Re: [rtcweb] A compromise for SDES

Salvatore Loreto <> Tue, 16 July 2013 14:06 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0541B21E804C for <>; Tue, 16 Jul 2013 07:06:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -106.249
X-Spam-Status: No, score=-106.249 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id IC8LxDjEs7tJ for <>; Tue, 16 Jul 2013 07:06:19 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E770F21E8050 for <>; Tue, 16 Jul 2013 07:06:18 -0700 (PDT)
X-AuditID: c1b4fb2d-b7f586d000001a55-70-51e553596000
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id 64.51.06741.95355E15; Tue, 16 Jul 2013 16:06:18 +0200 (CEST)
Received: from ( by ( with Microsoft SMTP Server id 14.2.328.9; Tue, 16 Jul 2013 16:06:17 +0200
Received: from ( []) by (Postfix) with ESMTP id 4623111021C for <>; Tue, 16 Jul 2013 17:06:17 +0300 (EEST)
Received: from (localhost []) by (Postfix) with ESMTP id 8195A556CB for <>; Tue, 16 Jul 2013 17:06:13 +0300 (EEST)
Received: from Salvatore-Loretos-MacBook-Pro.local (localhost []) by (Postfix) with ESMTP id E8FC553AA3 for <>; Tue, 16 Jul 2013 17:06:12 +0300 (EEST)
Message-ID: <>
Date: Tue, 16 Jul 2013 16:06:15 +0200
From: Salvatore Loreto <>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
References: <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV using ClamSMTP
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrALMWRmVeSWpSXmKPExsUyM+JvrW5U8NNAg6Zd7BZr/7WzOzB6LFny kymAMYrLJiU1J7MstUjfLoEr4+OEk6wF5zkqzk/4xNrA+IGti5GTQ0LARKJvwxpGCFtM4sK9 9UBxLg4hgcOMEr/vrWaBcNYzSty4c5sJwrnMKPH53X1WkBYhgSOMEg+naUAkzjJKPN94kxkk wSugLbH+eB87iM0ioCrx5s5nJhCbTcBM4vnDLWA1ogLJEu+v3IGqF5Q4OfMJC4gtIiAq8frx NKAFHBzCQHM+nqyCmL+HSeLs4puMIHFOAX+JSZuDQMqZBWwlLsy5zgJhy0tsfzuHGeIdNYmr 5zYxQ9ypJdF7tpNpAqPILCTbZiFpn4WkfQEj8ypG9tzEzJz0csNNjMBQPrjlt+4OxlPnRA4x SnOwKInzbtI7EygkkJ5YkpqdmlqQWhRfVJqTWnyIkYmDU6qBcaaeyQ2+NROnhF7ascttT1d2 BoP+w/TUfY/lH2gJFBZalykvvhx4rTCeYa/QZteLLe1iCkJrnXl8T5hxrkx71lDJ3jddcO6O qqoqZfOZic5zfHRypwXYva9VFalbcvP6rMyE6GpGU99pXv4zusL3fpqsZ73XXE0wXfP5OfvW zbGMJ5IPKBsqsRRnJBpqMRcVJwIAUKAJqDMCAAA=
Subject: Re: [rtcweb] A compromise for SDES
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 16 Jul 2013 14:06:30 -0000

On 7/16/13 3:22 PM, Hutton, Andrew wrote:
>> The Compromise:
>> >So given that background, I was planning to propose that the security
>> >doc keep DTLS-SRTP as the only MTI mechanism for browsers, BUT to add a
>> >statement that web-based application frameworks SHOULD also support
>> >SDES. (with text about why and how, etc.)
> I don't think we can or should say that SDES SHOULD be implemented by one type of framework but not another we just need to say something consistent for all. I agree with most of what is stated in the reasoning above and given that there is a strong commercial incentive for SDES support I think keeping DTLS-SRTP as the MTI and making SDES a SHOULD would be a good compromise.
I also agree with most of what Hadriel stated in his long mail;
however I don't like the idea we start to make difference between what 
kind of webrtc you can do
with a browser and what you can do on a web-based application framework
(btw I also share the Andrew concern about the fact that we can/should 
say what to do or not to do
in each type of framework)