IETF Logo Mail Archive

Re: [rtcweb] SRTP not mandatory-to-use

Roman Shpount <roman@telurix.com> Wed, 11 January 2012 23:20 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A82321F8531 for <rtcweb@ietfa.amsl.com>; Wed, 11 Jan 2012 15:20:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.976
X-Spam-Level:
X-Spam-Status: No, score=-2.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vQkQf1bZ6bQh for <rtcweb@ietfa.amsl.com>; Wed, 11 Jan 2012 15:20:46 -0800 (PST)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id 7247321F851A for <rtcweb@ietf.org>; Wed, 11 Jan 2012 15:20:46 -0800 (PST)
Received: by ggnr5 with SMTP id r5so785436ggn.31 for <rtcweb@ietf.org>; Wed, 11 Jan 2012 15:20:46 -0800 (PST)
Received: by 10.50.10.225 with SMTP id l1mr1096729igb.9.1326324045555; Wed, 11 Jan 2012 15:20:45 -0800 (PST)
Received: from mail-pw0-f44.google.com (mail-pw0-f44.google.com [209.85.160.44]) by mx.google.com with ESMTPS id uc6sm5243166igb.4.2012.01.11.15.20.44 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 11 Jan 2012 15:20:44 -0800 (PST)
Received: by pbdd12 with SMTP id d12so1035313pbd.31 for <rtcweb@ietf.org>; Wed, 11 Jan 2012 15:20:43 -0800 (PST)
MIME-Version: 1.0
Received: by 10.68.122.225 with SMTP id lv1mr3178714pbb.68.1326324043593; Wed, 11 Jan 2012 15:20:43 -0800 (PST)
Received: by 10.68.44.197 with HTTP; Wed, 11 Jan 2012 15:20:43 -0800 (PST)
In-Reply-To: <CAOJ7v-20+yL7r+_ODx_czHTiujXZZWESaZRB7MQjhvScg3RFtw@mail.gmail.com>
References: <CAErhfrwu322=HTS0JZhum9EGfb73KmYS6CU_KMESyzEWhtvg2w@mail.gmail.com> <CABcZeBOeg-O+6===5tk0haxC8nLxUQyEUFRES2FAoFEf00fKng@mail.gmail.com> <CAErhfrxTKdo7Z+61x5ZcDt5ZM7C7ob5LNxMzwng_kk3Uqrp2_Q@mail.gmail.com> <4F01A790.4060704@alvestrand.no> <4F02A061.60905@jesup.org> <E44893DD4E290745BB608EB23FDDB762141EF8@008-AM1MPN1-042.mgdnok.nokia.com> <4F035DD5.3050305@jesup.org> <CAOJ7v-1dziaA_ePCuMxjn6uhBgOH=ZVybUmLBwQi5qiuyOzDMA@mail.gmail.com> <BLU152-W469B2EB104C104547FC42393960@phx.gbl> <CAD5OKxuE0VhSsjKggj1mLOseLeDXarujvAG44yHkuZttagJggw@mail.gmail.com> <CAKhHsXHnT2p7yncha5-BQ=-Lzk3-N+tuijM-UqwfP1mPUi173A@mail.gmail.com> <BLU152-W1140980759D89AC3C1D0CA93940@phx.gbl> <CA+9kkMBdX7YT1tPj5M3VrzAPKa6tXNGZVvvhjW9V4oOEC7g_kA@mail.gmail.com> <CAOJ7v-1_qMoHBb3K7rV=hG9EadqL=xn4KEdG0zdWnKZU9_TipQ@mail.gmail.com> <4AEFFC17-EF17-40F2-B83B-0B0CC44AD2C3@cisco.com> <CAKhHsXEes+Lf+uKdTrjXoy+3PMy2uNumNL-W-0s4_xRXW6FiZg@mail.gmail.com> <4F0CAC8C.8010203@wonderhamster.org> <1D062974A4845E4D8A343C6538049202074ABD3A@XMB-BGL-414.cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCF907@inba-mail02.sonusnet.com> <CALiegfkejnU2rTe-FibUVxTrRS9SivkhGXB5eK+FhD8Vu6iTMA@mail.gmail.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCF9FC@inba-mail02.sonusnet.com> <CALiegfn07bS58B+4ZyzRTnO4LCpw1e96dnqpSM+TT1y3QG2Zwg@mail.gmail.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCFBC1@inba-mail02.sonusnet.com> <CAOJ7v-20+yL7r+_ODx_czHTiujXZZWESaZRB7MQjhvScg3RFtw@mail.gmail.com>
Date: Wed, 11 Jan 2012 18:20:43 -0500
Message-ID: <CAD5OKxvt0+da8k6BvwXT9D8Fk7Nwz35UytXuw9qyXO2xBGXw4Q@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Justin Uberti <juberti@google.com>
Content-Type: multipart/alternative; boundary="e89a8f64650b79ba9804b648e110"
Cc: "rtcweb@ietf.org\"" <rtcweb@ietf.org>
Subject: Re: [rtcweb] SRTP not mandatory-to-use
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jan 2012 23:20:47 -0000

On Wed, Jan 11, 2012 at 2:52 PM, Justin Uberti <juberti@google.com> wrote:

> To reply to the OP: The consensus that I see having emerged from this
> discussion is that SRTP should be mandatory to use, with a provision for
> NULL ciphers for debugging. This provision is only exposed through
> developer settings, and can never be invoked from the web app; for all
> practical purposes, applications will have to use SRTP
>
>
I would still argue (even though I am obviously a minority here), that
plain RTP should be supported and this support should be accessible via JS
API with no web server configuration changes. The reasons are (apart from
debugging that will be addressed by NULL cypher), are overall symmetry with
HTTP vs HTTPS. As I have mentioned before, there are environments where
completely unsecured communication applications should be delivered, such
as some countries, army, prisons and such. I understand that you want to
disregard these people but they are internet users as well. Please keep in
mind that I am not arguing for a back-door to intercept secure
communications (against IETF policy) or to provide a way for secure
communication to fall back to unsecured. All I am looking for is an ability
to provide unsecured service if I, as a service provider, decide to do so.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email