I would like to know the reasons that led DTLS-SRTP to be the method chosen for protecting the media in WebRTC.
I suppose it was considered that it is better to exchange the SRTP key material outside the signaling plane, but why not allowing other methods like SDES ? To me, it seems that it would be faster than going through a DTLS handshake, and as secure as DTLS-SRTP if you can guaranty that the signaling channel is secured...
Asked
Active
Viewed 1,273 times
3
Nicolas Jean
- 775
- 6
- 19
-
I googled "webrtc sdes" and found [these IETF slides](https://www.ietf.org/proceedings/84/slides/slides-84-rtcweb-15.pdf) which appear to give a good summary. – jib Aug 30 '16 at 22:50
1 Answers
6
Because the author of the SDES specification said "please don't use SDES". http://www.tschofenig.priv.at/wp/?p=993 has a good summary of the IETF meeting in Berlin where that decision happened along with links to the slides
Philipp Hancke
- 15,855
- 2
- 23
- 31