This is actually a WebRTC thing.

It seems more like a Feature Request. Untriaged this issue so that it get's addressed.

Thanks

Assigning to pthatcher@ for further triage.

Is there anything blocking this technically, compatibility wise. 

It would be get it out as the default now. 

Emad, can you be the owner of this?



I think there are two ways we could do this:

A.  Let the app opt into GCM.  It could be in PeerConnection::SetConfiguration or in PC::CreateOffer and PC::CreateAnswer.  Either way, code would need to set session_options.crypto_options.enable_gcm_crypto_suites in both PeerConnection::GetOptionsForOffer and PeerConnection::GetOptionsForAnswer.  At the Web API level, this would be field in either RTCConfig or RTCOfferAnswerOptions.  

Pros: no risk to existing users of WebRTC
Cons: non-standard, more work, no one benefits unless they opt-in


B.  Put this line behind an experiment rather than a flag and slowly roll out the experiment:

https://cs.chromium.org/chromium/src/content/renderer/media/webrtc/peer_connection_dependency_factory.cc?type=cs&sq=package:chromium&l=267


Pros: isn't non-standard, less work, everyone benefits
Cons: more risk



I'm inclined to B.  Emad, what do you think?

thx for updating the ticket Peter. 
Emad, do you have any advice / plan, wrt this?

Thx so much.

Is there anything that could be done externally (i.e. provide CLs) to help move this forward?

I am going to add an option to disable GCM cipher suites from prior applications if they wish. This is implemented in native I will add Java and Objective-C bindings and then we can move to enable it by default. 

The following revision refers to this bug:
  https://webrtc.googlesource.com/src.git/+/d0136b8afba4b4ed68c39f9d50c5a787d8bc3ba8

commit d0136b8afba4b4ed68c39f9d50c5a787d8bc3ba8
Author: Benjamin Wright <benwright@webrtc.org>
Date: Wed Jul 18 18:10:26 2018

Added API to Objective-C PeerConnectionFactoryOptions to enable GCM Ciphers.

This changeset adds the ability for API users to enable or disable GCM Cipher
suites from objective-c.

Bug: chromium:713701
Change-Id: I0ac7b60f55dd56bebbcfb315a542ef4843099802
Reviewed-on: https://webrtc-review.googlesource.com/89263
Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24028}
[modify] https://crrev.com/d0136b8afba4b4ed68c39f9d50c5a787d8bc3ba8/sdk/objc/Framework/Classes/PeerConnection/RTCPeerConnectionFactoryOptions.mm
[modify] https://crrev.com/d0136b8afba4b4ed68c39f9d50c5a787d8bc3ba8/sdk/objc/Framework/Headers/WebRTC/RTCPeerConnectionFactoryOptions.h

The following revision refers to this bug:
  https://webrtc.googlesource.com/src.git/+/702f4da4b9f12d8e15ba5a802d86a42017036bb0

commit 702f4da4b9f12d8e15ba5a802d86a42017036bb0
Author: Benjamin Wright <benwright@webrtc.org>
Date: Wed Jul 18 22:20:40 2018

Adds flag to enable AES_GCM from the Java API.

This changeset allows Java API users to enable or disable AES_GCM from the
PeerConnectionFactory.

Bug: chromium:713701
Change-Id: I8798e4eeb6907f8e16a646bfb8a20db510f960c8
Reviewed-on: https://webrtc-review.googlesource.com/89260
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24030}
[modify] https://crrev.com/702f4da4b9f12d8e15ba5a802d86a42017036bb0/sdk/android/api/org/webrtc/PeerConnectionFactory.java
[modify] https://crrev.com/702f4da4b9f12d8e15ba5a802d86a42017036bb0/sdk/android/src/jni/pc/peerconnectionfactory.cc

I agree with #7 option B. Since both clients need to support this for it to work everyone just gets AES_GCM by default if both parties support it. However we should be careful to correctly announce this change and allow users to opt out of it if they wish through RTCConfiguration.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c0419ddbcbef45e6966ac1dbf28663bd68c8f1b0

commit c0419ddbcbef45e6966ac1dbf28663bd68c8f1b0
Author: webrtc-chromium-autoroll <webrtc-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Date: Sun Jul 22 06:08:49 2018

Roll src/third_party/webrtc 881fe53d1fae..0c3ad73948e4 (46 commits)

