At 5:28 PM -0600 3/10/06, Nicolas Williams wrote: >On Fri, Mar 10, 2006 at 06:12:13PM -0500, Stephen Kent wrote: >> >You should be aware that there is a proposal being discussed at AVT in >> >Dallas to use DTLS as an alternative to secure RTP instead of SRTP. >> >There are problems with keying SRTP that have caused some to question >> >whether perhaps the key establishment should happen as part of the RTP >> >stream establishment instead of part of the session setup layer. >> > >> >If this proposal is viewed favorably, it casts doubt on claims about >> >SRTP being different from other protocols in terms of overhead >> >requirements. >> >> Yes, IF the proposal is accepted, then it signals a change of heart >> by the folks who created SRTP and cited per-packet bandwidth as the >> rationale. > >If you want data authentication then you have to have some overhead and >that will be comparable in home-grown solutions, AH and DTLS. > >So, if you want data authentication and the overhead thereof is too much >then either give up on data authentication or throw better networks >(more money) at the problem. > >Case closed :) > >Nico >-- Not quite that simple :-). What SRTP did was to add integrity and confidentially to RTP in a very careful, space-efficient fashion. In so doing, they reduced overhead well below what one could achieve via use of DTLS or ESP or AH. This is not a practice I encourage for application in general, because the costs of custom designs of this sort are very high, and for most apps the bandwidth savings will not justify these costs. Also, as Joe noted, the likelihood of introducing security problems in such designs (and in implementations) is also very high. Steve
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.