Re: [Perc] Request for decision review
Miguel París Díaz <mparisdiaz@gmail.com> Wed, 20 July 2016 14:35 UTC
Return-Path: <mparisdiaz@gmail.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C006312D834 for <perc@ietfa.amsl.com>; Wed, 20 Jul 2016 07:35:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2fE4CQgkDUUN for <perc@ietfa.amsl.com>; Wed, 20 Jul 2016 07:35:19 -0700 (PDT)
Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com [IPv6:2a00:1450:400c:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5370212D776 for <perc@ietf.org>; Wed, 20 Jul 2016 07:35:18 -0700 (PDT)
Received: by mail-wm0-x233.google.com with SMTP id i5so71923647wmg.0 for <perc@ietf.org>; Wed, 20 Jul 2016 07:35:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TOyPzMBOQ5ZeIj5pL5/R/e5NaZG9bR3MHWvjh5+McmI=; b=NK0BD+mTxnREg/kouqkoZ/CDQQnHnMZDMJNFWkRa9wBMrEuTMicppc2zmXzBqbycmr msr9IFsFTnBdgD8nLuJAoyI0wlaHBDQXnFu2Gx88n0qf0Op6DQnZxraquxVd5L6Nb3xY Zl9YI/CB8/GyAro/8uXachtP7qQuvGoPw8hOASH4Uw9pMNpmZ6q4d3RsnzP2fkeVd+S6 SbUq1S7U5lxpHiWCvIIRuaLOaWYxntL5fVjJh25TGt+MVLf8PnSw32vq79qlU0uw/lzC N4BC+bB+2EOxlq80YnWiraVW7ZX/dQkT8ejNva+jULYC6ngYkM14J12T+x3ejsTBMxKH K7CQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TOyPzMBOQ5ZeIj5pL5/R/e5NaZG9bR3MHWvjh5+McmI=; b=KEAo4H0DZWh9je56p0z18x+F5uqohoy3hntEEdgG2ByIyW6f+OeQJvgF20QAmwvoI/ C91K8FB0oF7v7RLvCcJyt+wTcKcAUJILOF2ZWRmB3ki53T2QONECruD4SHBBtTEPEy2M g2Qr2N60A+fJttchz0R7n/4R37Dlv6C7svM1b0zTJRG+28XezqhP3nLPM8/+3loweDOL yzCapBWMMRRdisHRN8f8Ab6hMpu0gWGYz1w995awf9hS9S3fjBgWJTr5aCgi09TxezBz fU810II1MqVuPMVkn6FuI2+TnbbXC0zpHBsh4QYRIsfZfjabPBiXcC36ijUtQ/UKrMT1 TygA==
X-Gm-Message-State: ALyK8tJuCgQrvwFQsWLc8atMLtDvNqNv2tQnWFWCaIFGoEeVc4XoFcNoi42FqU8LXttqgRn4TDYCNRMoLtKuYQ==
X-Received: by 10.194.243.2 with SMTP id wu2mr1661533wjc.104.1469025316521; Wed, 20 Jul 2016 07:35:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.117.67 with HTTP; Wed, 20 Jul 2016 07:35:15 -0700 (PDT)
In-Reply-To: <em62a54c9a-d3d4-4fe3-ba98-4baa44fef7e9@helsinki>
References: <CAEn+E3hH4pv7UUCrSKfK20x+KPGRC-hrP=O15--bfXBkmwcqEQ@mail.gmail.com> <em62a54c9a-d3d4-4fe3-ba98-4baa44fef7e9@helsinki>
From: Miguel París Díaz <mparisdiaz@gmail.com>
Date: Wed, 20 Jul 2016 16:35:15 +0200
Message-ID: <CAEn+E3jBd9u+ik8m-=eR86=htFvFtrN2z6b6RBoJxVOyo_Ynzw@mail.gmail.com>
To: "Paul E. Jones" <paulej@packetizer.com>
Content-Type: multipart/alternative; boundary="089e013d1d622850a50538121c2f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/PiPZrDPz9Q_ji87xPt8_X3xVmIY>
Cc: Adam Roach <adam@nostrum.com>, Eric Rescorla <ekr@rtfm.com>, Emil Ivov <emcho@jitsi.org>, "perc@ietf.org" <perc@ietf.org>, Cullen Jennings <fluffy@iii.ca>
Subject: Re: [Perc] Request for decision review
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jul 2016 14:35:30 -0000
Hello Paul, we rewrite the SSRC because currently it is the way to associate a MediaStreamTrack to an RTP stream. Analysing the case of video quality switching (simulcast): - Rewriting SSRCs at the SFU side improves the QoE a lot due the switch is transparent for the endpoint which receives the RTP stream, applies the JitterBuffer, decrypts it, creates encoded frames, decodes frames, applies sync-buffer (for interstream synchronization (typically audio and video)) and renders the video. So the logic in the client is quite easier and smooth when switchings. - If we do NOT do that, the another possibility (I didn't found others) is negotiating with the receiver N SSRCs (each one per quality) performing ON/OFF at the SFU side and doing the switching in the receiver. For doing that: - You have N MediaStreamTracks. - You have to detect at application layer when a MediaStreamTrack stops receiving media using getUserMedia API's events (which takes at least 500ms) - You have to detect the the new enabled MediaStreamTrack, which can take a lot of times due to JitterBuffer restarting, decoder restarting, etc. - You have to deal with audio-video synchronization that may be quite difficult. - The endpoint uses more resources (CPU and memory) - etc. - In conclusion it is a pain for the users because they see freeze video time to time (the QoE is very bad) - Rewriting timestamps is needed because there are usually some offsets between different qualities. 