Re: [rtcweb] WebRTC-SIP interop: and why SDES-SRTP is a need

Iñaki Baz Castillo <> Thu, 05 April 2012 09:04 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0550621F85D4 for <>; Thu, 5 Apr 2012 02:04:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.041
X-Spam-Status: No, score=-2.041 tagged_above=-999 required=5 tests=[AWL=-0.564, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_39=0.6, J_CHICKENPOX_44=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EJfTnTGEBgAx for <>; Thu, 5 Apr 2012 02:04:43 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id D027921F8709 for <>; Thu, 5 Apr 2012 02:04:37 -0700 (PDT)
Received: by vbbez10 with SMTP id ez10so1006522vbb.31 for <>; Thu, 05 Apr 2012 02:04:37 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=Fsb1O7M5sF/GK3BM+29KYZUJa7ETIDR4L8mvebJ2e8Q=; b=VT0MfgVKLWCRsPrRbBxCDkD9l0EjdSPqZbPeGBZ0iH6NZG7qSbKyxqRjC0toTsObAg 8xA5m+Ln20TbGsJWdgZWVus+qnMqvD8XDwLvJ5DmzvYHOVwGeeMCrv0vwp3q0nbrpdna I7PJ0OSMqli8wu5mqmdcpK81qV0ca3kAVxEp32F2jqpHsJYVBOyskby5VAOH1xnfda6N NdMU9d5mITjb1S+Uvt+lDRfApzDKQJXOCLLsgqYbINhCsu2ADkF9AoeAGFhGt7kK2Y8l zrJGVLUqvty4wg2O9ECDxvTWLTu1F+eVmSm1Vgf49Le1DYNnnjggH9vqTGKks5LmwIvi Volw==
Received: by with SMTP id df9mr1073040vdb.119.1333616677202; Thu, 05 Apr 2012 02:04:37 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Thu, 5 Apr 2012 02:04:17 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <>
From: Iñaki Baz Castillo <>
Date: Thu, 05 Apr 2012 11:04:17 +0200
Message-ID: <>
To: Roman Shpount <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQnC1+t2BTaMNsfgcO4ncXx5wJYrScbUHoWKneid0Vdr2vn43P50x0f0yIPOnBcugx5I1jso
Subject: Re: [rtcweb] WebRTC-SIP interop: and why SDES-SRTP is a need
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 05 Apr 2012 09:04:44 -0000

2012/4/5 Roman Shpount <>:
> On the more serious note, very few SIP end points offer working ICE support.
> So, in a large sense, interop with them is not an option.

For me there is a BIG difference when a kind of B2BUA is required
(which involves signaling "transaction"). That's the barrier IMHO.

ICE support can be implemented in a ICE-Lite RTP/SRTP proxy, see:

The problem arises when media encrypt/decrypt is required, and evenr
more when a key update in RTP (like the DTLS EKT update) must be
converted into a signaling re-INVITE by a super Signaling+Media B2BUA:

> Out of the ones
> that do support ICE and SRTP, very few are actually connected directly to a
> public internet. Most of them are connected to some sort of PBX or an IP PBX
> type service. So, in reality you do not need to bridge every IP phone with
> WebRTC.

That is a *very* limited scope of what WebRTC can provide. An IT
department should be able to deploy its own WebRTC infrastructure (a
Web+WebSocket server) within its "local" network, so browsers
accessing to such a local website share the network with SIP/XMPP

Please don't imagine WebRTC and SIP interop as the communication
between two islands ;)

> If a few PBX and hosted centrex vendors will add support for WebRTC
> required features, we will get compatibility with existing end points.

Pure SIP proxies do exist. A PBX is not always needed, so again, SIP
world does not require to be "an island".

> To support the rest you will need to deploy some sort of gateway.

Not in the case SDES+SRTP is allowed in WebRTC (see Fabius's recent
mails about SDES and DTLS).

> hurdle (I am trying to be politically correct here). WebRTC enabled end
> points, on the other hand, will offer significant benefits to traditional
> SIP phones, since they will allow development of higher quality integrated
> real time communications services. I hope this will drive a much quicker
> standard adoption.

The problem is that there is a *NEW* SRTP related spec for WebRTC:

Maybe it could also become a standard for SIP? I hope, but currently
it's not, so by *mandating* DTLS-EKT-SRTP in WebRTC we are creating a


Iñaki Baz Castillo