"With DTLS-SRTP content interception will always be _possible_ to detect (e.g. by comparing session IDs) and when coupled with something like Persona (BrowserID) MITM becomes infesable."
I don't think this is correct.
1) interception is usually about passively recording something. It is totally possible for some party to intercept a DTLD-SRTP session without being noticed. The session would just be encrypted. So it depends on how much CPU power or knowledge about crypto or protocol vulnerabilities the attacker has to turn that intercepted encrypted session into something useable.
2) Persona does not prevent against MITM. It operates at a completely different level. At is basics it is just a mechanism to get a verified email address from a user.
You are correct about SDES and signaling servers. Unfortunately you always need someone in the middle because even in 2013 probably 99.9% of 'things' on the internet are behind NAT.
There are probably secure options to encrypt the SDES before it goes via the signaling server but nobody has really explored that fully.
You may have adopted a somewhat definition of interception then I was intending there. Certainly it will not prevent traffic analysis but the content of the communication can not be discerned by a computationally bounded adversary under the assumption that the underlying cryptography is secure (and if it isn't... there are bigger issues). Modern cryptography isn't something you just wave CPU power at: the energy required to crack these constructs via brute force on non-reversible computers is not currently available to man kind.
> 2) Persona does not prevent against MITM.
Persona is, effectively, a distributed PKI system that binds ephemeral signing keys to a human recognizable identity. There is, in fact, a draft on using Persona (or any other cryptographic identity service) to authenticate the WebRTC session IDs: http://tools.ietf.org/html/draft-rescorla-rtcweb-generic-idp... but it only protects against server-cooperating MITM if DTLS-SRTP is used and not SDES.
> Unfortunately you always need someone in the middle because even in 2013 probably 99.9% of 'things' on the internet are behind NAT
Having a signaling intermediary and and ICE/TURN service to get past NAT is completely orthogonal to having ephemerally keyed end-to-end encryption which cannot be tampered with by site controlled JS.
With DTLS-SRTP you can have a conversation signaled and NAT traversed by, say, Facebook which cannot be spied on by Facebook without— at a minimum— causing the two endpoints to show and record different session fingerprints making any interception detectable.
I don't think this is correct.
1) interception is usually about passively recording something. It is totally possible for some party to intercept a DTLD-SRTP session without being noticed. The session would just be encrypted. So it depends on how much CPU power or knowledge about crypto or protocol vulnerabilities the attacker has to turn that intercepted encrypted session into something useable.
2) Persona does not prevent against MITM. It operates at a completely different level. At is basics it is just a mechanism to get a verified email address from a user.
You are correct about SDES and signaling servers. Unfortunately you always need someone in the middle because even in 2013 probably 99.9% of 'things' on the internet are behind NAT.
There are probably secure options to encrypt the SDES before it goes via the signaling server but nobody has really explored that fully.