Message info
To: From:Fabio Pietrosanti (naif) Subject:Re: [rtcweb] SRTP and "marketing" Date:Thu, 29 Mar 2012 08:22:30 +0200

On 3/28/12 11:58 PM, Hadriel Kaplan wrote:
> On Mar 28, 2012, at 6:59 PM, Dan Wing wrote:
>> We do need a foundation upon which an authentication/identity
>> infrastructure can be built. We know we need one.
>> That foundation is DTLS-SRTP, and not Security Descriptions.
> Now you're starting to sound like a marketing guy. ;)
> What's next: "we'll build more synergy and have a unified platform with DTLS-SRTP"?
> But more seriously, I don't understand this "foundation" argument. We're going to have DTLS-SRTP. No one's suggesting we don't have DTLS-SRTP.

I'm no-one, but i would strongly argue to use SDES-SRTP considering that
forcing the world to implement a non-used new standard (DTLS-SRTP) for a
new not-yet-implemented new standard (WebRTC) it's a fault.

> All Browsers MUST implement DTLS-SRTP. We'll have it for Browser-to-Browser, and for Browser-to-Gateway if the Gateway supports it. We'll have the foundation.
> Requiring it for Gateways would make sense if it offered some real advantage, or didn't have any disadvantages. There don't appear to be real advantages, while we know of disadvantages. And gateways have no real means of offering an end-to-end identity. Why would you want to build a foundation on air?

We need to build a new protocol on the foundation of existing protocol.

DTLS-SRTP doesn't exists because no-one use it, there are no diffused
implementation and no interoperability testing done.

DTLS-SRTP require a *huge effort* to set it up.

SDES-SRTP does not require such *huge effort* and will unleash the
advantage of an existing ecosystem of application and protocol stacks
already there.

While i understand Mr. Wing points related to Identity, i think that
Identity will be guaranteed not at "media level" but from existing
transport that is HTTP/HTTPS and all the W3C protocol that run on top of
the Web (Federated Authority) to handle Authorization and Authentication.

Reinventing something new it's imho just wrong.

Fabio Pietrosanti
Founder, CTO

Tel: +39 02 911930893 + ext: 907
Mobile: +39 340 1801049
Skype: fpietrosanti

PrivateWave Italia S.p.A.
Via Gaetano Giardino 1 - 20123 Milano - Italy
rtcweb mailing list