Re: [Ice] TLS Candidates
"Pal Martinsen (palmarti)" <palmarti@cisco.com> Tue, 24 January 2017 11:57 UTC
Return-Path: <palmarti@cisco.com>
X-Original-To: ice@ietfa.amsl.com
Delivered-To: ice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09B8B129581 for <ice@ietfa.amsl.com>; Tue, 24 Jan 2017 03:57:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.721
X-Spam-Level:
X-Spam-Status: No, score=-17.721 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-3.199, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id haZcseP2v5U0 for <ice@ietfa.amsl.com>; Tue, 24 Jan 2017 03:57:36 -0800 (PST)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C68E41294F8 for <ice@ietf.org>; Tue, 24 Jan 2017 03:57:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1204; q=dns/txt; s=iport; t=1485259055; x=1486468655; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=OQeFvjCfhNycTE3ADUcX/POV0E+Sn4mTJ/eM28xr1Pk=; b=BmQTTvG4EYPRJJhYIR2gEVf2iyjQtWU2C1db5SNhZfJegAwMbwTlA68E jSwoK7JTrEx39lsn6IsNlTBQCntVibzcNCWu+IR1lXKdOVIi/A3qvvuon EPDTdoiP7OD4AYjAfpSFcqskhJR2FYIBjKStDjO6kj+xlOMBOBKMjp704 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CoBABCQIdY/4ENJK1bAxkBAQEBAQEBAQEBAQcBAQEBAYM0AQEBAQEfYIEJB4NMm3AflzsihgACGoF6QhUBAgEBAQEBAQFiKEIOhBkBAQEDASMRRQULAgEIDgoCAiYCAgIwFRACBA4FiRIIrVWCJYpbAQEBAQEBAQEBAQEBAQEBAQEBAQEBGAWBC4VAggUIgmKESRcKJoI/LoIxBZtNAYZhiwqQbpJ2ATUigUgVSgGGKHODWIJwgQ0BAQE
X-IronPort-AV: E=Sophos;i="5.33,278,1477958400"; d="scan'208";a="375027374"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 24 Jan 2017 11:57:35 +0000
Received: from XCH-RTP-016.cisco.com (xch-rtp-016.cisco.com [64.101.220.156]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id v0OBvYKv032003 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 24 Jan 2017 11:57:35 GMT
Received: from xch-rtp-019.cisco.com (64.101.220.159) by XCH-RTP-016.cisco.com (64.101.220.156) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 24 Jan 2017 06:57:34 -0500
Received: from xch-rtp-019.cisco.com ([64.101.220.159]) by XCH-RTP-019.cisco.com ([64.101.220.159]) with mapi id 15.00.1210.000; Tue, 24 Jan 2017 06:57:33 -0500
From: "Pal Martinsen (palmarti)" <palmarti@cisco.com>
To: Simon Perreault <sperreault@jive.com>
Thread-Topic: [Ice] TLS Candidates
Thread-Index: AQHSda7kVoaWhrafREGY+pScEtsCSKFGypKAgAAH2YCAAQgggA==
Date: Tue, 24 Jan 2017 11:57:33 +0000
Message-ID: <C122DFC2-8E59-4796-AA75-90A6072CFA33@cisco.com>
References: <148491768993.13355.16722423940569276403.idtracker@ietfa.amsl.com> <9731EE32-8E08-447A-B028-A9B57ADD1A99@cisco.com> <CAD5OKxv2oHX26SR6TNu1SoQnJmF2JAbento77q2Mw72ZSg7sLw@mail.gmail.com> <d3f8ccfe-4e69-1a89-bce9-0ea7dcaac976@jive.com>
In-Reply-To: <d3f8ccfe-4e69-1a89-bce9-0ea7dcaac976@jive.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.61.211.89]
Content-Type: text/plain; charset="utf-8"
Content-ID: <00C300B6907BE54B8DEA23927DCE1C77@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ice/_3BdaaEHyS2TVeosEvvPYjN5zwg>
Cc: Roman Shpount <roman@telurix.com>, "ice@ietf.org" <ice@ietf.org>
Subject: Re: [Ice] TLS Candidates
X-BeenThere: ice@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interactive Connectivity Establishment \(ICE\)" <ice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ice>, <mailto:ice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ice/>
List-Post: <mailto:ice@ietf.org>
List-Help: <mailto:ice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ice>, <mailto:ice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2017 11:57:37 -0000
> On 23 Jan 2017, at 21:12, Simon Perreault <sperreault@jive.com> wrote: > > Le 2017-01-23 à 14:44, Roman Shpount a écrit : >> This is something we are interested in as well. We had looked at TLS ICE >> candidates to help traverse some of the more restrictive firewalls. > > Interesting! > > Pål-Erik, is your use case also about firewall traversal? Yes. Main use-case is where we terminate media at a ICE-lite node and do not want to use a TURN relay. (In this case we do not want the extra complexity running a set of TURN servers gives us) A lot of enterprises seems to lock down to TLS 443 and even a HTTP proxy. (Proxies are briefly mentioned in the draft) .-. Pål-Erik > > -- > Simon Perreault > Director of Engineering, Platform | Jive Communications, Inc. > https://jive.com | +1 418 478 0989 ext. 1241 | sperreault@jive.com
- [Ice] TLS Candidates Pal Martinsen (palmarti)
- Re: [Ice] TLS Candidates Roman Shpount
- Re: [Ice] TLS Candidates Simon Perreault
- Re: [Ice] TLS Candidates Pal Martinsen (palmarti)
- Re: [Ice] TLS Candidates Peter Thatcher
- Re: [Ice] TLS Candidates Roman Shpount
- Re: [Ice] TLS Candidates Bernard Aboba
- Re: [Ice] TLS Candidates Bernard Aboba
- Re: [Ice] TLS Candidates Pal Martinsen (palmarti)
- Re: [Ice] TLS Candidates Ari Keränen