Ge0rGmhm. looks like it all started here: http://mozilla.6506.n7.nabble.com/SCTP-and-WebRTC-FYI-td228999.html
fippoge0rg: i think it was earlier... i'll check the notes from the kickoff
Ge0rGfippo: I'd be glad to get to the root of it. I'm looking for material supporting the not-quite-obvious decision of SCTP-over-DTLS
fippohttp://rtc-web.alvestrand.com/ might have some hints... but I can't find anything obvious right now
ralphmGe0rG: I might have missed earlier discussion on this, but what is the issue?
Ge0rGis on a flaky 2G connection right now. can't do extensive surfing :(
ralphmGe0rG: I mean, why is SCTP-over-DTLS a thing that needs to be gotten to the root of? Why is it an unexpected choice?
Ge0rGralphm: what I am looking for is extensive documentation of the possible alternatives, and why stacking a transport-layer protocol implemented at the app layer on top of another transport layer protocol has been chosen.
Ge0rGalso, my 2G connection lags. icmp_req=454 ttl=40 time=34930 ms
Steffen Larsenhas left
Steffen Larsenhas joined
Ge0rGralphm: I can understand the choice was made because of NAT, but I fail to believe it was the only possible choice.
Ge0rGyou know, if all you ave is a srtp/dtls hammer, file transfer might look like a nail as well.
fippoge0rg: RTMFP was/is way more cool imo :-)
Ge0rGsometimes people make brave decisions and stack protocols like it is Babel all over again. And sometimes it even works out reasonably well.
Ge0rGso far, the guardianproject managed twice already to impress and to disgust me at the same time with their protocol stacking: one was serverless XMPP over avahii over OLSR on mobile, and the other was HTTP over OTR text messages over XMPP
Ge0rGand I'd like to form a strong opinion on that SCTP-over-DTLS thing before opening my mouth and ranting it to the moon ;)
fippoge0rg: shout at rtcweb for using DTLS-SRTP instead of ZRTP :-)
Ge0rGfippo: I have no strong opinion on RTP encryption mechanisms, and do not intend to form one soon
fippothe bad thing about all RTP encryption mechs is that they don't encrypt the header. which really makes me wonder about the https://www.schneier.com/blog/archives/2011/03/detecting_words.html kind of stuff :-/
ralphmfippo: what about http://tools.ietf.org/html/rfc6904?
ralphm(which of course doesn't cover all headers)
fipporalphm: the basic problem is that there is alot of infrastructure that wants to have access to the rtp headers for QoS.
ralphmyeah, of course
ralphmI suppose the same holds for http v.s. https
fippowell, voip is timecritical. http isn't
ralphmGe0rG: but just so you know, server-less XMPP over SCTP/DTLS/SRTP will be a thing.
ZashBut you still need servers to find them.
Zashralphm, like what XTLS was supposed to be?
fipporalphm: i think the guys from the RWTH aachen have a prototype for exactly that ,-)
ralphmZash: Yeah, there have been proposals to negotiate peer-to-peer XML Streams over Jingle to do end-to-end encryption.
ralphmthat was using XTLS
ralphmThey never left the XEP inbox
ralphmand then were IETF drafts
fippobut we bumped the jingle namespace for XTLS at least!
KevThat was why they never left the inbox, wasn't it?