@ESESSMB209.ericsson.se>, <CAD5OKxu7py3HbrFjxTDZS5ECFzx7vd=wpjve-gT6gWwksjEu+g@mail.gmail.com>
In-Reply-To: <CAD5OKxu7py3HbrFjxTDZS5ECFzx7vd=wpjve-gT6gWwksjEu+g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_7594FB04B1934943A5C02806D1A2204B1D726B71ESESSMB209erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpkkeLIzCtJLcpLzFFi42KZGfG3Rjc59XuIwbb/ZhYzLkxltlj7r53d 4vqVUAdmjyVLfjJ5/JvzlNnj1pSCAOYoLpuU1JzMstQifbsEroy+AzwFxzQqnmy4z9rA+Fep i5GTQ0LAROLZq8tsELaYxIV764FsLg4hgSOMEp+33mWHcBYzShyc8ZS1i5GDg03AQqL7nzZI g4iAqsTf75OZQGxmAT+Jnf2v2UFsYQFjiW8znzBC1JhIbHz+nAnC9pPYvWsr2DIWARWJ/xPX sIDYvAK+Ep9OPWOC2DWZSWLex2ZmkASnQKDEyinfwGxGoOu+n1oDtUxcounLSlaIqwUkluw5 zwxhi0q8fPyPFaImX+LZ11Z2iAWCEidnPmGZwCgyC0n7LCRls5CUQcQNJL68vw1la0ssW/ia GcLWl+h+f5oJWXwBI/sqRtHi1OKk3HQjI73Uoszk4uL8PL281JJNjMA4O7jlt8EOxpfPHQ8x CnAwKvHwGpR+CxFiTSwrrsw9xCjNwaIkzmtnfChESCA9sSQ1OzW1ILUovqg0J7X4ECMTB6dU A2OYVaqG9YPZDHP4pyQ6XSkxsLC0er1o2QHnCSe2PZBkDjxqeZG16Gb6lJUnzbRUkt0Xzj50 5XCgp+5rj9dTtp78yHetIVMtZRbXK6dD5q/DZ73pjvL02HP4RhYTZ7DCTEPhX9LPT+pmHkn4 9+2VnGHccqWZk6SWi5eLtm4zSn77bIIcY/5VwTIlluKMREMt5qLiRABdcV8+lAIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/sTn1HVrZyGezEl3Nnv9cja9Rx6A>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Mar 2015 20:04:56 -0000

Hi,

What if you jump from an UDP candidate to a TCP candidate? At the same time you would be jumping from DTLS to TLS (even for SRTP, where DTLS is only used for key management).

Regards,

Christer

Sent from my Windows Phone
________________________________
From: Roman Shpount<mailto:roman@telurix.com>
Sent: ‎04/‎03/‎2015 21:59
To: Christer Holmberg<mailto:christer.holmberg@ericsson.com>
Cc: Simon Perreault<mailto:sperreault@jive.com>; rtcweb@ietf.org<mailto:rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples

On Wed, Mar 4, 2015 at 2:54 PM, Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>> wrote:
Didn't we last week agree that, if the underlying transport changes, the DTLS connection MUST be re-established?

Jumping from one candidate to another is a transport change, isn't it?


In cases where ICE is used jump from on candidate to another should not constitute a transport change. A change in ICE ufrag should constitute the transport change. All ICE candidates are a single virtual transport channel. Without this a lot of ICE setup scenarios, such as rapid nomination, break down. Even changes in the c= line address, m=line port port, or list of candidates is not a transport change if ufrag stays the same.

In cases where ICE is not used, changes of address in c= line or port in m= line are a transport change.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email