IETF Logo Mail Archive

Re: [rtcweb] [BEHAVE] FW: I-D Action: draft-muthu-behave-consent-freshness-04.txt

Eric Rescorla <ekr@rtfm.com> Wed, 17 July 2013 09:02 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D846121F9E13 for <rtcweb@ietfa.amsl.com>; Wed, 17 Jul 2013 02:02:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.976
X-Spam-Level:
X-Spam-Status: No, score=-102.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id efK9mY8DqGX3 for <rtcweb@ietfa.amsl.com>; Wed, 17 Jul 2013 02:02:49 -0700 (PDT)
Received: from mail-qc0-f176.google.com (mail-qc0-f176.google.com [209.85.216.176]) by ietfa.amsl.com (Postfix) with ESMTP id D97A921F9DD0 for <rtcweb@ietf.org>; Wed, 17 Jul 2013 02:02:48 -0700 (PDT)
Received: by mail-qc0-f176.google.com with SMTP id z10so947567qcx.35 for <rtcweb@ietf.org>; Wed, 17 Jul 2013 02:02:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:x-gm-message-state; bh=Ii69YmhragN4j/hHMeXfek5F74aJ9PAidKrto1vJDBc=; b=SOFBCeom60cMe2mp/k8qZtmZm4OK6zKLeCaUlz+qKwsuwPws+5kwN1n39J9HfaOdtc 3xUOTA0THVShpqTPKZktbBKI0rTDBfASq+L3IK6IR5J+Ia073zIaK/6z6FcutAVYKrGx 0gXqZAv+c3Gys/UTizzo41lhPYusKC/4pn2LV402MpS9UmKgy8qJjUhc0RfwVZt4DyaR Al0Y29CVpcOIo5a5XwTxhf5vnK61aCS+owM39S8dFxLvAeWUaawZ0MvMYVnhRwojwPmq saVjzn6ZjkiYR9glrW8LsJjxYTys3OZ4htVpbF1AEwCROwNRXYahzGuAy8ztUz8zON8n 17mA==
X-Received: by 10.224.4.202 with SMTP id 10mr8144132qas.1.1374051767268; Wed, 17 Jul 2013 02:02:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.49.48.234 with HTTP; Wed, 17 Jul 2013 02:02:07 -0700 (PDT)
X-Originating-IP: [220.136.0.192]
In-Reply-To: <E721D8C6A2E1544DB2DEBC313AF54DE224199A15@xmb-rcd-x02.cisco.com>
References: <20130715173816.18605.12504.idtracker@ietfa.amsl.com> <E721D8C6A2E1544DB2DEBC313AF54DE224198182@xmb-rcd-x02.cisco.com> <51E513BF.2040405@viagenie.ca> <E721D8C6A2E1544DB2DEBC313AF54DE224199A15@xmb-rcd-x02.cisco.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 17 Jul 2013 17:02:07 +0800
Message-ID: <CABcZeBOchbtu8exo93QS5rri2Bvfa5z=2ty7a3dGr-pExY8hyQ@mail.gmail.com>
To: "Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com>
Content-Type: multipart/alternative; boundary="001a11c20dfe7dc3c104e1b15bda"
X-Gm-Message-State: ALoCoQlgdZ37vgQD2iFclZr05eb6y7hgotmLQcow1SPAPNjsR90P3pUkh6OUHJ6oemdtQX8NGYjR
Cc: "behave@ietf.org" <behave@ietf.org>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] [BEHAVE] FW: I-D Action: draft-muthu-behave-consent-freshness-04.txt
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2013 09:02:55 -0000

On Tue, Jul 16, 2013 at 6:49 PM, Muthu Arul Mozhi Perumal (mperumal) <
mperumal@cisco.com> wrote:

> [Added rtcweb since I am not sure if everyone involved there are following
> this discussion in behave]
>
> Thanks for the review. See inline..
>
> |-----Original Message-----
> |From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On Behalf
> Of Simon Perreault
> |Sent: Tuesday, July 16, 2013 3:05 PM
> |To: behave@ietf.org
> |Subject: Re: [BEHAVE] FW: I-D Action:
> draft-muthu-behave-consent-freshness-04.txt
> |
> |Le 2013-07-15 20:42, Muthu Arul Mozhi Perumal (mperumal) a écrit :
> |> The text and the algorithm in the draft are significantly simplified in
> this updated version.
> |>
> |> Comments welcome..
> |
> |MUCH better introduction. Now I feel like I understand the need exactly.
> |
> |The "Design Considerations" section is still very confusing to me.
> |
> |>    Though ICE specifies STUN Binding indications to be used for
> |>    keepalives, it requires that an agent be prepared to receive
> |>    connectivity check as well.  If a connectivity check is received, a
> |>    response is generated, but there is no impact on ICE processing, as
> |>    described in section 10 of [RFC5245].
> |
> |...so? Why is "an impact on ICE processing" necessary?
>
> Meant to stress these Binding request/response doesn't trigger an ICE
> restart..
>
> |
> |>    While a WebRTC browser could verify whether the peer continues to
> |>    send SRTCP reports before sending traffic to the peer, the usage of
> |>    SRTCP together with Security Descriptions [RFC4568] requires exposing
> |>    the media keys to the JavaScript and renders SRTCP unsuitable for
> |>    consent freshness.
> |
> |Why does it "require exposing the media keys to the JavaScript"? Is this
> |because of a law of nature, or is it because of the way the JavaScript
> |API is being designed? Could the JS API be changed to accommodate
> |SRTCP+SDES?
>
> That's how the API construct looks like today -- the JavaScript would get
> an SDP blob from the browser containing the crypto keys used for SDES-SRTP.
> Of course, the browser could hide those keys by putting a "****" in SDP -:).



Uh, then how would they be sent to the other side?

As far as I can tell, with any plausible API SDES requires exposing the
keys to JS.

-Ekr

v2.23.0 | Report a Bug | By Email