Is the future of WebRTC in IoT?

If conference titles are anything to go by IoT and WebRTC are both big things at the moment. If you look at Hackathon output, WebRTC and IoT things seem practically coincident (disclaimer: at my day job, we did a drone WebRTC hack at TadHack London this year). Everyone is talking about WebRTC and IoT in the same sentence, but how relevant is WebRTC to real life IoT applications?

WebRTC is really just a clever collection of on the wire Internet protocols and driver implementations to capture high quality real time media streams and move them between peer devices reliably and securely. It scavenges suitable connectivity by adapting paths to the network environment it finds itself in and does this securely by using mandatory cryptography and consent tokens. WebRTC is also a standardised Javascript API (hence the Web bit), but the wire implementation and web browser interface are separable to the extent that it is possible to fully use WebRTC as a transport with a browser at one end only, or even with no browsers involved at all.

The media part of WebRTC sits behind an API called PeerConnection which can be hooked to local media sources by a browser or application to send things like audio, camera output, screen captures etc to any peer device it can get packets to. Without going into too much boring detail, WebRTC includes lots of smarts to get those media streams as reliably as is currently possible between clients, through Internet roadblocks like NAT, firewalls, limited bandwidth connections etc.

On top of PeerConnection, WebRTC also has DataChannels which can be used to move blobs of data for things like text, binary files etc around using the same “go anywhere connections.

Security is a big part of WebRTC, and as long as the control channel you are using is secure then it is very hard indeed for a third party to snoop either peer to peer media or data.

This thing about control channel is important, WebRTC doesn’t in any way help with how the two peers find each other in the first place, or indeed how they communicate all of the information which allows them to subsequently setup a peerConnection. To do this, a signalling protocol is needed and that is something that WebRTC stays out of. The underlying application architecture has to provide this signalling between the two ends in order to bootstrap the WebRTC connection. Typically this is done by having both parties to a WebRTC session contact a third party server in the first instance to log their connection request and pass parameters between each other via this trusted third party. The signalling protocol and associated servers also typically handle all of the authentication and pass tokens that allow the communicating devices to know they are talking to the right party. Providing a secure signalling protocol is therefore something that is key to the operation of WebRTC. If it isn’t there, PeerConnections can’t be established, and if it is insecure then any security or confidentiality of the subsequent WebRTC conversations is an illusion.

The “NAT busting” features of WebRTC, combined with it’s inherent security may make it a suitable technology for communication between legions of small IoT devices all on diverse scavenged connectivity. WebRTC is clever, if two devices are on the same connectivity it will find the best connection that links them, for example using the local LAN to pass data rather than communicating all the way back to a central server. If devices are behind simple NAT routers then its protocols can find ways of engineering two way direct communication through these and, if all else fails, as a last resort will fall back to centralised relay servers. The latter are expensive to provide at scale and therefore unattractive to application providers but a lot better than no communication in circumstances where this is the only way things will work!

It is however a great big sledgehammer and, because of all the code to do network probing, it’s behaviour is dynamic and adaptive which means it works very well lots of the time, but is really quite hard to debug when it doesn’t. If all you need is a bit of command and control, or a transfer mechanism for any amount of non media data to central servers then it is highly unlikely that WebRTC will add any value to your IoT communication architecture.

Remember that signalling protocol? In order to use WebRTC you need to have established a secure, asynchronous communication mechanism between all of your clients and central servers anyway. In 2015 this is likely to be WebSockets, or perhaps a raw TCP connection or UDP transaction protocol. If your application needs you to pass any amount of data client/server, or small amounts of non-timely client/client data then you don’t actually need the overhead of WebRTC, just send your peer data directly via the signalling server.

The only time that WebRTC starts to earn it lunch is when you need to pass non-trivial amounts of data peer to peer without hitting central servers, or need to pass bandwidth hungry real time media streams across the Internet. IoT devices with video cameras will certainly have a use for WebRTC, but would you incorporate DataChannel just to do command and control when you already need to have a signalling protocol in place in order to bootstrap it? As a party piece at a Hackathon maybe but in real life perhaps not.