[rtcweb] WebRTC-SIP interop: and why SDES-SRTP is a need

Iñaki Baz Castillo <ibc@aliax.net> Tue, 03 April 2012 13:13 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 7E69821F86BD for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 06:13:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.638
X-Spam-Status: No, score=-2.638 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 3XeoEPViN-2Y for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 06:13:40 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com []) by ietfa.amsl.com (Postfix) with ESMTP id BD41C21F86B3 for <rtcweb@ietf.org>; Tue, 3 Apr 2012 06:13:40 -0700 (PDT)
Received: by vcbfk13 with SMTP id fk13so2826817vcb.31 for <rtcweb@ietf.org>; Tue, 03 Apr 2012 06:13:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type :content-transfer-encoding:x-gm-message-state; bh=QnPfSkt6luw9YbHaG1Qd9Wm2iEUf8lj3aCNq5rX8RZQ=; b=YprcdZ/ZsVItSwDAVEkZdw6c7SCqz/ay5WM7m7qHzuYHjmpX9ikewwaAXaZKH80KgW 3ayatTC942EkQeGt4tMCfqKbmdYM2BefppeyOad6c4uA00EatTaNi5o2vjOwPX1jb8pF hYkjvWiGm4eEqDUmASBZxhVEia5GxyNQ0QsMSz2m/tmg4C3UgJrRV5vaW1qfqGC5GmjP ribzNvOdTkQ2bsR1phCdqWGZhFNBLFkHQY9Dxg4OgCca0Qfg0wPyImSfti8s8bL1aS59 LUHi5SrLNc5nEobLT1CuST6waxJDkXzqe5pFUwHE5IWeOmAZV1vn5CfT54rVknhAzjA0 qidw==
Received: by with SMTP id j4mr6263002vcu.22.1333458820169; Tue, 03 Apr 2012 06:13:40 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Tue, 3 Apr 2012 06:13:20 -0700 (PDT)
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Tue, 03 Apr 2012 15:13:20 +0200
Message-ID: <CALiegfmz6tgm9WF3KWEK5qwaBGADKFyit=egB36zkjZXNKdeHw@mail.gmail.com>
To: rtcweb@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQmwtWZlKEtsM+Fq6xleV1/fYbUtQd9RL+38qfJ3ED69nbI1py76rJXmoYM6YzdIqGElSd4E
Subject: [rtcweb] WebRTC-SIP interop: and why SDES-SRTP is a need
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 13:13:41 -0000

Hi all,

I've made two "pictures" showing WebRTC and SIP interop for two cases:

1) SDES-SRTP is allowed in WebRTC:

2) Just DTLS-ETK-SRTP is allowed in WebRTC [*]

[*] slides 30-35 in

For those claiming to mandate *just* DTLS-EKT-SRTP in WebRTC, please
see the *cost* of such a decision, and also:

- Thanks for requiring a super Signaling+Media B2BUA/SBC in WebRTC/SIP
interop scenarios. Some vendors will be very happy and will become
very rich. Such a super device (also a DTLS to SDES conversor,
including DTLS key updates to re-INVITE) will be "a bit"... expensive.

- Thanks for disallowing *pure* SIP protocol usage (and instead
requiring SIP B2BUAs/SBCs or custom WebRTC signaling to SIP conversion
gateways). WebRTC is supposed to let the signaling protocol up to the
application, but pure SIP protocol will not be possible since a SIP
B2BUA/SBC is required, and those devices always break/limit the SIP
protocol (*always*).

So IMHO, option 2 ("just DTLS-EKT-SRTP is allowed in WebRTC") is The Barrier.

Best regards.

PS: Note that the same is true for WebRTC/XMPP-Jingle interop.

Iñaki Baz Castillo