Re: Early arriving media before 200 OK

[EKR <ekr@xxxxxxxxxxxxxxxxxxxx>]

Dan Wing <dwing@xxxxxxxxx> wrote:

> ...
> > I agree that this is a concern--though not as serious a one as you
> > seem to believe (see S 8.4 of draft-fischl-sipping-media-dtls-01)
> > but it can be ameliorated in a number of ways.
> > 
> > 1. If ICE is being used it's not an issue at all.
> > 2. We can have the SDP offer include a randomly-generated key which
> >    is used to key TLS PSK mode.
> 
> #2 would essentially re-invent Security Descriptions, wouldn't it?

Not really, no. 

1. You would be secure from passive attack on unencrypted signalling
   channels.
2. You would have one-sided authentication immediately and two-sided
   as soon as the 200 arrives, even with unencrypted signalling
   channels.
3. The PSK would be used to add entropy to a media level key exchange
   (RSA, DH, whatever) so you would have secure forking.
4. You wouldn't be carrying algorithm negotiation information in the SDP,
   just a random value.


> Another technique is to stick the DTLS cookie into SDP 
> (http://tools.ietf.org/html/rfc4347#section-4.2.1).  Or, if the
> DTLS cookie is sacrosanct for DoS, an additional cookie could
> be defined.

Why would this be superior?

-Ekr