Skip to content

erdtls* comments #13

Description

@ford-prefect

These are some broad thoughts I had on the erdtls plugins and their usage. Also including some comments by @Rugvip (who can correct me if I got these wrong).

  1. Clients should use ErDtlsAgent as the object to be set on erdtls* elements In my opinion, this is better than a global hash table (and @Rugvip disagrees, as he finds the current mechanism to be easier to use by clients).
  2. ErDtlsAgent should not expose API to provide its context, but instead should offer API to instantiate an ErDtlsConnection (this makes the tight coupling between the two clear, without having internal API exposing implementation details (i.e. the SSL context). In the long term, ErDtlsAgent and ErDtlsConnections can become abstract classes from which specific implementations can be derived (we have openssl now, we could add gnutls).
  3. erdtlsenc and erdtlsdec should be merged into a single erdtlsconnection element. The two elements cannot be used independently of the other, and thus there should be a single element to manage both directions of the connection. The element would have always pads for the DTLS send and receive side, and request pads for applications to access send/receive plaintext data (request pads since they may not always explicitly be interested in both directions).
  4. erdtlssrtpenc and erdtlssertpdec should be merged into a singl erdtlssrtpbin. Once the erdtlsenc/dec pair are merged, the SRTP bins on top of them will also need to be merged since the two can't exist independently, and share a single DTLS connection. Some complexity is added by the fact that RTCP may or may not be muxed, and this must be handled appropriately. I've illustrated what the bins might look like at: http://arunraghavan.net/downloads/misc/dtls-refactor.txt
  5. Evaluate using the srtp-encode/decoder interface on rtpbin with the erdtlssrtpbin -- this might make it easier to handle DTLS/SRTP on the application side, but does need some thought for all the various special cases (optional presence of DTLS, RTCP muxing, etc.). Moreover, making the DTLS data available, as well as making sure both send and receive channels are created even in a unidirectional stream might pose some additional challenges.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions