RTCWEB M. Kaufman
Internet-Draft Skype
Intended status: Standards Track June 30, 2011
Expires: January 1, 2012
Client Security User Interface Requirements for RTCWEB
draft-kaufman-rtcweb-security-ui-00
Abstract
This document calls for a requirement to be imposed on RTCWEB client
user interfaces whereby the user may inspect the current media
security status.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 1, 2012.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Kaufman Expires January 1, 2012 [Page 1]
Internet-Draft Client Security UI for RTCWEB June 2011
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Security Inspector Requirements for Clients . . . . . . . . . . 3
3. Other Advantages . . . . . . . . . . . . . . . . . . . . . . . 4
4. Security Considerations . . . . . . . . . . . . . . . . . . . . 4
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 4
Kaufman Expires January 1, 2012 [Page 2]
Internet-Draft Client Security UI for RTCWEB June 2011
1. Introduction
RTCWEB clients - including, but not limited to web browsers - should
transmit and receive audio and video media over an encrypted channel
whenever practical. It is important for a user to be able to
determine the level of security provided for the currently-active
media channel(s). This document provides a set of requirements that
- if implemented - provide the user with that ability.
2. Security Inspector Requirements for Clients
A client MUST provide a user interface through which a user may
determine the security characteristics for the currently-audible
audio stream(s).
A client MUST provide a user interface through which a user may
determine the security characteristics for currently-visible video
stream(s).
A client MUST provide a user interface through which a user may
determine the security characteristics for transmissions of their
microphone audio.
A client MUST provide a user interface through which a user may
determine the security characteristics for transmissions of their
camera video.
The "security characteristics" MUST include an indication as to
whether or not the transmission is encrypted, and if so, a brief
description of the cipher in use. (For example: "AES-CBC" or "Null
Cipher".)
If the transmission is encrypted, the "security characteristics" MUST
include an indication as to the source of the keying material,
particularly whether the keying material was delivered out-of-band
(from a server) or was generated as a result of a pairwise
negotiation.
If possible for the cryptosystem in use, the "security
characteristics" MUST include information regarding the authenticity
of the far station identity. (For example, in the case of a self-
signed certificate with RSA key the contents of the certificate and
the key fingerprint.)
If possible for the cryptosystem in use, the "security
characteristics" SHOULD include a Short Authentication String which
may be used by the user to authenticate the far station identity and
Kaufman Expires January 1, 2012 [Page 3]
Internet-Draft Client Security UI for RTCWEB June 2011
keying integrity (specifically, the presence or lack of a man-in-the-
middle that may be in collusion with the service provider to attempt
to bypass authentication tests) by communicating this string out-of-
band with the far party.
If the transmission is encrypted, the "security characteristics"
SHOULD indicate whether or not the keying algorithm is able to
provide perfect forward secrecy.
In the case of a web browser client, the "display of security
characteristics" MUST take the form of an inspection panel or dialog
provided by the browser chrome, as any user interface rendered in-
browser cannot be sufficiently trusted.
3. Other Advantages
In addition to the security advantages provided to users, this
requirement will simplify debugging, particularly when building
interoperable clients.
4. Security Considerations
These requirements enhance the communication security experienced by
"interested users", that is to say users who are sufficiently careful
that they utilize these mechanisms to actually inspect the security
of their communications. Like the ability to inspect SSL
certificates for HTTPS/TLS connections, this ability is of little use
to those who do not actively choose to use it, but is critical to a
subset of the user population.
Author's Address
Matthew Kaufman
Skype
3210 Porter Drive
Palo Alto, California 95060
US
Phone: +1 831 440 8771
Email: matthew.kaufman@skype.net
Kaufman Expires January 1, 2012 [Page 4]