Re: PeerConnection Data Channel from Justin Uberti on 2011-09-06 (public-webrtc@w3.org from September 2011)

From: Justin Uberti <juberti@google.com>
Date: Mon, 5 Sep 2011 22:47:49 -0400
To: Harald Alvestrand <harald@alvestrand.no>
Cc: Eric Rescorla <ekr@rtfm.com>, Matthew Kaufman <matthew.kaufman@skype.net>, public-webrtc@w3.org
Message-ID: <CAOJ7v-0k34eGRvZR2P5PZZaStTzBnaGvPvM9sQGWZ35D-n1B-w@mail.gmail.com>

I'd like to also consider whether TCP-over-DTLS-over-ICE is a viable option
for a reliable DataStream within a PeerConnection.

On Mon, Sep 5, 2011 at 4:58 AM, Harald Alvestrand <harald@alvestrand.no>wrote:

> Eric, would it be possible for you to write up a description on roughly the
> same level of detail as Justin's on a solution that just uses DTLS to
> support a "send data" call on the PeerConnection API?
>
> I think that includes:
> - Signalling the DTLS (not RTP) framing in SDP
> - Supporting a single DTLS channel per PeerConnection
> - How congestion control for the DTLS channel could work
> - Surely something I've forgotten.....
>
>            Harald
>
>
> On 09/03/11 17:10, Eric Rescorla wrote:
>
>> On Fri, Sep 2, 2011 at 11:17 AM, Matthew Kaufman
>> <matthew.kaufman@skype.net>  wrote:
>>
>>> On 9/2/11 7:12 PM, Justin Uberti wrote:
>>>
>>> On Fri, Sep 2, 2011 at 1:57 PM, Matthew Kaufman<matthew.kaufman@skype.**
>>> net <matthew.kaufman@skype.net>>
>>> wrote:
>>>
>>>> On 9/2/11 6:52 PM, Justin Uberti wrote:
>>>>
>>>>> I'm far from sold on RTP for this, but since I think we need a sequence
>>>>> number (for congestion control) and a stream id (for demux), it seems
>>>>> we're
>>>>> already halfway there. Will look at the other methods - do you recall
>>>>> if
>>>>> these were mentioned in a public draft or on the mailing list?
>>>>>
>>>> There were two IDs... Cary did a presentation at the last meeting and is
>>>> preparing a combined draft.
>>>>
>>>> I believe there was discussion on the list as well from some RTP folks
>>>> (or
>>>> maybe it was just at the microphone back in Prague?) about why putting
>>>> data
>>>> in RTP is the wrong thing.
>>>>
>>>>  Thanks, will look. Main concern is how SDES-SRTP works with something
>>> non-RTP. Maybe that isn't supported.
>>>
>>> It works fine... you just take the same SDES key you stuffed in (via
>>> Javascript, if we don't use SDP, perhaps) and encrypt with it.
>>>
>> It's actually rather more complicated than this: SRTP defines a wire
>> protocol
>> that is designed to be used with external key management. You'd need to
>> define a new wire protocol for this application, which is sort of what
>> this
>> document does, but... not well.
>>
>>
>>  DTLS is even
>>> more obvious of course.
>>>
>> Indeed. Experience has shown that designing even this kind of simple
>> security
>> protocol is hard. In this case it seems extraordinarily inadvisable
>> given that we
>> have a well-defined IETF Standards Track protocol designed specifically
>> for
>> the purpose of securing datagram transmissions.
>>
>> -Ekr
>>
>>
>>
>

Received on Tuesday, 6 September 2011 02:48:35 UTC