IETF Logo Mail Archive

[rtcweb] Re: [AVTCORE] Re: I-D Action: draft-lennox-sdp-raw-key-fingerprints-00.txt

Tim Panton <thp@westhawk.co.uk> Sat, 19 October 2024 09:38 UTC

Return-Path: <thp@westhawk.co.uk>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CBB0C180B42 for <rtcweb@ietfa.amsl.com>; Sat, 19 Oct 2024 02:38:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.702
X-Spam-Level:
X-Spam-Status: No, score=-1.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=westhawk.co.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1t-J0Vyqx1XF for <rtcweb@ietfa.amsl.com>; Sat, 19 Oct 2024 02:38:37 -0700 (PDT)
Received: from smtp004.apm-internet.net (smtp004.apm-internet.net [85.119.248.204]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77098C169426 for <rtcweb@ietf.org>; Sat, 19 Oct 2024 02:38:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=westhawk.co.uk; h=from :message-id:content-type:mime-version:subject:date:in-reply-to :cc:to:references; s=default; bh=qpahUtxjaa3UAY/Tz81Qv7UReUQF1qd GwO8YEbAnADU=; b=FzzrE5I5fbAhTzJjnAojnpguHV/M1CPUQLfXTUZS9QlaHNK PLyikAWQlfl9cfDmPrItaiE5zoggAKY1rOKvaSdflgYXkRq8Y1cSzOwAd68vpYCo 9bsoBNCyMUDmU1Py31ywJyQ3RyGSs+xFVi1ngN4JRLqRO2QzVrAAiy3jZZ4M=
Received: (qmail 65133 invoked from network); 19 Oct 2024 09:26:31 -0000
X-APM-Out-ID: 17293299916513
X-APM-Authkey: 255286/0(159927/0) 13
Received: from unknown (HELO zimbra003.verygoodemail.com) (85.119.248.218) by smtp004.apm-internet.net with SMTP; 19 Oct 2024 09:26:31 -0000
Received: from localhost (localhost [127.0.0.1]) by zimbra003.verygoodemail.com (Postfix) with ESMTP id 3D2B98356C; Sat, 19 Oct 2024 10:31:53 +0100 (BST)
Received: from zimbra003.verygoodemail.com ([127.0.0.1]) by localhost (zimbra003.verygoodemail.com [127.0.0.1]) (amavis, port 10026) with ESMTP id 0Sf2MWzd0P7K; Sat, 19 Oct 2024 10:31:53 +0100 (BST)
Received: from smtpclient.apple (unknown [192.67.4.106]) by zimbra003.verygoodemail.com (Postfix) with ESMTPSA id E36818356B; Sat, 19 Oct 2024 10:31:52 +0100 (BST)
From: Tim Panton <thp@westhawk.co.uk>
Message-Id: <127E9C8F-294E-4CD0-B486-7608CDD0EF5B@westhawk.co.uk>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6FADB835-2E03-4225-A5ED-B1B96BCC9556"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3776.700.51\))
Date: Sat, 19 Oct 2024 10:31:42 +0100
In-Reply-To: <CAD5OKxvji=+C4-ZZQT9ZQ5OKcWgPv_QV=iV+jj1kGQopyf6hVQ@mail.gmail.com>
To: Jonathan Lennox <jonathan.lennox=408x8.com@dmarc.ietf.org>
References: <172928612918.1576603.10331362486173581644@dt-datatracker-78dc5ccf94-w8wgc> <B87EBD43-908A-464B-A888-412030A3E60E@8x8.com> <CAD5OKxvji=+C4-ZZQT9ZQ5OKcWgPv_QV=iV+jj1kGQopyf6hVQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3776.700.51)
Message-ID-Hash: 2JSWPEXMXJH3CC6VJDA4XAI2D6DGY4G4
X-Message-ID-Hash: 2JSWPEXMXJH3CC6VJDA4XAI2D6DGY4G4
X-MailFrom: thp@westhawk.co.uk
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-rtcweb.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: mmusic@ietf.org, avt@ietf.org, rtcweb@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [rtcweb] Re: [AVTCORE] Re: I-D Action: draft-lennox-sdp-raw-key-fingerprints-00.txt
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/xgUzpMud-d6lGmx9zMdNwsQ1vtI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Owner: <mailto:rtcweb-owner@ietf.org>
List-Post: <mailto:rtcweb@ietf.org>
List-Subscribe: <mailto:rtcweb-join@ietf.org>
List-Unsubscribe: <mailto:rtcweb-leave@ietf.org>

