IETF Logo Mail Archive

Re: [rtcweb] SRTP not mandatory-to-use

Randell Jesup <randell-ietf@jesup.org> Tue, 03 January 2012 19:58 UTC

Return-Path: <randell-ietf@jesup.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 313E31F0C3B for <rtcweb@ietfa.amsl.com>; Tue, 3 Jan 2012 11:58:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.554
X-Spam-Level:
X-Spam-Status: No, score=-1.554 tagged_above=-999 required=5 tests=[AWL=-0.445, BAYES_05=-1.11]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XG6IzWFK7t7w for <rtcweb@ietfa.amsl.com>; Tue, 3 Jan 2012 11:58:30 -0800 (PST)
Received: from r2-chicago.webserversystems.com (r2-chicago.webserversystems.com [173.236.101.58]) by ietfa.amsl.com (Postfix) with ESMTP id A3CAC1F0C3E for <rtcweb@ietf.org>; Tue, 3 Jan 2012 11:58:30 -0800 (PST)
Received: from pool-173-49-135-74.phlapa.fios.verizon.net ([173.49.135.74] helo=[192.168.1.12]) by r2-chicago.webserversystems.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <randell-ietf@jesup.org>) id 1RiAVC-0002Xe-1N for rtcweb@ietf.org; Tue, 03 Jan 2012 13:58:30 -0600
Message-ID: <4F035DD5.3050305@jesup.org>
Date: Tue, 03 Jan 2012 14:58:13 -0500
From: Randell Jesup <randell-ietf@jesup.org>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <CAErhfrwu322=HTS0JZhum9EGfb73KmYS6CU_KMESyzEWhtvg2w@mail.gmail.com> <CABcZeBOeg-O+6===5tk0haxC8nLxUQyEUFRES2FAoFEf00fKng@mail.gmail.com> <CAErhfrxTKdo7Z+61x5ZcDt5ZM7C7ob5LNxMzwng_kk3Uqrp2_Q@mail.gmail.com> <4F01A790.4060704@alvestrand.no> <4F02A061.60905@jesup.org> <E44893DD4E290745BB608EB23FDDB762141EF8@008-AM1MPN1-042.mgdnok.nokia.com>
In-Reply-To: <E44893DD4E290745BB608EB23FDDB762141EF8@008-AM1MPN1-042.mgdnok.nokia.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r2-chicago.webserversystems.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jesup.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: Re: [rtcweb] SRTP not mandatory-to-use
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jan 2012 19:58:31 -0000

On 1/3/2012 7:55 AM, Markus.Isomaki@nokia.com wrote:
> Hi,
>
> Randell Jesup wrote:
>>
>> I'll also note a 180MHz MIPS processor is very slow by modern standards.
>>   Our "lowest-spec" CPU should probably be the equivalent of a 300MHz ARM
>> (and that's arguably too low, perhaps significantly too low).
>>
>
> Looking at the specs of any recent smartphones with Wi-Fi and/or 3G connectivity, even the low-end ones seem to have at least 600 MHz ARM. Anything that I could imagine running WebRTC, in terms of real products, will have an even faster CPU.
>
> Nokia has had phones with SIP and SRTP for several years, so I doubt that will be an issue. It's all the other stuff that WebRTC will need that will be much more challenging.

I chose 300MHz because that's the speed of the ARM in a first-generation 
DaVinci and some of the older OMAPs I believe.  Agreed, not really 
current devices likely to get webrtc - though support for lower-spec 
devices does enable people wanting to build really inexpensive web 
devices (wired or wireless).  And lower overhead also means lower 
battery use (though Justin reminds me that the CPU isn't the limiting 
factor here usually; it's the display and wireless link).

I should note that audio SRTP overhead isn't really the issue; it's the 
overhead for encrypting/decrypting far larger streams of video, and the 
SRTP overhead is (mostly) proportional to bitrate, so large resolution 
and/or low-compression streams will use more overhead.

Note: while I'm discussing nits here, I am in overall favor of 
SRTP-required, if for no other reason than to head off bid-down attacks. 
  I'd love to have the option of not using it in very specific scenarios 
(PSTN gateway, internal corporate network or one with an PBX that 
doesn't support a keying scheme we do), but I've yet to see a solution 
for those that doesn't hurt other use-cases.  (And I've tried to find a 
way.)

(And yes, SRTP doesn't help you much if you're MITM'd - see ekr's 
identity stuff & BrowserID for that.)

-- 
Randell Jesup
randell-ietf@jesup.org

v2.23.0 | Report a Bug | By Email