2016-07-20 14:34 GMT+02:00 Paul E. Jones <paulej@packetizer.com>: > Miguel, > > The current design of PERC is one where there is an E2E encryption step > using regular SRTP. An intermediary does not have the E2E keys and, > therefore, cannot change anything about the packet. Then, that packet is > encrypted HBH using a different key that the next hop device will have. > Assuming the next hop device is an MDD (nor "Media Distributor"), that > device could have the liberty of changing the sequence numbers and, in > fact, it will be obliged to do so if it does not always forward all of the > streams (since not forwarding some streams will mean the cryptographic > context gets out of sync). > > So in the typical case, the MDD will change the sequence number and might > insert a new header extension to carry the original value. It might also > change the payload type value. > > How, as the endpoint receives a packet, it will decrypt the HBH packet and > reconstruct the E2E packet using the OHB field. But what is there? Well, > it's the original packet as created by the sending endpoint. Even if we > change the SSRC or sequence number, the original values are there and > preserved. So, other than out of necessity (sequence number changed to > keep crypto context in sync and PT changed to ensure the right PT value is > received as expected), I'm still not convinced that changing the SSRC > really buys us anything. Sure, we could change it. We actually has space > in the OHB originally to allow that. But for what purpose? Changing or > not changing an SSRC value should not have any affect whatsoever on the > QoE. (I'm not saying the SSRC has no importance, but I question the need > to rewrite them.) > > I'm not sure how the other identifiers you mention might help improve > QoE. Maybe expand on that little? > > One important point to consider in all of this is that WebRTC browsers > MUST be PERC-aware, else they cannot participate in conferences. If > they're not PERC-aware, then there would have to be a middlebox that > "downgrades" for those older browsers and it can rewrite whatever it wants, > since it would be in possession of keys and would strip off one layer of > encryption to produce a legacy SRTP flow (or no SRTP at all). > > Paul > > ------ Original Message ------ > From: "Miguel París Díaz" <mparisdiaz@gmail.com> > To: "Emil Ivov" <emcho@jitsi.org> > Cc: "Eric Rescorla" <ekr@rtfm.com>; "Paul E. Jones" <paulej@packetizer.com>; > "Adam Roach" <adam@nostrum.com>; "perc@ietf.org" <perc@ietf.org>; "Cullen > Jennings" <fluffy@iii.ca> > Sent: 7/20/2016 6:56:59 AM > Subject: Re: [Perc] Request for decision review > > > Hello everybody, > I understand the point of Emil because as implementer I am worried about > having hard restrictions which avoid or hinder the implementation of > features requested by the market, and this could make PERC unusable. > > So I think that firstly we should reach consensus about which features or > uses cases must be allowed to be implemented and then discuss the low level > details taking into account that we won't can add restrictions which avoid > these features. > This may also apply to others WGs and not only to PERC. Even having > support for rid, mid, etc. could ease the design of PERC. > > Ones of the features affected with the current status are: > 1 - Video quality switching (simulcast) > 2 - Dominant Speaker switching > > These features must also offer an high QoE for the users. For that, the > experience tells me that it should be performed in the SFU side. In our > current implementation: > 1 - Video quality switching (simulcast) is performed rewriting SSRCs, > seqnums and timestams > 2 - Dominant Speaker switching is performed rewriting SSRCs, seqnums > andt timestams. Notice that it would be consider and attack [1] > <https://tools.ietf.org/html/draft-mattsson-perc-srtp-cloud-01#section-7.2.4> > when it is the best way (easy, efficient and > with high QoE) we found to implement this feature. > > This is working in the WebRTC context using endpoints like Chrome or > Firefox. To implement them following current PERC status: > Could (1) be implemented without SSRCs rewriting and using RID instead? > I think so, but should be ensure that endpoints support that before make > SSRC immutable? > Could (2) be implemented without SSRCs rewriting and using MID instead? > Could (2) be implemented even without adding a specific RTP stream using > idea [2] > <https://www.ietf.org/mail-archive/web/mmusic/current/msg16611.html>? > I think so, but should be ensure that endpoints support that before make > SSRC immutable? > > These questions tell me that if endpoints does not support them, features > requested by the market and PERC will be incompatible :S. > > Best regards!! > > Refs > [1] > https://tools.ietf.org/html/draft-mattsson-perc-srtp-cloud-01#section-7.2.4 > [2] https://www.ietf.org/mail-archive/web/mmusic/current/msg16611.html > > 2016-05-26 1:12 GMT+02:00 Emil Ivov <emcho@jitsi.org>: > >> >> >> On Wednesday, 25 May 2016, Eric Rescorla <ekr@rtfm.com> wrote: >> >>> >>> >>> On Wed, May 25, 2016 at 1:43 PM, Emil Ivov <emcho@jitsi.org> wrote: >>> >>>> >>>> >>>> On 25.05.16 г. 15:20, Paul E. Jones wrote: >>>> >>>>> Emil, >>>>> >>>>> You are saying that endpoints would negotiate via signaling which SSRC >>>>> value(s) to use before actually joining the conference? >>>>> >>>> >>>> It's awesome how you would always attribute to me the least appealing >>>> of all possible interpretations :). >>>> >>>> Whether or not we negotiate SSRCs should not be within PERC's scope. >>>> For the record this is how WebRTC works anyway (courtesy of some of the >>>> people on this list) but the matter is completely orthogonal to PERC. >>>> >>>> What I was suggesting is the possibility for PERC endpoints and MDD to >>>> negotiate whether or not they will be dealing with a single end-to-end SSRC >>>> space, or whether they will have separate HBH and E2E SSRC spaces. >>>> >>>> This way you get to only implement the single end-to-end option in your >>>> endpoints and to not support the other one. >>>> >>>> Does this make more sense? >>>> >>>> That doesn't strike me as terribly appealing, honestly. Between that >>>>> and the pain of dealing with conflicting SSRCs, I might favor the >>>>> latter. What I'd prefer most, though, is neither and just let >>>>> endpoints >>>>> do their thing. >>>>> >>>>> I'd still like to hear confirmation that receiving browsers will >>>>> definitely be doing the right thing w.r.t. receiving simulcast streams. >>>>> Adam seemed to suggest Firefox will be doing the right thing (probably >>>>> before PERC is done). What about popular browsers? >>>>> >>>> >>>> I think at this point the answers that I've heard are for both >>>> browsers: we are not doing this now. >>> >>> >>> As far as Firefox goes, we're not doing this now because PERC isn't >>> ready. >>> >> >> So you are saying that simulcast itself is not a good enough reason to >> implement receiver-side simulcast support ... but a minor optimization >> to PERC is ... >> >> Obviously I don't need to be explained the reasoning. I am glad you have >> this plan. >> >> I only wish we would have a clearer view of everyone's intended delivery >> dates since we are about to block PERC on them. >> >> >> We're looking at it soon and plan to try to implement it pretty much as >>> soon as it's baked enough to do. >>> >>> >>> it's not part of webrtc 