Hi, I’d be interested in discussing this draft - we actually use webRTC certificates for p2p identity management and would be keen to be sure that this will continue to be possible with this draft.

How do you see this interacting with the w3c’s  PeerConnection API ? 

I wonder if it is actually necessary to add anything to the SDP - isn’t the DTLS hello’s content enough to determine how to process a fingerprint ?

Anyhow - happy to discuss _somewhere_ - ideally online .

T.

> On 19 Oct 2024, at 00:03, Roman Shpount <roman@telurix.com> wrote:
> 
> Hi Jonathan,
> 
> I do support this draft since it will simplify and optimize common WebRTC use cases.
> 
> This draft should take into account RFC 8842 and tls-id use in addition to connection:new/existing.
> 
> Best Regards,
> _____________
> Roman Shpount
> 
> 
> On Fri, Oct 18, 2024 at 5:32 PM Jonathan Lennox <jonathan.lennox=408x8.com@dmarc.ietf.org <mailto:408x8.com@dmarc.ietf.org>> wrote:
>> Hi, all —
>> 
>> I have submitted this draft defining how to use raw public keys (rather than self-signed certificates) in TLS or DTLS negotiated with SDP, with of course the specific use case in mind of SDP-negotiated DTLS/SRTP such as is used in WebRTC.
>> 
>> Comments are welcome, as well as any suggestions as to the best forum in which to develop this work; the base TLS in SDP (i.e. “a=fingerprint”) work was done in MMUSIC, but that group is closing down.
>> 
>> Thank you!
>> 
>> > On Oct 18, 2024, at 5:15 PM, internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> wrote:
>> > 
>> > Internet-Draft draft-lennox-sdp-raw-key-fingerprints-00.txt is now available.
>> > 
>> >   Title:   Session Description Protocol Fingerprints for Raw Public Keys in (Datagram) Transport Layer Security
>> >   Author:  Jonathan Lennox
>> >   Name:    draft-lennox-sdp-raw-key-fingerprints-00.txt
>> >   Pages:   9
>> >   Dates:   2024-10-18
>> > 
>> > Abstract:
>> > 
>> >   This document defines how to negotiate the use of raw keys for TLS
>> >   and DTLS with the Session Description Protocol (SDP).  Raw keys are
>> >   more efficient than certificates for typical uses of TLS and DTLS
>> >   negotiated with SDP, without loss of security.
>> > 
>> > The IETF datatracker status page for this Internet-Draft is:
>> > https://datatracker.ietf.org/doc/draft-lennox-sdp-raw-key-fingerprints/
>> > 
>> > There is also an HTML version available at:
>> > https://www.ietf.org/archive/id/draft-lennox-sdp-raw-key-fingerprints-00.html
>> > 
>> > Internet-Drafts are also available by rsync at:
>> > rsync.ietf.org::internet-drafts
>> > 
>> > 
>> 
>> _______________________________________________
>> Audio/Video Transport Core Maintenance
>> To unsubscribe send an email to avt-leave@ietf.org <mailto:avt-leave@ietf.org>
> _______________________________________________
> rtcweb mailing list -- rtcweb@ietf.org <mailto:rtcweb@ietf.org>
> To unsubscribe send an email to rtcweb-leave@ietf.org <mailto:rtcweb-leave@ietf.org>

v2.35.0 | Report a Bug | By Email | System Status