RE: Early arriving media before 200 OK

["Dan Wing" <dwing@xxxxxxxxx>]

...
> I agree that this is a concern--though not as serious a one as you
> seem to believe (see S 8.4 of draft-fischl-sipping-media-dtls-01)
> but it can be ameliorated in a number of ways.
> 
> 1. If ICE is being used it's not an issue at all.
> 2. We can have the SDP offer include a randomly-generated key which
>    is used to key TLS PSK mode.

#2 would essentially re-invent Security Descriptions, wouldn't it?

Another technique is to stick the DTLS cookie into SDP 
(http://tools.ietf.org/html/rfc4347#section-4.2.1).  Or, if the
DTLS cookie is sacrosanct for DoS, an additional cookie could
be defined.

-d

> I don't have a problem considering the addition of the second
> feature to the SDP once we get the rest of the SDP details worked
> out.
> 
> -Ekr
> 
> 
>