Re: [rtcweb] Security Architecture -07 review

Martin Thomson <martin.thomson@gmail.com> Fri, 26 July 2013 00:12 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0C8821F8F32 for <rtcweb@ietfa.amsl.com>; Thu, 25 Jul 2013 17:12:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ag7HjeawgHb6 for <rtcweb@ietfa.amsl.com>; Thu, 25 Jul 2013 17:12:43 -0700 (PDT)
Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com [IPv6:2a00:1450:400c:c05::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 120E821F8F29 for <rtcweb@ietf.org>; Thu, 25 Jul 2013 17:12:42 -0700 (PDT)
Received: by mail-wi0-f172.google.com with SMTP id c10so214650wiw.5 for <rtcweb@ietf.org>; Thu, 25 Jul 2013 17:12:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=iqFm+qzCgQsF+2wyDICQ/vvcAjLd6iK//MFwjPae9as=; b=NPeM3wYmhscbvvgidRT9QTVDu3vYDlphN16WjTDwcm/l0FRr9mhjKHkM5iR8eU2qvD xAXCgKJv8hDsDcoTS7YMoFutpFjF4MUtw1KotTK1enZFqGGouPWrk6qky7MIB4PZnIPa 6yaRcum92OqoQFc3WY90REuSUDzWRm8fbslcYF5akocPYb8MxAVR5mBOVIliRseVhtZG yQLTjDn9xICXRvOmjyUWEisvFu/S1ddqjb8H+0EFfqKBg0tzaWdu+8vZ1/6IwDghfy/l +iCxrHD/7vQlD0n7rvK1WByektq5g9aPkZGVNmfFnBE0VuvWbTdDThchoY+U+doAVFJz NmoA==
MIME-Version: 1.0
X-Received: by 10.194.77.99 with SMTP id r3mr32667054wjw.5.1374797559341; Thu, 25 Jul 2013 17:12:39 -0700 (PDT)
Received: by 10.194.60.46 with HTTP; Thu, 25 Jul 2013 17:12:39 -0700 (PDT)
In-Reply-To: <3F737E1C-BBF9-4399-8B7D-B50FB4A2FFC0@cisco.com>
References: <CABkgnnWUZXBRneGnRsA9Xo-rrdw7nAsBR+5SL6SRyjbR+Egfgw@mail.gmail.com> <D96D0971-E3A7-4E96-B3F4-83C2044252B7@cisco.com> <CABkgnnW71aGwgaX3oBYofQaHP7pFyyh9mGifXdFL=NYiJ+qfYw@mail.gmail.com> <3F737E1C-BBF9-4399-8B7D-B50FB4A2FFC0@cisco.com>
Date: Thu, 25 Jul 2013 17:12:39 -0700
Message-ID: <CABkgnnXq4fJf2dCTKaU_O1LLagVVKqnwnnLXS4ZmEwyH+5wKZQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Dan Wing <dwing@cisco.com>
Content-Type: text/plain; charset=UTF-8
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Security Architecture -07 review
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jul 2013 00:12:43 -0000

On 25 July 2013 17:00, Dan Wing <dwing@cisco.com> wrote:
>> The concern is the first party, who gets the certificate.  Using DH
>> isn't going to fix that.
>
> Then you're arguing for "endpoint MUST NOT change its certificate".

Nope.  There are reasons to maintain a stable certificate (being able
to audit old calls is helped by this, though a log of fingerprints
used for calls over time might do the same, albeit a little less
transparently; performance is another reason), just as there are
reasons to change the certificate (privacy, mainly an ability to keep
peers from linking calls).

And yes, generally DH > not DH, but I'm not sure the benefits are
huge, depending on what your threat model is.  I was just pointing out
that it doesn't actually help for the cases that I was really
concerned about.  The women's shelter case in particular.