- From: David Benjamin via GitHub <noreply@w3.org>
- Date: Thu, 28 Aug 2025 13:42:12 +0000
- To: public-webrtc-logs@w3.org
> That works for changes without a regression in a metric folks care about. Given that PQC makes the client hello go from one to two packets I'd expect reliability issues which negatively affect the "call setup time" (DTLS 1.3 will be a win). That is not quite how (D)TLS 1.3 works. Offering *and predicting* PQC makes the ClientHello go to two packets. There are clear reasons to want to predict PQC given we intend for traffic to migrate to it. But if mispredicting PQC against non-PQC peers is too much a transitionary performance problem, those are things we can explore to refine that behavior. On the HTTPS side, there's a DNS hint at TLSWG to adjust the predicted set (but **not** the supported set). However, thus far, I'm not aware of problems with the current launch strategy. (@alvestrand, do you know how we are looking on that so far?) If problems develop, we can figure that out. But given that the performance baseline was a 2-RTT DTLS 1.2 handshake, it's not obvious to me that 1-RTT with two-packet ClientHello will be worse. > Services and servers not having another option but to not negotiate PQC might be a blocker for adoption. That is not how (D)TLS works. The client and server both support multiple options. Adding PQ does not remove the classical options when speaking to legacy servers. > We've seen that before and it is the reason why SRTP in Chrome is still the AES_CM_128_HMAC_SHA1_80 ciphersuites instead of the GCM ones. This also does not make any sense. I have not been involved with Chrome WebRTC's use of SRTP, but there's an entire TLS extension jammed in there so that the TLS handshake can negotiate an SRTP profile. It should have been possible to do a smooth transition where the client offers both old + new and then servers support both old + new. @alvestrand do you know what's up with this? -- GitHub Notification of comment by davidben Please view or discuss this issue at https://github.com/w3c/webrtc-extensions/issues/207#issuecomment-3233558154 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 28 August 2025 13:42:12 UTC