Re: [rtcweb] DTLS-SRTP implementation diffusion: Why not SDES-SRTP?

Iñaki Baz Castillo <ibc@aliax.net> Wed, 28 March 2012 19:53 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FEF921E80BE for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 12:53:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.622
X-Spam-Level:
X-Spam-Status: No, score=-2.622 tagged_above=-999 required=5 tests=[AWL=0.055, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xJhv2RzxmAza for <rtcweb@ietfa.amsl.com>; Wed, 28 Mar 2012 12:53:36 -0700 (PDT)
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 2814F21E80A5 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 12:53:35 -0700 (PDT)
Received: by vbbez10 with SMTP id ez10so1124176vbb.31 for <rtcweb@ietf.org>; Wed, 28 Mar 2012 12:53:34 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=FJr8uChk3uZAzU022XV3f+9FpqKQcmWJjzrZT4Jm8iU=; b=JiHPzdwYDxkT/PtT5G8Eo/6bWUgiIdwSID79LHtzQskZFwtnTItFbWfBjdffEaWB94 u+w2F/hpJ7YWksQ0t4zLl2omCSK63WwLU8Jn9fHM2+3wXGUcnoBGvFXildUqwdjTG1Yv LpWo/p+ER5Q080BFPO1akZvH71GARqrkpcanEmzNx4527ua5Q3RThVudBaP0kRPH0luY mQZcn06x+9N5MFnEb/nSbiILoqFi3rQxi1NBN6F6fvgihtlv2hy3JUROovLld8TREIaP XrFkZ0Ee3zf8beYcO0QgE/MpJKuWobuMj6fK1PVKQxhpPfK+UQX6whxa4ogBPkQtSuGI XgTw==
Received: by 10.220.152.205 with SMTP id h13mr10480512vcw.12.1332964413933; Wed, 28 Mar 2012 12:53:33 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.170.165 with HTTP; Wed, 28 Mar 2012 12:53:13 -0700 (PDT)
In-Reply-To: <4F73697D.5080006@infosecurity.ch>
References: <4F73697D.5080006@infosecurity.ch>
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Wed, 28 Mar 2012 21:53:13 +0200
Message-ID: <CALiegfnF-8TCzkE9NiDsWz8PVNXtCtmpDKPYz65YLfdGVPQTqQ@mail.gmail.com>
To: "Fabio Pietrosanti (naif)" <lists@infosecurity.ch>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQnf4yXKr2syM3OSbwRh7g1JHvIafBBXNPZ2WI/Ep1vSnBcOwIJS9tjWYLaxAbMLkGzOI29i
Cc: "<rtcweb@ietf.org>" <rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS-SRTP implementation diffusion: Why not SDES-SRTP?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 19:53:38 -0000

2012/3/28 Fabio Pietrosanti (naif) <lists@infosecurity.ch>:
> Hi all,
>
> i read that 80% of Sipit participant support SDES-SRTP but 0% support
> DTLS-SRTP  https://www.sipit.net/SIPit29_summary .
>
> At SIPit there were 34 attendees from 17 companies visiting from 12
> countries with 25 distinct VoIP implementations.

Right, but this is rtcweb, not SIP.



> I do not really see which is the rationale in making DTLS-SRTP mandatory
> while plain SRTP with SDES key exchange is already so well know and used.

That's a good reason to *also* allow (and mandate) SDES-SRTP support
in WebRTC clients, much better than the interoperability with SIP
(again: this is rtcweb, not SIP world).


> Anyone can provide some very strong and valuable point about using
> DTLS-SRTP (considering it's weak diffusion and incompatibility risks)?

Lot of recent threads about this topic in this maillist. But also
check a recent presentation (yesterday in IETF Pairs):

http://tools.ietf.org/agenda/83/slides/slides-83-rtcweb-3.pdf




-- 
Iñaki Baz Castillo
<ibc@aliax.net>