[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Early arriving media before 200 OK

To: "'EKR'" <ekr@xxxxxxxxxxxxxxxxxxxx>
Subject: RE: Early arriving media before 200 OK
From: "Dan Wing" <dwing@xxxxxxxxx>
Date: Wed, 7 Feb 2007 09:41:48 -0800
Authentication-results: sj-dkim-5; header.From=dwing@xxxxxxxxx; dkim=pass (s ig from cisco.com/sjdkim5002 verified; );
Cc: <robin@xxxxxxxxxxxxxxx>, <ietf-rtpsec@xxxxxxx>
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1740; t=1170870107; x=1171734107; c=relaxed/simple; s=sjdkim5002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=dwing@xxxxxxxxx; z=From:=20=22Dan=20Wing=22=20<dwing@xxxxxxxxx> |Subject:=20RE=3A=20Early=20arriving=20media=20before=20200=20OK=20 |Sender:=20; bh=wNZD5oRxLGwtDWMCJi+sx6fmQ9eF6nTA7fZ1sfdXJBE=; b=nvVS/7XL1yuf7LDmyh21SwYnLIeSzo4YVoEVzq92gvODB4vmOk5lrcYw7s8gGu5QGubboola rp4HNEz3nMbLFmqDpjHW6sr19ERvrYMbc/OK/JphIa6D/ZdUwvMW2zpl;
In-reply-to: <20070207144919.76B201CC24@xxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-rtpsec/mail-archive/>
List-id: <ietf-rtpsec.imc.org>
List-unsubscribe: <mailto:ietf-rtpsec-request@imc.org?body=unsubscribe>
Sender: owner-ietf-rtpsec@xxxxxxxxxxxx
Thread-index: AcdKx29S8+6agZLFQ/O+HHuzLiivZwAF2B2Q


> > ...
> > > I agree that this is a concern--though not as serious a one as you
> > > seem to believe (see S 8.4 of draft-fischl-sipping-media-dtls-01)
> > > but it can be ameliorated in a number of ways.
> > > 
> > > 1. If ICE is being used it's not an issue at all.
> > > 2. We can have the SDP offer include a randomly-generated 
> key which
> > >    is used to key TLS PSK mode.
> > 
> > #2 would essentially re-invent Security Descriptions, wouldn't it?
> 
> Not really, no. 
> 
> 1. You would be secure from passive attack on unencrypted signalling
>    channels.

I read through RFC4279 ("PSK Ciphersuites for TLS") again, and I 
admit I still don't understand what you meant in your original 
reply when you wrote "key which is used to key TLS PSK mode".  You
meant something different from what I understood, because what I
understood was that you were going to send the PSK in SDP, which
would share most of the features and drawbacks of Security 
Descriptions.  You meant something else, but I can't tease apart
what you meant.

-d

> 2. You would have one-sided authentication immediately and two-sided
>    as soon as the 200 arrives, even with unencrypted signalling
>    channels.
> 3. The PSK would be used to add entropy to a media level key exchange
>    (RSA, DH, whatever) so you would have secure forking.
> 4. You wouldn't be carrying algorithm negotiation information 
> in the SDP,
>    just a random value.
> 
> 
> > Another technique is to stick the DTLS cookie into SDP 
> > (http://tools.ietf.org/html/rfc4347#section-4.2.1).  Or, if the
> > DTLS cookie is sacrosanct for DoS, an additional cookie could
> > be defined.
> 
> Why would this be superior?
> 
> -Ekr

Follow-Ups:
- Re: Early arriving media before 200 OK
  - From: Eric Rescorla

References:
- Re: Early arriving media before 200 OK
  - From: EKR

Prev by Date: Re: Early arriving media before 200 OK
Next by Date: Re: Early arriving media before 200 OK
Previous by thread: Re: Early arriving media before 200 OK
Next by thread: Re: Early arriving media before 200 OK
Index(es):
- Date
- Thread