Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros and cons)
Miika Komu <miika@iki.fi> Sun, 23 December 2007 21:01 UTC
Return-path: <p2psip-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J6XwX-0002Ig-RY; Sun, 23 Dec 2007 16:01:05 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J6XwW-0002IX-8o for p2psip@ietf.org; Sun, 23 Dec 2007 16:01:04 -0500
Received: from twilight.cs.hut.fi ([130.233.40.5]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1J6XwU-0003Yr-0H for p2psip@ietf.org; Sun, 23 Dec 2007 16:01:04 -0500
Received: by twilight.cs.hut.fi (Postfix, from userid 60001) id 0C5452F1B; Sun, 23 Dec 2007 23:01:01 +0200 (EET)
X-Spam-Checker-Version: SpamAssassin 3.2.3-niksula20070810 (2007-08-08) on twilight.cs.hut.fi
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=disabled version=3.2.3-niksula20070810
X-Spam-Niksula: No
Received: from kekkonen (kekkonen.cs.hut.fi [130.233.41.50]) by twilight.cs.hut.fi (Postfix) with ESMTP id 7A0E12EDE; Sun, 23 Dec 2007 23:00:52 +0200 (EET)
Date: Sun, 23 Dec 2007 23:00:52 +0200
From: Miika Komu <miika@iki.fi>
X-X-Sender: mkomu@kekkonen.cs.hut.fi
To: Eric Rescorla <ekr@networkresonance.com>
Subject: Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros and cons)
In-Reply-To: <20071218084807.4047C33C69@delta.rtfm.com>
Message-ID: <Pine.SOL.4.64.0712232239250.25393@kekkonen.cs.hut.fi>
References: <476697F2.4080903@uni-tuebingen.de> <0F3808C7-7BFA-4874-8105-A7AE3F4606A5@magma.ca> <20071218084807.4047C33C69@delta.rtfm.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 8abaac9e10c826e8252866cbe6766464
Cc: Henry Sinnreich <hsinnrei@adobe.com>, Philip Matthews <philip_matthews@magma.ca>, P2PSIP Mailing List <p2psip@ietf.org>
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
Errors-To: p2psip-bounces@ietf.org
On Tue, 18 Dec 2007, Eric Rescorla wrote: > At Mon, 17 Dec 2007 17:30:24 -0500, > Philip Matthews wrote: >> In all three proposals, media packets would flow directly between the >> X and Y, and not hop-by-hop around the overlay. So when ESP was used, >> there would be no need to use STRP for media, or TLS or DTLS for >> signaling. > > This is arguably a bug, not a feature. > > SRTP was explicitly designed to have very low overhead: just the > bits of the authentication tag itself, with no header, etc. The > rationale for this design was that RTP packets tend to be very > small and so the overhead for the header, IV, etc. was significant. > In cases where that type of constraint applies, then wrapping the > RTP in ESP would be bad. I think the difference is around 18 bytes: http://dasan.sejong.ac.kr/~wisa04/ppt/1A1.ppt In practice, the difference is insignificant according to these results: Bilien et at: Secure VoIP: call establishment and media protection: http://www.minisip.org/publications/secvoip-minisip-camera.pdf Currently, all three (public) HIP implementations support BEET-mode-ESP by default. It has exactly the same byte overhead as transport mode. -- Miika Komu http://www.iki.fi/miika/ _______________________________________________ P2PSIP mailing list P2PSIP@ietf.org https://www1.ietf.org/mailman/listinfo/p2psip
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Roy, Radhika R Dr CTR USA USAMC
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- [P2PSIP] HIP DHT interface (was HIP pros and cons) Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- [P2PSIP] RE: HIP DHT interface (was HIP pros and … Ahrenholz, Jeffrey M
- Re: [P2PSIP] RE: HIP DHT interface (was HIP pros … Ali Fessi
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Joakim Koskela
- Re: [P2PSIP] RE: HIP DHT interface (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons Palanisamy, Kandasamy (Kandasamy)
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Ahrenholz, Jeffrey M
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Fw: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- Re: [P2PSIP] Re: HIP pros and cons Ingmar Baumgart
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros and … Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- [P2PSIP] HIP performance concerns (was HIP pros a… Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … David Barrett
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Philip Matthews
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Philip Matthews
- RE: [P2PSIP] HIP performance concerns (was HIP pr… Henderson, Thomas R
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Hannes Tschofenig
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Philip Matthews
- RE: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Henderson, Thomas R
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons Brian Rosen
- RE: [P2PSIP] Re: HIP pros and cons Brian Rosen
- RE: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] HIP performance concerns (was HIP pr… Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Dan York
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons Salman Abdul Baset
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- FW: [P2PSIP] Re: HIP pros and cons Andrey Lukyanenko