Re: [Sframe] [dispatch] Dispatch of SFrame for End-To-End Encrypted Conference Calls

Alexandre GOUAILLARD <Alex.GOUAILLARD@cosmosoftware.io> Fri, 26 June 2020 11:05 UTC

Return-Path: <alex.gouaillard@cosmosoftware.io>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B994F3A0B30 for <sframe@ietfa.amsl.com>; Fri, 26 Jun 2020 04:05:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cosmosoftware-io.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ol9mWLX3XoXU for <sframe@ietfa.amsl.com>; Fri, 26 Jun 2020 04:05:31 -0700 (PDT)
Received: from mail-ot1-x329.google.com (mail-ot1-x329.google.com [IPv6:2607:f8b0:4864:20::329]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F38D13A1228 for <sframe@ietf.org>; Fri, 26 Jun 2020 04:05:30 -0700 (PDT)
Received: by mail-ot1-x329.google.com with SMTP id n24so5978981otr.13 for <sframe@ietf.org>; Fri, 26 Jun 2020 04:05:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cosmosoftware-io.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CgH5sOaS1TmobupByT6mIWRGVrweS/5r4u0AwlA4mH4=; b=NPL23DxBN7YSE3whtgifrAzolyXCLQd0xEpJFdFq93Ek3R7o0zI6kTe1t/dUb7Eot9 TpGTKpaetpwxQWwiNNuNR1i8pTcj0Zh/TdcgHB69V7S0SBiHGZRGLCsnS4sxECh0yFof kgqadf14c+JzzNlVBEu1Ym2mtr5MucaNY5nbI9TMPVEnfdui4OASEGhPxJG8emroeUjS 3Xnwaak3Vr32MJ4XNVHjJM1TDO4+3jYVsG76V2y8TyKztarluW90ytZKQNa7NN5h4s+y av3qmX387ZLSisbh545rs5676XEsCk+tduKq8tqXnBgt4KMp8wj6Q+1+q+znneqZ8c1F mMXg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CgH5sOaS1TmobupByT6mIWRGVrweS/5r4u0AwlA4mH4=; b=E6/xl8wFMgQKUr3IVc1G2jycNfr0NzTq5UUc9w9XyUSL6ZURUC+rgmNiOI9s2sG+VW a5jzpMisFVWtPptAI0aNRw+9i1a336lq3WedMTtpHTIViDvKs10vj5M4/ulVFWIuFz1Q AA3OePe/Vn/rPJxtRwnbrnLym9mqSbdgE7PZYJ5bKiCDrJ8g/m0dj8VvPwW7Yrk6ITP0 lr75NXV+QJypqHycSdfEDsRDx2BH8SiO4LCq82+2hmac5PP5C/G2iWYugOCegECIusU9 CXb3z4aOpF/f9uLNiQLQx2YZtvXPsWCvEAahLFidfY2WNVPQlV2TPDB6iuH3QPM27vvH ncIg==
X-Gm-Message-State: AOAM530aW0TuA6mBQiksUPx1qmcaCGfy34iI+mY2zC+04ViMkrKWdcAX wmmIuXD2tWl7P9QPzs73Y3iW50x3o6Bsmov1ghh1HA==
X-Google-Smtp-Source: ABdhPJxb6JimmdVnIfEr4V9hMSXPC4YH7rkuMpoVcABzfE086iOImgn6PR58qcuLkTOTA8cgiUDYsuh1Ltc1fP0+8f4=
X-Received: by 2002:a05:6830:452:: with SMTP id d18mr1839186otc.164.1593169530073; Fri, 26 Jun 2020 04:05:30 -0700 (PDT)
MIME-Version: 1.0
References: <CAHo7dC8oF4nOkVXf2=igaGdtRYTGk0a=rjkBZ7goYjZP+m25ew@mail.gmail.com> <E8A5F574-7D1B-4BE7-873E-9AFF84C0B3A8@nostrum.com> <CAHo7dC_O13kQdwMmkKcaQ1ctxVKSvv3EqdRfikBhohDaiaujsg@mail.gmail.com> <CAOdDvNri5J5p74Niosc4JKPhMOUTeq5hqK2ZjPD-RxQ0w75M6Q@mail.gmail.com> <CAOdDvNrx4cMn20XMrv9zO1jKi8FtEkDLEE7nvc15DKVodJ6NxA@mail.gmail.com> <0e4d01d64b92$49cf5040$dd6df0c0$@gmail.com>
In-Reply-To: <0e4d01d64b92$49cf5040$dd6df0c0$@gmail.com>
From: Alexandre GOUAILLARD <Alex.GOUAILLARD@cosmosoftware.io>
Date: Fri, 26 Jun 2020 13:05:19 +0200
Message-ID: <CACtMSQXS3GunOs4jFEsSr=F6dT3ptmJsiiBp9R6YcPCjODiRmg@mail.gmail.com>
To: Roni Even <ron.even.tlv@gmail.com>
Cc: Patrick McManus <patrick.ducksong@gmail.com>, Emad Omara <emadomara@google.com>, Ben Campbell <ben@nostrum.com>, Dispatch WG <dispatch@ietf.org>, sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e849e605a8faaf32"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/6tt_b5lBPQd4s2jdvS26-q1j888>
Subject: Re: [Sframe] [dispatch] Dispatch of SFrame for End-To-End Encrypted Conference Calls
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jun 2020 11:05:33 -0000

Hi roni,

Those are great points.

