Re: [rtcweb] Let's define the purpose of WebRTC

Eric Rescorla <> Mon, 07 November 2011 13:57 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 79FB521F8B70 for <>; Mon, 7 Nov 2011 05:57:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.936
X-Spam-Status: No, score=-102.936 tagged_above=-999 required=5 tests=[AWL=0.041, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id sxvm9ul4RTGg for <>; Mon, 7 Nov 2011 05:57:36 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id F290D21F846D for <>; Mon, 7 Nov 2011 05:57:35 -0800 (PST)
Received: by ywt2 with SMTP id 2so6208721ywt.31 for <>; Mon, 07 Nov 2011 05:57:35 -0800 (PST)
Received: by with SMTP id i15mr3965186yac.19.1320674255445; Mon, 07 Nov 2011 05:57:35 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Mon, 7 Nov 2011 05:50:20 -0800 (PST)
X-Originating-IP: []
In-Reply-To: <>
References: <> <> <> <> <>
From: Eric Rescorla <>
Date: Mon, 7 Nov 2011 05:50:20 -0800
Message-ID: <>
To: Hadriel Kaplan <>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: "<>" <>
Subject: Re: [rtcweb] Let's define the purpose of WebRTC
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 07 Nov 2011 13:57:36 -0000

On Sun, Nov 6, 2011 at 7:20 PM, Hadriel Kaplan <> wrote:
>>> IMHO, if a web service doesn't want to take, or cannot take, the hit
>>> for SRTP, WebRTC is not the appropriate solution for such a service.
>> I'm exceedingly unsympathetic to the claim that SRTP is too slow. This
>> is precisely the claim that was made about TLS for years, but measurements
>> (see Langley and Modadugu's Overclocking SSL talk at Velocity) show
>> that that's not really true.
> Who said "too slow"?  There *is* an extra round-trip or two involved I presume, if we're talking DTLS-SRTP, but no I didn't mean that as a "hit".  I just meant the extra computing cycles for SRTP being a "hit".  For WebRTC-to-WebRTC I don't think that matters at all.  For WebRTC-to-media-server it might, for a free game app or greeting card app that don't care about it to begin with, and which use plaintext HTTP to begin with.

Sorry, I didn't mean to put words in your mouth. Performance measurements
of HTTP versus HTTPS in modern Web environments suggest that the additional
load for HTTPS is not significant. Do you have evidence that the situation is
different for SRTP versus RTP?


> (this isn't a big deal regardless - just something to think about whether we care or not)
> -hadriel