Re: [rtcweb] WebRTC-SIP interop: and why SDES-SRTP is a need

Iñaki Baz Castillo <ibc@aliax.net> Thu, 05 April 2012 11:20 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A171321F8736 for <rtcweb@ietfa.amsl.com>; Thu, 5 Apr 2012 04:20:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.615
X-Spam-Level:
X-Spam-Status: No, score=-2.615 tagged_above=-999 required=5 tests=[AWL=0.062, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VikbFUsNRq0v for <rtcweb@ietfa.amsl.com>; Thu, 5 Apr 2012 04:20:26 -0700 (PDT)
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 05D9821F872E for <rtcweb@ietf.org>; Thu, 5 Apr 2012 04:20:25 -0700 (PDT)
Received: by vbbez10 with SMTP id ez10so1074123vbb.31 for <rtcweb@ietf.org>; Thu, 05 Apr 2012 04:20:25 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=JUdG/LyMqdyjqosNI1sqpbAXY+mAnA/raIKXl7Po7ro=; b=JHlYf30b61qJ196wMWwAvuDs/ZOid6MEN9m9KT2G0YU8TuYyVwCcGEckO19r8ulR7m f3TgFL4o9ZcVOzuN6FGqSUgpyKO8iEaBnOCh4rUVif4u2D518XArLwkDqIN0Nz2tsA33 UH7wz0YWcEZC4Ft2s9QHx6qM9dYqZBtOseExvysIUANrDPsC0koozrEtfB+S9YHYOBzA 2nQDJ3gji3BGehs5JLOOl3APRLkzVIL7GkLTPAUTDyqpmbT6l/CXVv+7awsPjxOIGk1F P+L46H2UkrC6RogyrBpPjtFW/5AElOpm02l0dXheUqBX94AEF20MbPy5h+tg755xCj0c cDCQ==
Received: by 10.52.94.233 with SMTP id df9mr1303266vdb.119.1333624825380; Thu, 05 Apr 2012 04:20:25 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.170.165 with HTTP; Thu, 5 Apr 2012 04:20:05 -0700 (PDT)
In-Reply-To: <7F2072F1E0DE894DA4B517B93C6A05852C42CA74D4@ESESSCMS0356.eemea.ericsson.se>
References: <CALiegfmz6tgm9WF3KWEK5qwaBGADKFyit=egB36zkjZXNKdeHw@mail.gmail.com> <CALiegfnA8_ntYd5f935P_E6vvMwjrzt+j6UhB9vjmo6h-RzfPA@mail.gmail.com> <CAD5OKxsxrDdsoV18KB1gZSsUBPno-k2zs4E2FTUaoUBdXfh5yA@mail.gmail.com> <CAE6kErhTOFP1qna-OKRmJzM=Rssc0UEXTyDgSyKmh2AM+PuviA@mail.gmail.com> <CAD5OKxuuC1q9uCnREqi_-i0unT=6Uza+oYsCWtanbSjmSi5_DQ@mail.gmail.com> <CALiegf=qo4uWjSBx6F5PmN_vqtbqYzQ9e5igqe_YJPKj0BHQvg@mail.gmail.com> <7F2072F1E0DE894DA4B517B93C6A05852C42CA74D4@ESESSCMS0356.eemea.ericsson.se>
From: =?UTF-8?Q?I=C3=B1aki_Baz_Castillo?= <ibc@aliax.net>
Date: Thu, 5 Apr 2012 13:20:05 +0200
Message-ID: <CALiegf=K2wYUXshf=fOKtEaEuiq9ExFk_Bfp_xC0epafcJERsw@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQlItc2tYuqrLxSf/1udydlAWdQhqvI6rC33SG3UA0/1AGdpoBhnIFBSUG8CQJJjvQi54VlQ
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] WebRTC-SIP interop: and why SDES-SRTP is a need
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2012 11:20:26 -0000

2012/4/5 Christer Holmberg <christer.holmberg@ericsson.com>:
>> The problem arises when media encrypt/decrypt is required, and evenr more when a key update in RTP (like the DTLS EKT update) must be converted into a signaling re-INVITE by a super Signaling+Media B2BUA:
>
> ...and, in general we should not specify procedures which require an intermediary to trigger and send re-INVITEs in the first place, because that itself can then cause lots of issues.

Agreed. So if WebRTC-SIP interop is important (or a valuable point for
WebRTC) then please DON'T rely on the existence of such a monstrous
super signaling+media B2BUA, and DON'T assume that WebRTC-SIP interop
is the communication between two separate islands. Please. It should
be much better, and allowing SDES-SRTP is the key for that.

-- 
Iñaki Baz Castillo
<ibc@aliax.net>