With respect to EKT, we believe that just like double and EKT were two
separate matters even though there were both needed to get a complete
system to work, media encryption (SFrame) and key distribution should be
separated. One of the argument in favor of separation is that while media
encryption will likely be the same in nature whether you do video
conferencing, or streaming, or other media use cases, the trust /
threat model can be vastly different, and thus require different key
exchange mechanisms.

With respect to RTP, and I believe emad is working on writing a draft as we
speak.

regards,


On Fri, Jun 26, 2020 at 10:18 AM Roni Even <ron.even.tlv@gmail.com> wrote:

> Hi,
>
>
>
> I find this proposal interesting since the issue of key distribution in
> multipoint conferences is a problem even if the media mixer (any topology)
> is a trusted entity and wants to distribute the encrypted media without
> doing decrypt/encrypt cycle.  One point to look at is that in the past when
> we designed RFC5764 (DTLS/SRTP) the consensus was that key exchange must be
> done in-band.
>
> As far as I remember one of the motivation point for EKT in AVT was to
> address the key distribution for multipoint conferences.
>
>
>
> As for the work, if there is a consensus to accept this work, it will
> require support for RTP. How to signal that this is such a payload and what
> should be the RTP PT in the RTP header. (how to negotiate what is the
> secure payload inside the SFRAME)
>
> On one hand it may look like a new RTP payload (similar to MPEG2 RTP
> payload (RFC2250)) and as such is in scope for AVTCore but as for the
> framework I think this is not AVTCore work.
>
>
>
> Roni Even
>
> AVTCore co-chair
>
>
>
>
>
>
>
> *From:* dispatch [mailto:dispatch-bounces@ietf.org] *On Behalf Of *Patrick
> McManus
> *Sent:* Monday, June 15, 2020 10:06 PM
> *To:* Emad Omara
> *Cc:* Ben Campbell; Dispatch WG; sframe@ietf.org
> *Subject:* [dispatch] Dispatch of SFrame for End-To-End Encrypted
> Conference Calls
>
>
>
> Hi All -
>
> I failed to note the link highlighting in Emad's mail to the list which
> already contained the draft. Sorry about that. (It's
> https://tools.ietf.org/html/draft-omara-sframe-00 if you too missed it).
>
> There's also a github and mailing list referenced:
> https://github.com/eomara/sframe
> https://mailarchive.ietf.org/arch/browse/sframe/?
>
>
>
> [I've also forked the Subject Line to help interested readers]
>
>
>
> On Mon, Jun 15, 2020 at 2:42 PM Patrick McManus <
> patrick.ducksong@gmail.com> wrote:
>
> Sounds really interesting Emad and there's obviously related work going on
> (at least perc, maybe even mls..).
>
>
>
> Sending that email Ben mentions to the dispatch list to raise awareness
> with a link to the draft would be helpful in getting the process started..
>
>
>
> On Mon, Jun 15, 2020 at 2:33 PM Emad Omara <emadomara@google.com> wrote:
>
> Hi Ben,
>
>
>
> This draft proposes a solution for end-to-end encrypted conference calls.
> We implemented this in Google a couple of years ago in Duo, but the draft
> was only published last month given the current interest in the topic.
>
>
>
> The goal of the session is to go through the proposal and see if there is
> interest to continue working on this, and if so what will be the best WG to
> host this work.
>
>
>
> Thanks
>
> Emad
>
>
>
> On Mon, Jun 15, 2020 at 11:02 AM Ben Campbell <ben@nostrum.com> wrote:
>
> Hi Emad,
>
>
>
> We prioritize DISPATCH meeting time to focus on topics that have had
> DISPATCH list discussion and need high-bandwidth time to resolve. Unless
> I’ve missed something, this topic has not previously come up in DISPATCH. I
> suggest sending a note to this list with some background about the draft
> and how you would like to see it progress.
>
>
>
> Thanks!
>
>
>
> Ben.
>
>
>
> On Jun 15, 2020, at 12:32 PM, Emad Omara <
> emadomara=40google.com@dmarc.ietf.org> wrote:
>
>
>
> Hi,
>
>
>
> We would like to have a session in the next IETF to discuss the SFrame
> draft <https://tools.ietf.org/html/draft-omara-sframe-00> Can you please
> help scheduling this?
>
>
>
> Thanks
>
> Emad
>
> _______________________________________________
> dispatch mailing list
> dispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/dispatch
>
>
>
> --
> Sframe mailing list
> Sframe@ietf.org
> https://www.ietf.org/mailman/listinfo/sframe
>