1.0. >>> >>> >>> Is it even something that could be in WebRTC 1.0? I.e., does it require >>> changes? >>> >> >> How would you tell FF what group an RID corresponds to? >> >> Emil >> >>> >>> >>> >>> >>>> we'd like to do it in the future. >>>> >>> >>> Yes. >>> >>> -Ekr >>> >>> >>> >>> >>>> What I'd like to avoid is PERC having a firm dependence on this last >>>> statement and for it to only be usable when it comes true. >>>> >>>> Emil >>>> >>>> >>>>> Paul >>>>> >>>>> ------ Original Message ------ >>>>> From: "Emil Ivov" <emcho@jitsi.org> >>>>> To: "Paul E. Jones" <paulej@packetizer.com> >>>>> Cc: "Adam Roach" <adam@nostrum.com>; "Cullen Jennings" <fluffy@iii.ca >>>>> >; >>>>> perc@ietf.org >>>>> Sent: 5/25/2016 2:23:43 PM >>>>> Subject: Re: [Perc] Request for decision review >>>>> >>>>> Paul, >>>>>> >>>>>> I have answered your points below but we did gloss over the suggestion >>>>>> I made and I consider it important: >>>>>> >>>>>> We can allow SSRC rewriting and make it negotiable by signalling. This >>>>>> way SFUs can state they support rewriting/immutability/both and >>>>>> endpoints can choose to use what's available or reject the session as >>>>>> unsupported. >>>>>> >>>>>> I believe this should address the concerns that have been expressed so >>>>>> far. >>>>>> >>>>>> Now for the rest of the points: >>>>>> >>>>>> On 25.05.16 г. 7:22, Paul E. Jones wrote: >>>>>> >>>>>>> Emil, >>>>>>> >>>>>>> Since we are not enforcing a requirement that endpoints select a >>>>>>>>> distinct SSRC per media flow, there is a potential conflict in the >>>>>>>>> number space used E2E. >>>>>>>>> >>>>>>>> >>>>>>>> As I have been insisting many times already: We have the option to >>>>>>>> mandate that SFUs preserve the SSRC space. That's not hard to >>>>>>>> implement. It's not a great option but it is a possibility. >>>>>>>> >>>>>>>> We can also say that whether or not SFUs do that rewrite is a >>>>>>>> feature >>>>>>>> that has to be signalled so clients can choose whether to support it >>>>>>>> or not. This should address your concern. >>>>>>>> >>>>>>> >>>>>>> The SFU has nothing to do with the E2E SSRC collision problem. When >>>>>>> an >>>>>>> endpoints sends out an RTP packet and it goes though an SFU that >>>>>>> changes >>>>>>> the SSRC, there is a HBH SSRC and an E2E SSRC. I fully agree that >>>>>>> the >>>>>>> SFU can ensure that the HBH SSRCs do not collide, but it cannot >>>>>>> control >>>>>>> the fact that the E2E SSRCs collide. >>>>>>> >>>>>> >>>>>> The SFU has everytihng to do with the E2E collision problem and it's >>>>>> potential solutions. What you describe is one way to handle things. >>>>>> Another one would be to just make SSRC conflicts obvious to senders so >>>>>> that they would apply 3550 resolution. That's pretty easy to >>>>>> implement. >>>>>> >>>>>> The 64 bit identifier is just a hack to work >>>>>>>>> around that problem. If the problem didn't exist, we could use SSRC >>>>>>>>> values to look up the context as it was I intended in SRTP. >>>>>>>>> >>>>>>>> >>>>>>>> E2E PERC is NOT SRTP. We may choose to make it look like it is and I >>>>>>>> see why that is appealing but not doing it is by no means "a hack". >>>>>>>> >>>>>>> >>>>>>> Of course it's SRTP. It just happens to be two passes of SRTP, but >>>>>>> it's >>>>>>> nonetheless SRTP. >>>>>>> >>>>>> >>>>>> Exactly! And two passes of SRTP happen to NOT be SRTP as in: no stock >>>>>> SRTP endpoint would do anything meaningful with them. So what you are >>>>>> looking is to just optimize implementations, which is relevant but not >>>>>> the primary concern. >>>>>> >>>>>> What PERC is adding are some additional steps between >>>>>>> each pass for HBH authentication of packets at the sender (and the >>>>>>> reverse at the receiver). The MDD doesn't have two steps: it just >>>>>>> does >>>>>>> one normal SRTP decryption for the packet received and one SRTP >>>>>>> encryption step sending the packet. The only special requirement >>>>>>> PERC >>>>>>> introduces is that if the MDD changes either the PT field or sequence >>>>>>> number, the original values have to be added to the packet inside an >>>>>>> RTP >>>>>>> header extension called OHB (if not already present). >>>>>>> >>>>>>> >>>>>>> The problem with using a 64 bit value is that any existing SRTP >>>>>>>>> library >>>>>>>>> would have to change to associate the context that way. >>>>>>>>> >>>>>>>> >>>>>>>> So just to be clear ... we are lamenting about changing an int to a >>>>>>>> long? >>>>>>>> >>>>>>> >>>>>>> No, lamenting that this would not align with what RFC 3711 says to >>>>>>> use >>>>>>> to identify the context. >>>>>>> >>>>>> >>>>>> Again, 3711 applies to HBH. We are trying to reuse as much of it for >>>>>> E2E as possible and that's admirable but it's not a reason why we >>>>>> should significantly disrupt existing implementations. >>>>>> >>>>>> Further, if we >>>>>>>>> wish to break up the PERC processing into two steps, that HBH SSRC >>>>>>>>> would >>>>>>>>> have to be extracted and passed in by the application. While I >>>>>>>>> think the >>>>>>>>> intent with Double is for this to be an autonomous operation, it >>>>>>>>> might >>>>>>>>> not be implemented that way for two reasons: >>>>>>>>> 1) If there is a desire to do HBH FEC, the process might be to >>>>>>>>> encrypt >>>>>>>>> E2E -> FEC -> HBH. So the second call to the SRTP library would >>>>>>>>> need >>>>>>>>> that HBH SSRC passed in when doing these steps in reverse to >>>>>>>>> introduce >>>>>>>>> that 64-bit context ID. >>>>>>>>> >>>>>>>> >>>>>>>> Em ... you'd have to explain this in a bit more detail because I >>>>>>>> fail >>>>>>>> to see how FEC is any different than regular media. As you say it >>>>>>>> yourself, it all just works out properly as long as you do your FEC >>>>>>>> after E2E and before HBH as that way the SFU would be able to de- or >>>>>>>> re-FEC. >>>>>>>> >>>>>>> >>>>>>> Historically, there were two options for FEC. Either we do FEC first >>>>>>> and then SRTP, or SRTP first then FEC. The order has to match at >>>>>>> both >>>>>>> the sender and receiver. Either way, it generally makes very little >>>>>>> difference. >>>>>>> >>>>>>> An MDD might want to be a good citizen and reconstruct lost packets >>>>>>> before sending a stream to a receiver. In order to do that, the >>>>>>> sender >>>>>>> will either need to do SRTP (both passes) then FEC or it could do the >>>>>>> first SRTP pass (the E2E encryption pass) then FEC then SRTP for the >>>>>>> HBH. It really depends on what we want that FEC flow to look like. >>>>>>> Do >>>>>>> we want it to be FEC over a bunch of E2E+HBH encrypted packets or >>>>>>> just >>>>>>> over the E2E packets. (The latter would be parallel to the current >>>>>>> FEC >>>>>>> order of "FEC then SRTP". >>>>>>> >>>>>>> So, thinking of how this might be implemented in an SRTP library, if >>>>>>> we >>>>>>> allow the SRTP(E2E)+FEC+SRTP(HBH) option for FEC order, then when the >>>>>>> application encrypts the packet, it would pass the packet into the >>>>>>> SRTP >>>>>>> libtary once to encrypt HBH. >>>>>>> >>>>>> >>>>>> You mean E2E here. >>>>>> >>>>>> It then does whatever FEC processing it >>>>>>> wants, then it calls into the SRTP library again to encrypt the >>>>>>> second >>>>>>> pass (HBH pass). It could be two entirely instances of the SRTP >>>>>>> library >>>>>>> that handles each pass. On the MDD, it decrypts the flow and does >>>>>>> whatevever FEC magic it wants to do. There is only one SRTP >>>>>>> operation >>>>>>> at the MDD, so no problem. At the receiver, it decrypts the packet >>>>>>> received using HBH decryption. It then does whatever FEC processing >>>>>>> it >>>>>>> needs to do. Next, it would call into the SRTP library to decrypt >>>>>>> for >>>>>>> E2E. If the SSRCs never change, this works