Re: Moving forward with SDP control from Peter Thatcher on 2013-07-20 (public-webrtc@w3.org from July 2013)

From: Peter Thatcher <pthatcher@google.com>
Date: Fri, 19 Jul 2013 17:54:32 -0700
To: Cullen Jennings <fluffy@iii.ca>
Cc: "piranna@gmail.com" <piranna@gmail.com>, cowwoc <cowwoc@bbs.darktech.org>, Kiran Kumar <g.kiranreddy4u@gmail.com>, Likepeng <likepeng@huawei.com>, "public-webrtc@w3.org" <public-webrtc@w3.org>, "Matthew Kaufman (SKYPE)" <matthew.kaufman@skype.net>
Message-ID: <CAJrXDUFGVfvNhnMx2gwEvpEko-ruXK55yfsPV+PK1A7LgwZkMA@mail.gmail.com>

At the end of the day, the real question to answer isn't "what is the
signalling", but rather "what is the API"?  Should the DTLS-SRTP keys be in
control of the JS via API?  I think that everyone would answer "no".


On Fri, Jul 19, 2013 at 5:43 PM, Cullen Jennings <fluffy@iii.ca> wrote:

>
> It's important to realize there are many different signaling channels in
> use here. Let me give an example. If DTSL-SRTP is used, does the JS need
> access to the SRTP keys?
>
> On Jul 19, 2013, at 10:31 AM, Peter Thatcher <pthatcher@google.com> wrote:
>
> > Everything that needs to be signalled needs to be available to the JS
> because it's up the JS to signal it.  For example, if SDES is used, crypto
> keys must be available to the JS because its up to the JS to send it to the
> remote side.  There's no way for you to signal it without having access to
> it.
> >
> >
> > On Fri, Jul 19, 2013 at 9:49 AM, piranna@gmail.com <piranna@gmail.com>
> wrote:
> >
> > >     That is not strictly true. Any immutable low-level property should
> be hidden from the application developer. Meaning, as an application
> developer I don't care that the signaling layer is using encryption key
> "9823cuj980ru890e" and yet (I think) this shows up in the SDP. If I don't
> ever need to know about it, I shouldn't have access to it.
> > >
> > +1
> >
> >
>
>

Received on Saturday, 20 July 2013 00:55:39 UTC