Re: [webrtc-pc] strawman text to show how unverified media would work

As I pointed out in https://github.com/w3c/webrtc-pc/issues/849 just now, I think it's actually impossible for this to work with ICE+DTLS.  Here's my reasoning, copied from https://github.com/w3c/webrtc-pc/issues/849:

1. You can receive DTLS from the remote side before receiving the remote description (and thus fingerprint). This happens if the remote side sends an ICE connectivity check and the local side sends a response and then the remote side sends a DTLS packet.

2. You cannot send DTLS from the local side before receiving the remote description (and thus fingerprint). This is because you can't send an ICE connectivity check until you have the remote ICE ufrag and pwd, and thus can't get an ICE connectivity check response, and thus can't send DTLS. This is because you can't send anything other than ICE until you get an ICE connectivity check response.

3. Since you can't send DTLS, you can't complete the handshake, and thus can't extract the SRTP key.

-- 
GitHub Notification of comment by pthatcherg
Please view or discuss this issue at https://github.com/w3c/webrtc-pc/pull/1026#issuecomment-290514778 using your GitHub account

Received on Thursday, 30 March 2017 19:12:12 UTC