Re: [rtcweb] Unsolicited DTLS Handshake

Christer Holmberg <christer.holmberg@ericsson.com> Thu, 04 December 2014 06:28 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94FB31A88CB for <rtcweb@ietfa.amsl.com>; Wed, 3 Dec 2014 22:28:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.6
X-Spam-Level:
X-Spam-Status: No, score=-3.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, J_CHICKENPOX_111=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fTAFMryycSjk for <rtcweb@ietfa.amsl.com>; Wed, 3 Dec 2014 22:28:21 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBBE31A88C8 for <rtcweb@ietf.org>; Wed, 3 Dec 2014 22:28:20 -0800 (PST)
X-AuditID: c1b4fb25-f791c6d00000617b-e9-547fff023dc3
Received: from ESESSHC010.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 1D.C8.24955.20FFF745; Thu, 4 Dec 2014 07:28:19 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.189]) by ESESSHC010.ericsson.se ([153.88.183.48]) with mapi id 14.03.0195.001; Thu, 4 Dec 2014 07:28:18 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Justin Uberti <juberti@google.com>
Thread-Topic: [rtcweb] Unsolicited DTLS Handshake
Thread-Index: AQHQDbgwjr0wkzj8TUKVKwdS4+MXBJx9xuEggAAb0wCAAAUYAIAA9eU6gAABjYCAABvl8A==
Date: Thu, 4 Dec 2014 06:28:18 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D577B42@ESESSMB209.ericsson.se>
References: <CAD5OKxtyy2Djh5ssE69qLJq7deQU9LP=J2vpn_Y3eO=4D2vpmg@mail.gmail.com> <CALiegfnh3pHA=Z6O_PYuhoECzzex3quDh1fUk=yRvbFp+xKGNQ@mail.gmail.com> <CABkgnnUppq01v1vo8H6WY80nS5XUhf+mjuNMreYyCQagKFgOGQ@mail.gmail.com> <CAD5OKxsbt4O8xuphthvEJqEYgPfubhpvY1sNDi_GkzcyEQXkyw@mail.gmail.com> <CABkgnnX8ufq1YQm+6S1xE+zDMQ42qAcvYiViKmAdG49Tj3HXUA@mail.gmail.com> <CAD5OKxv9SZUCwZT81QgPHs_TLyLiMJLKt1WU+2F0oH+gKQAJoA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D56EA42@ESESSMB209.ericsson.se> <CAD5OKxvjbqNhszkDUjMaSJB2+Pnc4qQdmQQKfNT+Ypnz5yR2yw@mail.gmail.com> <1447FA0C20ED5147A1AA0EF02890A64B1D0EDF50@ESESSMB209.ericsson.se> <7594FB04B1934943A5C02806D1A2204B1D573154@ESESSMB209.ericsson.se> <CAD5OKxu5QNJVfu4qUXvKQuMiF8t-Zw==JaxjBkuC8USHscjBZA@mail.gmail.com> <CALiegfmeJUHvXtguSqy=U4uBvtXz0pg+AjGN3ygJ_Mwc8qak=g@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D5773BD@ESESSMB209.ericsson.se> <CAOJ7v-0KhjuxK6LDrr9V_fBGWoS2pZuumdSQ_fcc+d_U5GS8vw@mail.gmail.com>
In-Reply-To: <CAOJ7v-0KhjuxK6LDrr9V_fBGWoS2pZuumdSQ_fcc+d_U5GS8vw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.147]
Content-Type: multipart/alternative; boundary="_000_7594FB04B1934943A5C02806D1A2204B1D577B42ESESSMB209erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprCIsWRmVeSWpSXmKPExsUyM+JvjS7z//oQg7+/2S2m77Ox2DpVyGLG hanMFmv/tbM7sHica3jP7rFgU6nHkiU/mTxuTSkIYInisklJzcksSy3St0vgytjxeBZzQVde RfuplWwNjD3ZXYycHBICJhJvJ51kgbDFJC7cW8/WxcjFISRwhFFiwtp97BDOYkaJ9y9mM3Ux cnCwCVhIdP/TBmkQEVCTeDhrFytIDbNAG6PEy/tHwSYJCxhITJ80nRmiyFCi+fRZFpBeEYEw iSfnZUHCLAIqEifPLGUCsXkFfCX2v10Ltfg+u8TZOa9ZQRKcAoESM7qnMYLYjEDXfT+1BqyB WUBc4taT+UwQVwtILNlznhnCFpV4+fgfK8guCQEliWlb0yDK8yXu9/9jh9glKHFy5hOWCYyi s5BMmoWkbBaSsllAk5gFNCXW79KHKFGUmNL9kB3C1pBonTOXHVl8ASP7KkbR4tTipNx0I2O9 1KLM5OLi/Dy9vNSSTYzAaDy45bfqDsbLbxwPMQpwMCrx8Bqcqw8RYk0sK67MPcQozcGiJM67 8Ny8YCGB9MSS1OzU1ILUovii0pzU4kOMTBycUg2MHm+y5/5VLHui3cB7vEPHJyFzXUmutt69 5wXdk9P/hIozsdze7ix1dmkEyz7bo3cOHgh9XvflyY4bwk8qE/4fmLVkTd9bsawqThkXyw19 W/hLcxdxPDjCc+H5hlML19gVec1Or50lkP3rr+CP/e4+nN6u07bqTjom8MVx88HtSnxWdhdd buzOVGIpzkg01GIuKk4EABU0rD+nAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/v2ganZEumAspXcnyKCwj2W1l_Pw
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Unsolicited DTLS Handshake
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Dec 2014 06:28:23 -0000

