- From: Harald Alvestrand <harald@alvestrand.no>
- Date: Tue, 29 Mar 2011 13:41:44 +0200
On 03/29/11 03:00, Ian Hickson wrote: > On Wed, 23 Mar 2011, Harald Alvestrand wrote: >> > >> > Is there really an advantage to not using SRTP and reusing the RTP >> > format for the data messages? > Could you elaborate on how (S)RTP would be used for this? I'm all in > favour of defering as much of this to existing protocols as possible, but > RTP seemed like massive overkill for sending game status packets. > If "data" was defined as an RTP codec ("application/packets?"), SRTP could be applied to the packets. It would impose a 12-byte header in front of the packet and the recommended authentication tag at the end, but would ensure that we could use exactly the same procedure for key exchange, multiplexing of multiple data streams on the same channel using SSRC, and procedures for identifying the stream in SDP (if we continue to use SDP) - I believe SDP implicitly assumes that all the streams it describes are RTP streams. I've been told that defining RTP packetization formats for a codec needs to be done carefully, so I don't think this is a full specification, but it seems that the overhead of doing so is on the same order of magnitude as the currently proposed solution, and the security properties then become very similar to the properties for media streams.
Received on Tuesday, 29 March 2011 04:41:44 UTC