- From: Eric Rescorla <ekr@rtfm.com>
- Date: Sat, 3 Sep 2011 08:14:13 -0700
- To: Justin Uberti <juberti@google.com>
- Cc: Bernard Aboba <bernard_aboba@hotmail.com>, rtcweb@ietf.org, public-webrtc@w3.org
On Fri, Sep 2, 2011 at 8:46 PM, Justin Uberti <juberti@google.com> wrote: > > > On Fri, Sep 2, 2011 at 8:13 PM, Bernard Aboba <bernard_aboba@hotmail.com> > wrote: >> >> > >> Section 5 in the WEBRTC spec >> > >> (http://dev.w3.org/2011/webrtc/editor/webrtc.html) discusses at >> > >> length a mechanism for transmitting and securing datagrams over the >> > >> PeerConnection transport. >> [BA] The objective here appears to be "masking" (e.g. to prevent sending >> of arbitrary datagrams) rather than providing a full set of security >> services. > > The current spec provides an encryption and authentication mechanism, in > addition to the masking. From the spec: "The data is made to appear > pseudo-random, so that it cannot be used in a cross-protocol attack, even if > somehow the stream were to be directed at an unsuspecting remote host. The > data is hashed in such a way that it cannot be modified in transit. That > data is encrypted so that it cannot be read in transit." I believe Justin is correct here: the protocol appears to be designed to provide rather more than masking. With that said, in my opinion it is likely not necessary to mask UDP data. Masking is designed to prevent cross-protocol attacks on intermediaries, which are not really a common feature of UDP data transmission (as opposed to HTTP intercepting proxies, which are quite common and for which masking was originally designed. -Ekr
Received on Saturday, 3 September 2011 15:16:53 UTC