https://webrtc.googlesource.com/src.git/+log/881fe53d1fae..0c3ad73948e4


git log 881fe53d1fae..0c3ad73948e4 --date=short --no-merges --format='%ad %ae %s'
2018-07-21 buildbot@webrtc.org Roll chromium_revision 86c90e3417..5e7b1029e2 (576937:577041)
2018-07-20 benwright@webrtc.org Adds SSLCertificateVerifier to the Java API.
2018-07-20 mbonadei@webrtc.org Enable clang::find_bad_constructs for sdk/android (part 1/2).
2018-07-20 buildbot@webrtc.org Roll chromium_revision 7002a7d325..86c90e3417 (576827:576937)
2018-07-20 aleloi@webrtc.org Reset level estimator when analog gain changes.
2018-07-20 mbonadei@webrtc.org Enable clang::find_bad_constructs for audio_coding (part 1/2).
2018-07-20 mbonadei@webrtc.org Enable clang::find_bad_constructs for api/video/test.
2018-07-20 mbonadei@webrtc.org Enable clang::find_bad_constructs for rtc_tools (part 1/2).
2018-07-20 buildbot@webrtc.org Roll chromium_revision bc3d35fc98..7002a7d325 (576524:576827)
2018-07-20 mbonadei@webrtc.org Enable clang::find_bad_constructs for remote_bitrate_estimator.
2018-07-19 qingsi@google.com Remove MetricsObserverInterface.
2018-07-19 mbonadei@webrtc.org Enabling clang::find_bad_constructs for desktop_capture.
2018-07-19 braveyao@webrtc.org [Window capture] filter out sibling windows with same title.
2018-07-19 mbonadei@webrtc.org Reland "Removing unneeded dependency."
2018-07-19 buildbot@webrtc.org Roll chromium_revision ecaca1be48..bc3d35fc98 (576410:576524)
2018-07-19 oprypin@webrtc.org Follow "Migrate the Android Support Lib to android_deps" from Chromium
2018-07-19 yvesg@webrtc.org Expose audio codec factories in libwebrtc.
2018-07-19 aleloi@webrtc.org Fuzzer finds fixedpoint failure.
2018-07-19 mbonadei@webrtc.org Enabling clang::find_bad_constructs for libjingle_peerconnection_api.
2018-07-19 stefan@webrtc.org Rename PayloadRouter to RtpVideoSender.
2018-07-19 mbonadei@webrtc.org Enabling clang::find_bad_constructs in modules/BUILD.gn.
2018-07-19 buildbot@webrtc.org Roll chromium_revision 6374eaa6aa..ecaca1be48 (576310:576410)
2018-07-19 mbonadei@webrtc.org Clean up unneeded includes in common_video/BUILD.gn.
2018-07-19 mbonadei@webrtc.org Clean up unneeded includes in common_audio/BUILD.gn.
2018-07-19 mbonadei@webrtc.org Clean up unneeded includes in audio_device/BUILD.gn.
2018-07-19 buildbot@webrtc.org Roll chromium_revision 9e818a5aef..6374eaa6aa (576197:576310)
2018-07-19 hta@webrtc.org Add UMA metric for ICE candidate addition outcome
2018-07-19 jeroendb@webrtc.org Added explicit EOR to sctp messages and coalesce messages on the receiving side.
2018-07-18 benwright@webrtc.org Adds flag to enable AES_GCM from the Java API.
2018-07-18 buildbot@webrtc.org Roll chromium_revision 7e9fce12da..9e818a5aef (576093:576197)
2018-07-18 benwright@webrtc.org Added API to Objective-C PeerConnectionFactoryOptions to enable GCM Ciphers.
2018-07-18 buildbot@webrtc.org Roll chromium_revision 9159e523ff..7e9fce12da (575979:576093)
2018-07-18 mbonadei@webrtc.org Cleanup unneeded includes in audio_coding/BUILD.gn.
2018-07-18 sakal@webrtc.org Allow calling SoftwareVideoDecoderFactory#createDecoder(String).
2018-07-18 orphis@webrtc.org Implement changing degradation preference with setParameters()
2018-07-18 mbonadei@webrtc.org Revert "Removing unneeded dependency."
2018-07-18 stefan@webrtc.org Properly clean up RtpVideoSender.
2018-07-18 terelius@webrtc.org Limit BWE reductions before first measured throughput.
2018-07-18 mbonadei@webrtc.org Enabling clang::find_bad_constructs for modules/pacing.
2018-07-18 mbonadei@webrtc.org Removing unneeded dependency.
2018-07-18 mbonadei@webrtc.org Enabling clang::find_bad_constructs for common_video.
2018-07-18 mbonadei@webrtc.org Removing clang:find_bad_constructs from logging (part 1).
2018-07-18 mbonadei@webrtc.org Revert "Remove linux_internal_compile_lite from CQ."
2018-07-18 mbonadei@webrtc.org Adding oprypin to infra/config/OWNERS.
2018-07-18 buildbot@webrtc.org Roll chromium_revision 9ec8cfdbc9..9159e523ff (575625:575979)
2018-07-18 ilnik@webrtc.org Reland "Enable simulcast screenshare by default"


Created with:
  gclient setdep -r src/third_party/webrtc@0c3ad73948e4

The AutoRoll server is located here: https://webrtc-chromium-roll.skia.org

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, please contact the current sheriff, who should
be CC'd on the roll, and stop the roller if necessary.

CQ_INCLUDE_TRYBOTS=luci.chromium.try:linux_chromium_archive_rel_ng;master.tryserver.chromium.mac:mac_chromium_archive_rel_ng

BUG=chromium:None,chromium:None,chromium:None,chromium:865193,chromium:None,chromium:864883,chromium:None,chromium:None,chromium:713701,chromium:None,chromium:713701,chromium:None,chromium:None,chromium:None,chromium:None,chromium:690537
TBR=webrtc-chromium-sheriffs-robots@google.com

Change-Id: I761335ea240c6da495ddad33ad073d42bd446453
Reviewed-on: https://chromium-review.googlesource.com/1146084
Reviewed-by: webrtc-chromium-autoroll <webrtc-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Commit-Queue: webrtc-chromium-autoroll <webrtc-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#577089}
[modify] https://crrev.com/c0419ddbcbef45e6966ac1dbf28663bd68c8f1b0/DEPS

What's the status here?