Our security audit noticed that DtlsSrtpKeyAgreement has been used as optional MediaConstraints. We have added it to mandatory constraints, but sometimes connection cannot be established - we receive empty sdp. I see that in WebRTC demo app this constraint uses as mandatory, but for us it works only if I set RtpDataChannels parameter to optional as well. I have found this solution in this review, where both parameters have been set - https://review.webrtc.org/10749004/patch/1/2 Could you please tell us how we should use the DtlsSrtpKeyAgreement. Is it supported to be mandatory and why it requires RtpDataChannels patameter in the optional then?
--
---
You received this message because you are subscribed to the Google Groups "discuss-webrtc" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss-webrtc+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/b2dfc088-2dd4-4d8a-90f8-075e539f4143%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
SrtpKeyAgreement is a MUST NOT in the standard; it profoundly reduces the security of your conversations.In addition, SrtpKeyAgreement means that SCTP based datachannels are unusable (they depend on proper DTLS), so in order to use SrtpKeyAgreement, you either can't use datachannels, or you have to use the ancient RTP-based datachannels (which don't have the same functionality).In short: If you want to use SrtpKeyAgreement - don't.(Its presence in demos is an embarassment, and should be fixed.)
On Mon, Jan 15, 2018 at 2:06 PM, Павел Крахалев <kpav...@gmail.com> wrote:
Our security audit noticed that DtlsSrtpKeyAgreement has been used as optional MediaConstraints. We have added it to mandatory constraints, but sometimes connection cannot be established - we receive empty sdp. I see that in WebRTC demo app this constraint uses as mandatory, but for us it works only if I set RtpDataChannels parameter to optional as well. I have found this solution in this review, where both parameters have been set - https://review.webrtc.org/10749004/patch/1/2 Could you please tell us how we should use the DtlsSrtpKeyAgreement. Is it supported to be mandatory and why it requires RtpDataChannels patameter in the optional then?
--
---
You received this message because you are subscribed to the Google Groups "discuss-webrtc" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss-webrt...@googlegroups.com.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss-webrtc+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/d33cb0e7-e626-4de2-b788-6dad22047808%40googlegroups.com.