UDP/TLS/RTP/SAVPF vs. RTP/SAVPF confusion

[juha.h...@gmail.com]

I did some experiment with SIP.js and liked it. One thing that confuses me is why SIP,js uses UDP/TLS/RTP/SAVPF RTP profile, when the latest draft-ietf-rtcweb-rtp-usage-23 on the topic from May 2015 states:

For WebRTC use, the Extended Secure RTP Profile for RTCP-Based Feedback
(RTP/SAVPF) [RFC5124], as extended by [RFC7007], MUST be implemented.

I noticed from the mailing list that the switch from RTP/SAVPF to UDP/TLS/RTP/SAVPF was made quite recently. JsSIP, for example, is still using RTP/SAVPF. What is the rationale for not implementing the internet draft?

-- Juha

[Will Mitchell]

I believe at the time we made the change, various draft specs were ambiguous about what profile to use.  Several SIP servers (asterisk comes to mind) would refuse to do DTLS encryption without that profile.

Note that the change of profiles is done in the Hacks.js file.  If we discover that SIP servers are working without the hack, we can certainly remove it.  However, we are committed to maintaining interop as best as possible between various SIP endpoints.  Until we see that it's not needed (regardless of spec), we need to keep it in, or at least have it as an option.

--
You received this message because you are subscribed to the Google Groups "SIP.js" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sip_js+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sip_js/18090d94-3d0e-4c6c-a9a8-8c352db6c050%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Will Mitchell]

I dug out the specific reference:

RFC 5764: https://tools.ietf.org/html/rfc5764

When a RTP/SAVP or RTP/SAVPF stream is transported over DTLS with
      UDP, the token SHALL be UDP/TLS/RTP/SAVP or UDP/TLS/RTP/SAVPF
      respectively.

The line above this actually defines RTP/SAVP and RTP/SAVPF according to RFC5124 (same RFC referenced by the rtcweb draft), so it is clearly referring to the same thing.  My reading of this (which is shared by at least some SIP servers), is that while the RTP profile MUST be RTP/SAVPF, the correct way to actually describe this in the SDP is with the token UDP/TLS/RTP/SAVPF.

-Will

On Monday, May 18, 2015 at 10:09:57 AM UTC-4, Will Mitchell wrote:

I believe at the time we made the change, various draft specs were ambiguous about what profile to use.  Several SIP servers (asterisk comes to mind) would refuse to do DTLS encryption without that profile.

Note that the change of profiles is done in the Hacks.js file.  If we discover that SIP servers are working without the hack, we can certainly remove it.  However, we are committed to maintaining interop as best as possible between various SIP endpoints.  Until we see that it's not needed (regardless of spec), we need to keep it in, or at least have it as an option.

On Sun, May 17, 2015 at 7:39 AM, <juha.h...@gmail.com> wrote:

I did some experiment with SIP.js and liked it.  One thing that confuses me is why SIP,js uses UDP/TLS/RTP/SAVPF RTP profile, when the latest draft-ietf-rtcweb-rtp-usage-23 on the topic from May 2015 states:

   For WebRTC use, the Extended Secure RTP Profile for RTCP-Based Feedback
   (RTP/SAVPF) [RFC5124], as extended by [RFC7007], MUST be implemented.

I noticed from the mailing list that the switch from RTP/SAVPF to UDP/TLS/RTP/SAVPF was made quite recently. JsSIP, for example, is still using RTP/SAVPF.  What is the rationale for not implementing the internet draft?

-- Juha

--
You received this message because you are subscribed to the Google Groups "SIP.js" group.

To unsubscribe from this group and stop receiving emails from it, send an email to sip_js+unsubscribe@googlegroups.com.

[juha.h...@gmail.com]

On Monday, May 18, 2015 at 5:23:58 PM UTC+3, Will Mitchell wrote:

> I dug out the specific reference:
>
> RFC 5764: https://tools.ietf.org/html/rfc5764
> When a RTP/SAVP or RTP/SAVPF stream is transported over DTLS with
> UDP, the token SHALL be UDP/TLS/RTP/SAVP or UDP/TLS/RTP/SAVPF
> respectively.
>
> The line above this actually defines RTP/SAVP and RTP/SAVPF according to RFC5124 (same RFC referenced by the rtcweb draft), so it is clearly referring to the same thing.  My reading of this (which is shared by at least some SIP servers), is that while the RTP profile MUST be RTP/SAVPF, the correct way to actually describe this in the SDP is with the token UDP/TLS/RTP/SAVPF.

Yes, you are correct. Profile is called RTP/SAVPF and in SDP it is written as UDP/TLS/RTP/SAVPF.

-- Juha