IETF Logo Mail Archive

Re: [rtcweb] JSEP draft query [was RE: SRTP not mandatory-to-use]

Harald Alvestrand <harald@alvestrand.no> Thu, 12 January 2012 09:19 UTC

Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1437521F854D for <rtcweb@ietfa.amsl.com>; Thu, 12 Jan 2012 01:19:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.598
X-Spam-Level:
X-Spam-Status: No, score=-110.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WzexOnCII91I for <rtcweb@ietfa.amsl.com>; Thu, 12 Jan 2012 01:19:21 -0800 (PST)
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no [158.38.152.233]) by ietfa.amsl.com (Postfix) with ESMTP id D5C4621F84B4 for <rtcweb@ietf.org>; Thu, 12 Jan 2012 01:19:20 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id 22D4A39E08A; Thu, 12 Jan 2012 10:19:20 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at eikenes.alvestrand.no
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dgRtIEzNgOsw; Thu, 12 Jan 2012 10:19:19 +0100 (CET)
Received: from hta-dell.lul.corp.google.com (62-20-124-50.customer.telia.com [62.20.124.50]) by eikenes.alvestrand.no (Postfix) with ESMTPS id 1BAF539E048; Thu, 12 Jan 2012 10:19:19 +0100 (CET)
Message-ID: <4F0EA596.1040009@alvestrand.no>
Date: Thu, 12 Jan 2012 10:19:18 +0100
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.24) Gecko/20111108 Thunderbird/3.1.16
MIME-Version: 1.0
To: "Ravindran, Parthasarathi" <pravindran@sonusnet.com>
References: <CAErhfrwu322=HTS0JZhum9EGfb73KmYS6CU_KMESyzEWhtvg2w@mail.gmail.com> <4AEFFC17-EF17-40F2-B83B-0B0CC44AD2C3@cisco.com> <CAKhHsXEes+Lf+uKdTrjXoy+3PMy2uNumNL-W-0s4_xRXW6FiZg@mail.gmail.com> <4F0CAC8C.8010203@wonderhamster.org> <1D062974A4845E4D8A343C6538049202074ABD3A@XMB-BGL-414.cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCF907@inba-mail02.sonusnet.com> <CALiegfkejnU2rTe-FibUVxTrRS9SivkhGXB5eK+FhD8Vu6iTMA@mail.gmail.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCF9FC@inba-mail02.sonusnet.com> <CALiegfn07bS58B+4ZyzRTnO4LCpw1e96dnqpSM+TT1y3QG2Zwg@mail.gmail.com> <387F9047F55E8C42850AD6B3A7A03C6C01DCFBC1@inba-mail02.sonusnet.com> <CAOJ7v-20+yL7r+_ODx_czHTiujXZZWESaZRB7MQjhvScg3RFtw@mail.gmail.com> <4F0DFD0B.2000009@jesup.org> <CAD5OKxsOqzXDz3WYhLejDtB-zGUcZYMCApHxPyU3XV++_RZhBg@mail.gmail.com> <CAOJ7v-2Y3SLYko1r_BTp-8B2ea-L+7y9CRsVAc-RkYU9hWvQ_Q@mail.gmail.com> <387F9047F55E8C42850AD6B3A7A03C6C01DD0610@inba-mail02.sonusnet.com>
In-Reply-To: <387F9047F55E8C42850AD6B3A7A03C6C01DD0610@inba-mail02.sonusnet.com>
Content-Type: multipart/alternative; boundary="------------040906050602000904040409"
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] JSEP draft query [was RE: SRTP not mandatory-to-use]
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jan 2012 09:19:22 -0000

On 01/12/2012 02:05 AM, Ravindran, Parthasarathi wrote:
>
> Hi Justin,
>
> Sorry,  I have trouble in accessing JSEP draft at IETF RTCWeb site 
> (http://tools.ietf.org/wg/rtcweb/) and googling does not yield any 
> draft. Could you please forward me JSEP draft to see how DTLS keys are 
> negotiated in JSEP proposal even  before the answer is received from 
> the remote WebRTC client.
>

A copy of the JSEP proposal is archived in the W3C WebRTC archives:

http://lists.w3.org/Archives/Public/public-webrtc/2012Jan/0002.html

It has not yet been submitted as an internet-draft; indeed, one of the 
things we have to decide is whether it should be an internet-draft or a 
part of the W3C API spec.
>
> Thanks
>
> Partha
>
> *From:*rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] *On 
> Behalf Of *Justin Uberti
> *Sent:* Thursday, January 12, 2012 4:48 AM
> *To:* Roman Shpount
> *Cc:* Randell Jesup; rtcweb@ietf.org
> *Subject:* Re: [rtcweb] SRTP not mandatory-to-use
>
> On Wed, Jan 11, 2012 at 5:50 PM, Roman Shpount <roman@telurix.com 
> <mailto:roman@telurix.com>> wrote:
>
> On Wed, Jan 11, 2012 at 4:20 PM, Randell Jesup <randell-ietf@jesup.org 
> <mailto:randell-ietf@jesup.org>> wrote:
>
>     I'd like to explore the possibility of making sure there's a
>     workable DTLS-SRTP implementation openly available, and locking
>     WebRTC down to that only.
>
>     I should note that while libsrtp 1.4.2 (last official release)
>     doesn't have DTLS-SRTP support, there are DTLS-SRTP support
>     functions and test code in the project's CVS since ~2006, and
>     resiprocate/recon supports DTLS-SRTP via a modified OpenSSL.  So,
>     I'm not sure the barrier is huge given DTLS support already.
>
>
> Can you name a single soft-phone, hard-phone, SBC, or gateway that 
> currently supports DTLS-SRTP?
>
> The reason I am asking is libsrtp, despite being widely used, is 
> extremely buggy (last official release for instance crashes with GPF), 
> and does not even provide full DES-SRTP implementation (no 
> F8_128_HMAC_SHA1_8 support).
>
> As far as DTLS (non-SRTP) implementations are concerned, can anybody 
> provide an indication on how widely they are used? I know that OpenSSL 
> supported DTLS for a while, but what commonly used software is using this?
>
> Also, what would be the impact of adding DTLS to SBC? It would be 
> interesting to hear from SBC implementers before decision is made.
>
> How many additional round trips does DTLS require for connection 
> setup? Are we planning to support certificate validation?
>
> When used with JSEP, DTLS should not require any additional roundtrips 
> for connection setup, since DTLS can be brought up as part of 
> transport establishment. In fact, connection setup should occur faster 
> than when using SDES, since the keys can be negotiated before the 
> answer arrives. This prevents clipping of the answerer's media from 
> occurring.
>
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email