I checked WebRTC connection properties in Chrome and see it uses DTLS TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 cipher in WebRTC marked as weak on ciphersuite.info.
The questions are:
- Do I understand correctly it is marked as weak only because it does not support perfect forward secrecy?
- Do I understand correctly that perfect forward secrecy is not important for p2p connections?
- Is this cipher strong enough for WebRTC p2p connections?
Chrome typically uses TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 which conforms with the requirements from https://datatracker.ietf.org/doc/html/draft-ietf-rtcweb-security-arch-20#section-6.5
This can be verified e.g. by making a call on https://webrtc.github.io/samples/src/content/peerconnection/pc1/ and checking the cipherSuite on the transport statistics in chrome://webrtc-internals. When doing a wireshark dump and checking for the DTLS client hello (filtering for 'dtls' helps) you can see that Chrome only uses TLS_ECDHE and TLS_RSA ciphersuites. TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 is not in the client hello as far as I can see:
Perfect forward secrecy is important for p2p connections to disallow retroactive decryption.