5763 is specific to SRTP, but there are also other protocols using DTLS.

The Offer/Answer considerations should be the same for all of them – otherwise we will have problems e.g. in BUNDLE, if different protocols within a BUNDLE group use different rules for negotiating TLS roles etc…

Regards,

Christer

From: Justin Uberti [mailto:juberti@google.com]
Sent: 4. joulukuuta 2014 7:47
To: Christer Holmberg
Cc: Iñaki Baz Castillo; Roman Shpount; rtcweb@ietf.org
Subject: Re: [rtcweb] Unsolicited DTLS Handshake

That sounds like a 5763-bis.

On Wed, Dec 3, 2014 at 8:41 PM, Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>> wrote:
Hi Inaki,

My intention is not to be able to do everything with O/A.

I am trying to figure out what can be done with O/A, and how/if O/A affects existing DTLS connections.

If something can NOT be done, I think it would be good to document somewhere.

I am willing to start drafting a "TLS with SDP O/A" draft, if people think such would be useful.

Regards,

Christer

Sent from my Windows Phone
________________________________
From: Iñaki Baz Castillo<mailto:ibc@aliax.net>
Sent: ‎03/‎12/‎2014 17:01
To: Roman Shpount<mailto:roman@telurix.com>
Cc: Christer Holmberg<mailto:christer.holmberg@ericsson.com>; rtcweb@ietf.org<mailto:rtcweb@ietf.org>
Subject: Re: [rtcweb] Unsolicited DTLS Handshake
2014-12-03 15:43 GMT+01:00 Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>>:
> If the transport parameter have NOT changed, can the fingerprint be changed?


Correct me if I'm wrong, but during a DTLS/TLS session certificates
are sent just once, at the beginning. Changing the a=fingerprint
attribute in a new SDP O/A round-trip without forcing a new DTLS
session should just be considered an error.

Again: we are trying to signal too much in the SDP.

--
Iñaki Baz Castillo
<ibc@aliax.net<mailto:ibc@aliax.net>>

_______________________________________________
rtcweb mailing list
rtcweb@ietf.org<mailto:rtcweb@ietf.org>
https://www.ietf.org/mailman/listinfo/rtcweb