Re: [rtcweb] UDP transport problem

On Feb 13, 2014, at 11:37 PM, Cb B <cb.list6@gmail.com> wrote:

> On Thu, Feb 13, 2014 at 2:32 PM, Ted Hardie <ted.ietf@gmail.com> wrote:
>> On Thu, Feb 13, 2014 at 1:20 PM, Cb B <cb.list6@gmail.com> wrote:
>>> 
>>> 
>>> But that's not the point.  The question is can we include native SCTP
>>> as an option in  draft-ietf-rtcweb-transports?  What is the downside?
>>> 
>>> CB
>> 
>> 
>> Howdy,
>> 
>> Given previous decisions of the working group, you would need to describe
>> how to provide confidentiality.  At the moment, I know only of TLS over SCTP
>> (which would reverse the current mapping) and SCTP over IPSec (which would
>> likely actually be IPSec/UDP); do you know of other methods which would keep
>> SCTP at the top layer of the protocol stack and still provide
>> confidentiality?
>> 
>> regarsd,
>> 
>> Ted
>> 
> 
> I believe the cleanest would be to do TLS over SCTP.  I understand
> that changes the top of the transport stack, and create variation.
> But, i don't think current SCTP over DTLS plan has won any beauty
> prizes.  If this is standards track work that must stand the test of
> time, TLS over SCTP seems appropriate.
Using TLS over SCTP as defined in
http://tools.ietf.org/search/rfc3436
doesn't support all features of SCTP, for example partial reliability,
and it doesn't scale well (It needs a TLS connection per bidirectional
stream, so per data channel in our case).
Using DTLS over SCTP resolves these issues:
http://tools.ietf.org/search/rfc6083

DTLS over SCTP is supported by OpenSSL.

Best regards
Michael
> 
> CB
> 
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
> 