Re: [rtcweb] No Interim on SDES at this juncture
Richard Barnes <rlb@ipv.sx> Thu, 20 June 2013 23:09 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 818AC21F9CD0 for <rtcweb@ietfa.amsl.com>; Thu, 20 Jun 2013 16:09:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.371
X-Spam-Level: *
X-Spam-Status: No, score=1.371 tagged_above=-999 required=5 tests=[AWL=0.014, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D7heVPCrUjwK for <rtcweb@ietfa.amsl.com>; Thu, 20 Jun 2013 16:09:17 -0700 (PDT)
Received: from mail-oa0-x230.google.com (mail-oa0-x230.google.com [IPv6:2607:f8b0:4003:c02::230]) by ietfa.amsl.com (Postfix) with ESMTP id 5A1F221F9CB7 for <rtcweb@ietf.org>; Thu, 20 Jun 2013 16:09:17 -0700 (PDT)
Received: by mail-oa0-f48.google.com with SMTP id f4so8607439oah.21 for <rtcweb@ietf.org>; Thu, 20 Jun 2013 16:09:16 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=T6Kt1RXd9ONcFSItjTYsgQ/RDe/ION13+P6MgBcFzJI=; b=eWKjZJL4p+unVx3QXGURGChIYkZm9LA/4q+o0fOogzTu06z9ZLax64QZBmUj47Ajci o66mCq4RUnT5WSQf3zCBisn9F/hL6TN3+94uJMCgNeb98jxzYQ2BtgI+N5SvUtRN8xGw b5Ycsdfw37UjjzBwD0E1l+jvVXK2LWiRNhvC2RVxCY+fLwlzJNkF2tF+p/JCOaNZS8pW sePV+OYmhtPQRIh09Dm4QwIC7GJV74l/3uWWrePCDbOjDMSQJUu4iRw36fsN0TMnBomL nnvU5JxuV8zf7+nkz4PtuyV+GlPG3NKt56/6OjifL2HzPJKiIQVOA9RNJX8NLncmII4P zxCQ==
MIME-Version: 1.0
X-Received: by 10.182.60.2 with SMTP id d2mr2459325obr.75.1371769756846; Thu, 20 Jun 2013 16:09:16 -0700 (PDT)
Received: by 10.60.26.135 with HTTP; Thu, 20 Jun 2013 16:09:16 -0700 (PDT)
X-Originating-IP: [108.18.40.68]
In-Reply-To: <CAD5OKxs6kbMRhK5S8XYywAbfcEKyBnmBw=7nAgKeLed8iGx-uw@mail.gmail.com>
References: <CA+9kkMDnjCNXGV0GU7x6gbbZMf4WiEuVvCRY8_Fix5tmdOB-Kg@mail.gmail.com> <AD220324-EEE7-4800-8512-FD7BADA9EC34@oracle.com> <CA+9kkMDY2Z_5_1uYJ1K_ZmrJB2a1-RE7V3aPqNHQg82DyagjCg@mail.gmail.com> <2975A93F-44DA-4020-B4DE-42E7ED98C08F@oracle.com> <51BAC9BC.6070708@ericsson.com> <94846970-4694-4EC8-AEFA-AEECEE0135AA@oracle.com> <51C02EE8.5070809@ericsson.com> <AE1A6B5FD507DC4FB3C5166F3A05A4841A2C78AD@TK5EX14MBXC273.redmond.corp.microsoft.com> <CAL02cgTFSbYSX7v3q37tsjzaPMshyyBroGWr=qmy-HGm82GJFg@mail.gmail.com> <AE1A6B5FD507DC4FB3C5166F3A05A4841A2C7EF8@TK5EX14MBXC273.redmond.corp.microsoft.com> <CAL02cgQMkHu-NqEeScT2ObfknJ+3OjXi7Y=7rUJtqeu3CbewMQ@mail.gmail.com> <8E9D2A9F-3D8B-4480-A85D-320CF30FEAA6@oracle.com> <9F33F40F6F2CD847824537F3C4E37DDF115D2D76@MCHP04MSX.global-ad.net> <CAD5OKxvMGD=e3rHta9aLRAOAM022V0hzcp6nJbmG+GAxBohS6g@mail.gmail.com> <9F33F40F6F2CD847824537F3C4E37DDF115D2E8D@MCHP04MSX.global-ad.net> <CAD5OKxs6kbMRhK5S8XYywAbfcEKyBnmBw=7nAgKeLed8iGx-uw@mail.gmail.com>
Date: Thu, 20 Jun 2013 19:09:16 -0400
Message-ID: <CAL02cgSG+AntWvyyyGFoQ3zXkZtpd6pVCHfpiCZjSV_3rdj=6Q@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Roman Shpount <roman@telurix.com>
Content-Type: multipart/alternative; boundary="089e015387dc12259b04df9e09bb"
X-Gm-Message-State: ALoCoQnlMYTytu/Qr42ti6nCC3BWLYww24lJc3NEobABNh/P+Bp5OsPFsbnA/hagJMqgYEfbw+08
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] No Interim on SDES at this juncture
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 23:09:22 -0000
The path from end to end media path is not the same as the path from end to middle (signaling path). SRTP in general (without assumptions on key management) protects against a passive attacker that is on the media path but not on the signaling path. If, in addition, the browser does not expose media keys to JS (as is required for SDES), then even an active attacker who hijacks the HTTP connection to inject scripts cannot access the media keys. --Richard On Thu, Jun 20, 2013 at 6:58 PM, Roman Shpount <roman@telurix.com> wrote: > > On Thu, Jun 20, 2013 at 5:25 PM, Hutton, Andrew < > andrew.hutton@siemens-enterprise.com> wrote: > >> Using SRTP is always more secure than using plain RTP but again I think >> the problem to be solved is how the user is notified about the level of >> risk. >> >> >> > Please explain how SRTP is more secure the plain RTP when communicating > with plain HTTP server? I can decode either from a simple packet capture. > After all, you did say always... > _____________ > Roman Shpount > >
