> On Tue, 18 Dec 2007, Eric Rescorla wrote: > > > At Mon, 17 Dec 2007 17:30:24 -0500, > > Philip Matthews wrote: > >> In all three proposals, media packets would flow directly between the > >> X and Y, and not hop-by-hop around the overlay. So when ESP was used, > >> there would be no need to use STRP for media, or TLS or DTLS for > >> signaling. > > > > This is arguably a bug, not a feature. > > > > SRTP was explicitly designed to have very low overhead: just the > > bits of the authentication tag itself, with no header, etc. The > > rationale for this design was that RTP packets tend to be very > > small and so the overhead for the header, IV, etc. was significant. > > In cases where that type of constraint applies, then wrapping the > > RTP in ESP would be bad. > > I think the difference is around 18 bytes: > > http://dasan.sejong.ac.kr/~wisa04/ppt/1A1.ppt > > In practice, the difference is insignificant according to these results: > > Bilien et at: Secure VoIP: call establishment and media protection: > http://www.minisip.org/publications/secvoip-minisip-camera.pdf
I don't see that this paper is at all relevant to the question of whether 18 bytes of per-packet overhead is significant. In any case, if you want to argue this point, I would advise you to take it up in AVT, since low overhead was one of the principal design considerations for SRTP. -Ekr _______________________________________________ P2PSIP mailing list [email protected] https://www1.ietf.org/mailman/listinfo/p2psip