fine. One could >>>>>>> implement >>>>>>> this using two instances of an SRTP library today. If a single >>>>>>> library >>>>>>> is used, then the only requirement is to ensure the second call into >>>>>>> the >>>>>>> library does not encounter issues with the replay database (since it >>>>>>> might otherwise think it's a replayed packet). In either case, the >>>>>>> crypto context would be looked up as per RFC 3711 using SSRC. If, >>>>>>> however, the SSRC value is allowed to change, then the second call >>>>>>> into >>>>>>> the SRTP library (same or different instance of the library) would >>>>>>> be a >>>>>>> problem since Alice and Bob both used SSRC 1. The collision is >>>>>>> going to >>>>>>> prevent the library from working properly. >>>>>>> >>>>>> >>>>>> I still fail to see how FEC changes any of this (for better or worse). >>>>>> The problem you describe here is exactly the same with or without FEC >>>>>> and it's what we are having the argument about. >>>>>> >>>>>> If we take the approach of using a 64-bit identifier (in contradiction >>>>>>> to RFC 3711) >>>>>>> >>>>>> >>>>>> :) ... It is NOT in contradiction with 3711 because layers of >>>>>> encryptions are not part of 3711. We simply need to set the >>>>>> expectations right for implementers. >>>>>> >>>>>> to identify the crypto context, then we would need to pass >>>>>>> that identifier into the SRTP library when attempting to decrypt the >>>>>>> packet, because it could not simply discover it by looking at the >>>>>>> packet >>>>>>> (which it could do normally since the SSRC value is right there in >>>>>>> the >>>>>>> packet). It would be necessary to make a call like >>>>>>> srtp_unprotect(context, packet, stream_identifiier) (where >>>>>>> stream_identifier is something that identifies the stream other than >>>>>>> the >>>>>>> SSRC per 3711, like E2E_SSRC || HBH_SSRC). >>>>>>> >>>>>>> A beautiful thing about SRTP today >>>>>>> >>>>>> >>>>>> You mean PERC here and not SRTP (even if PERC does simply apply a >>>>>> second srtp unprotect it is still not stock 3711). >>>>>> >>>>>> is the library can operate on streams >>>>>>> without the application having to pass in such identifiers. The >>>>>>> stream >>>>>>> is self-identifying. But, we lose that elegance when we modify the >>>>>>> SSRC >>>>>>> in the MDD when we break the operation into two passes to handle this >>>>>>> FEC order. >>>>>>> >>>>>> >>>>>> So we have an aesthetic concern because we have to change int-s to >>>>>> long-s and that's why we are having a 100 mail thread. I am >>>>>> speechless. >>>>>> >>>>>> 2) It might be desirable to implement the PERC logic by just having a >>>>>>>>> two-step wrapper around the existing SRTP library to avoid making >>>>>>>>> changes to the core library. (I'd prefer built-in support for >>>>>>>>> Double, >>>>>>>>> but I can appreciate how some might prefer to not change an >>>>>>>>> otherwise >>>>>>>>> working library.) >>>>>>>>> >>>>>>>> >>>>>>>> As I said, being able to reuse SRTP libraries with no change is a >>>>>>>> great optimization if we get it but I really don't think the >>>>>>>> alternative is anywhere near the complexity that would justify >>>>>>>> banning >>>>>>>> SSRC re-writing. >>>>>>>> >>>>>>> >>>>>>> At least we agree that it would be a good goal to find an approach >>>>>>> that >>>>>>> would eliminate or minimize changes to the SRTP logic. :) >>>>>>> >>>>>>> Now to the complexity part... that's in the thread you're having with >>>>>>> Cullen which, as I understand, is an expression of a concern that >>>>>>> receiving endpoints are not going to properly handle multiple >>>>>>> simulcast >>>>>>> streams coming toward them. >>>>>>> >>>>>>> Since I don't work for a browser vendor, I cannot speak to their >>>>>>> plans. >>>>>>> I can only assume that proper handling of received simulcast flows >>>>>>> would >>>>>>> be implemented per the current drafts. And