- [rtcweb] No Interim on SDES at this juncture Ted Hardie
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Bernard Aboba
- Re: [rtcweb] No Interim on SDES at this juncture Cullen Jennings
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Ted Hardie
- Re: [rtcweb] No Interim on SDES at this juncture Vijaya Mandava (vimandav)
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Hutton, Andrew
- Re: [rtcweb] No Interim on SDES at this juncture Tim Panton
- Re: [rtcweb] No Interim on SDES at this juncture Harald Alvestrand
- Re: [rtcweb] No Interim on SDES at this juncture Tim Panton
- Re: [rtcweb] No Interim on SDES at this juncture Dan Wing
- Re: [rtcweb] No Interim on SDES at this juncture Dan Wing
- Re: [rtcweb] No Interim on SDES at this juncture Bernard Aboba
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Magnus Westerlund
- Re: [rtcweb] No Interim on SDES at this juncture Christer Holmberg
- Re: [rtcweb] No Interim on SDES at this juncture Tim Panton
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Iñaki Baz Castillo
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Christer Holmberg
- Re: [rtcweb] No Interim on SDES at this juncture Parthasarathi R
- Re: [rtcweb] No Interim on SDES at this juncture Harald Alvestrand
- Re: [rtcweb] No Interim on SDES at this juncture Magnus Westerlund
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Matthew Kaufman (SKYPE)
- Re: [rtcweb] No Interim on SDES at this juncture Richard Barnes
- Re: [rtcweb] No Interim on SDES at this juncture Matthew Kaufman (SKYPE)
- Re: [rtcweb] No Interim on SDES at this juncture Matthew Kaufman (SKYPE)
- Re: [rtcweb] No Interim on SDES at this juncture Bernard Aboba
- Re: [rtcweb] No Interim on SDES at this juncture Michael Procter
- Re: [rtcweb] No Interim on SDES at this juncture Bernard Aboba
- Re: [rtcweb] No Interim on SDES at this juncture Michael Procter
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- [rtcweb] Agenda time request for IETF 87 Berlin Hadriel Kaplan
- Re: [rtcweb] Agenda time request for IETF 87 Berl… Ted Hardie
- Re: [rtcweb] No Interim on SDES at this juncture Richard Barnes
- Re: [rtcweb] No Interim on SDES at this juncture Matthew Kaufman (SKYPE)
- Re: [rtcweb] No Interim on SDES at this juncture Dan Wing
- Re: [rtcweb] No Interim on SDES at this juncture Dan Wing
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Magnus Westerlund
- Re: [rtcweb] No Interim on SDES at this juncture Harald Alvestrand
- Re: [rtcweb] No Interim on SDES at this juncture Hutton, Andrew
- Re: [rtcweb] No Interim on SDES at this juncture Roman Shpount
- Re: [rtcweb] No Interim on SDES at this juncture Hutton, Andrew
- Re: [rtcweb] No Interim on SDES at this juncture Richard Barnes
- Re: [rtcweb] No Interim on SDES at this juncture Richard Barnes
- Re: [rtcweb] No Interim on SDES at this juncture Roman Shpount
- Re: [rtcweb] No Interim on SDES at this juncture Richard Barnes
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Roman Shpount
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Richard Barnes
- Re: [rtcweb] No Interim on SDES at this juncture Richard Barnes
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Dan Wing
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Dan Wing
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Hadriel Kaplan
- Re: [rtcweb] No Interim on SDES at this juncture Martin Thomson
- Re: [rtcweb] No Interim on SDES at this juncture Max Jonas Werner
- Re: [rtcweb] No Interim on SDES at this juncture Parthasarathi R
- Re: [rtcweb] No Interim on SDES at this juncture Max Jonas Werner
- Re: [rtcweb] No Interim on SDES at this juncture Timothy B. Terriberry