if that's the case, then >>>>>>> I >>>>>>> don't think changing the SSRC would be needed. If receiving >>>>>>> endpoints >>>>>>> fail to do that, then you're right that this could be a problem. >>>>>>> >>>>>> >>>>>> Let's be clear on this. There is absolutely nothing wrong or standard >>>>>> breaking in the way browsers handle simulcast reception today. They >>>>>> are simply not simulcast aware and the SFU hides it from them. >>>>>> >>>>>> There is no reason why that would be labelled a bad practice even when >>>>>> RID does go through all of the IETF process. >>>>>> >>>>>> Also, the availability of this option (simulcast unaware receivers) >>>>>> and its existence today make the motivation for RID support on the >>>>>> receiving end pretty low. It does not give you anything extra in terms >>>>>> of functionality. There are no substantial benefits from doing it (and >>>>>> no it doesn't allow for significantly simpler SFUs ... those would >>>>>> still have to keep 95% of their existing logic). We can decide to make >>>>>> PERC dependent on it and hope that this would sway all browser vendors >>>>>> ... or we could also try to lower the burden on PERC adoption. >>>>>> >>>>>> Again, as stated in the beginning of this mail: it sounds like a >>>>>> compromise may lie in the option for PERC to allow an SSRC rewriting >>>>>> mode combined with the option for endpoints to not support it. In >>>>>> other words we can have part of the PERC signalling indicate whether >>>>>> the client and the server support these modes and whether they use >>>>>> them. This is not beautiful (by any means) but it wouldn't prevent >>>>>> either of us to do things their way. >>>>>> >>>>>> Emil >>>>>> -- https://jitsi.org >>>>>> >>>>> >>>>> >>>>> >>>> -- >>>> https://jitsi.org >>>> >>>> _______________________________________________ >>>> Perc mailing list >>>> Perc@ietf.org >>>> https://www.ietf.org/mailman/listinfo/perc >>>> >>> >>> >> >> -- >> sent from my mobile >> >> _______________________________________________ >> Perc mailing list >> Perc@ietf.org >> https://www.ietf.org/mailman/listinfo/perc >> >> > > > -- > Miguel París Díaz > ------------------------------------------------------------------------ > Computer/Software engineer. > Researcher and architect in http://www.kurento.org > http://twitter.com/mparisdiaz > ------------------------------------------------------------------------ > > -- Miguel París Díaz ------------------------------------------------------------------------ Computer/Software engineer. Researcher and architect in http://www.kurento.org http://twitter.com/mparisdiaz ------------------------------------------------------------------------
- Re: [Perc] Request for decision review Miguel París Díaz
- Re: [Perc] Request for decision review Roni Even
- Re: [Perc] Request for decision review David Benham (dbenham)
- Re: [Perc] Request for decision review Roni Even
- Re: [Perc] Request for decision review David Benham (dbenham)
- Re: [Perc] Request for decision review Roni Even
- Re: [Perc] Request for decision review David Benham (dbenham)
- Re: [Perc] Request for decision review Roni Even
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Miguel París Díaz
- Re: [Perc] Request for decision review Bernard Aboba
- [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Adam Roach
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Bernard Aboba
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Bernard Aboba
- Re: [Perc] Request for decision review Cullen Jennings
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Adam Roach
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Eric Rescorla
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Emil Ivov
- Re: [Perc] Request for decision review Paul E. Jones
- Re: [Perc] Request for decision review Bernard Aboba
- Re: [Perc] Request for decision review Miguel París Díaz