IETF Logo Mail Archive

Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard

Bernard Aboba <bernard.aboba@gmail.com> Sat, 02 February 2019 06:21 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 406E3131004; Fri, 1 Feb 2019 22:21:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oyuep9SIGntm; Fri, 1 Feb 2019 22:21:36 -0800 (PST)
Received: from mail-vs1-xe44.google.com (mail-vs1-xe44.google.com [IPv6:2607:f8b0:4864:20::e44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEE34130EB8; Fri, 1 Feb 2019 22:21:35 -0800 (PST)
Received: by mail-vs1-xe44.google.com with SMTP id e7so5635298vsc.2; Fri, 01 Feb 2019 22:21:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ai/YcJt0LWdXIT8yWDm4mxXdQrSg1xd0TlM3HVjY3ZY=; b=Zj6k2DDrdTA2nzwDJj1fv1ogjWdOTS/A0ypxz+ber0bUCV0K6kuIPsjI+darH8txJA JT6/MVP0hiz5iGIamCrQM84RH2yWAEuZlbVCKN9AkmQD1KGcCPTWnDzs91O6JLbEo4NJ 6dEJAcFbjBOZkKAAlwnPIfvChQWjtMU4gVrws6fKGaGp9wexIob1bTr3e90WojJIuGmA Mvw3DMcit0r1CdZ8TwOBaAAXEXK5/pRouHHMCntekgq2lK0OtC/SzCkyjNv8toc8Ehkl dbtz/blkKt8gEDqT6Cpr9E7vEl10p0Od5CLRjhoQCU/8VObn/Q0VhYWE4fjVsoDQTDiO t65w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ai/YcJt0LWdXIT8yWDm4mxXdQrSg1xd0TlM3HVjY3ZY=; b=Kewm2iNPR+Bs3ypB2h0GbgPwA+sXPbsOG9SKjOXrpUnoQ6fFVyN6B4tkQdKM3a+VFC iFyfH+hYJAPIPPsa2jr+FZ8xiVJEmxBKSSADuimWLvgqrH6OV/duX88gTE9VoqNvtrHH nT6OoC1tNmfIp0MJIEA/ibrn42+DR0OjNyKSbL1eYhD2nk89b1KRK3iDWD/0+vp/SmEg W5/QX3867Q1rAwM/WSBWj7zt+dduSCS99MiXSTGF42Gj3+IRiapysbIRCAEjq0qQMK8W G90PIwK00uuDZf2FbketM852W5RPrZssnJn8z3SlrYma/mxxPjNlZHndNaiXSblRwF1X +49A==
X-Gm-Message-State: AJcUukfMb4+Q8hHRlT+Lv7dqbcpGOV4X7F9NdRUUVdWO+iSHRppEwEoQ JwR42NRzMMTr+mRSfVuZJ5JtDgXuv3T1CrEu55eAL2yN
X-Google-Smtp-Source: ALg8bN4zJ9eR8jepAA+PL67SnESxW6HBHTAlC6iVf6D5oG43ew5j+KSY4VjGu7qaQ7LT2Imtcr8B4d/h6URj/ehORB0=
X-Received: by 2002:a67:de97:: with SMTP id r23mr18178193vsk.127.1549088494438; Fri, 01 Feb 2019 22:21:34 -0800 (PST)
MIME-Version: 1.0
References: <154889546931.10496.2408974719921724953.idtracker@ietfa.amsl.com> <CAOW+2dui_imxyysOCrtdH7OiDcbooi83qtCDifEY3HQ6MpigWA@mail.gmail.com> <CAL02cgSip2cLr8a1+zfK2cg+n8gqUMc9CKPmb7mWd2iLSiRf-g@mail.gmail.com> <8e40d0db-cacb-db93-f2fe-db5b4a7cf7cf@gmail.com>
In-Reply-To: <8e40d0db-cacb-db93-f2fe-db5b4a7cf7cf@gmail.com>
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Sat, 02 Feb 2019 01:29:08 -0500
Message-ID: <CAOW+2dtxnSYOPPWxodN633O=dPOQaUnu7eYvgUYkPYRt6iWbaw@mail.gmail.com>
Subject: Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard
To: perc@ietf.org, IETF discussion list <ietf@ietf.org>
Cc: Emad Omara <emadomara@google.com>, Sergio Garcia Murillo <sergio.garcia.murillo@cosmosoftware.io>, Emil Ivov <emcho@jitsi.org>, "hta@google.com" <hta@google.com>, Alexandre GOUAILLARD <alex.gouaillard@cosmosoftware.io>
Content-Type: multipart/alternative; boundary="0000000000006fd0fe0580e34585"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/D40r2I-sbKuBzi_KK9Kn0DhZ_mo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Feb 2019 06:21:38 -0000

Richard said:

"Again, the answer is clear here, but the document should be clearer.  The
working group discussed SSRC rewriting several times, and concluded that
SSRC rewriting could not be allowed in this system.  This decision is
reflected, e.g., in the fact that the Double transform does not allow
modification of SSRCs."

[BA]  Not being able to rewrite SSRCs has some major implications with
respect to requirements on PERC endpoints.  Typically today's MDD will
switch between the simulcast streams provided by an endpoint, forwarding
only a single stream to other participants, based on the bandwidth,
resolution and framerates.  If rewriting of SSRCs is not possible, do PERC
endpoints need to be able to receive simulcast? If PERC endpoints do need
to be able to receive simulcast, what are the requirements for endpoints?
For example, should endpoints expect the MDD to use RID header extensions
to identify the incoming simulcast streams?

Receiving of simulcast is tricky because the endpoint is receiving multiple
streams with different sequence number spaces which may contain holes
because of reordering or loss. This not only complicates the application of
RTX, RED and FEC, but also the operation of the endpoint.  As a result, as
noted in the WEBRTC specification Section 5.4.1, support for reception of
simulcast is optional. I am aware of two ORTC implementations that have
attempted to support simulcast reception, neither of which is robust in
scenarios with considerable loss and/or reordering.  And neither
implementation supports the RID header extension on received simulcast
streams.




On Fri, Feb 1, 2019 at 12:23 PM Sergio Garcia Murillo <
sergio.garcia.murillo@gmail.com> wrote:

> On 01/02/2019 17:18, Richard Barnes wrote:
>
> So I would propose we add something like the following to this definition:
>
> "In the context of WebRTC, where control of a session is divided between a
> JavaScript application and a browser, the browser acts as the Trusted
> Endpoint for purposes of this framework (just as it acts as the endpoint
> for DTLS-SRTP in one-to-one calls).
>
>
> If we decide to adopt perc (big if) in webrtc, shouldn't this be defined
> within the https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-17
> doc ?
>
>
>    Optimally, we would not rely on trust in any entities other than the
>    browser.  However, this is unfortunately not possible if we wish to
>    have a functional system.  Other network elements fall into two
>    categories: those which can be authenticated by the browser and thus
>    can be granted permissions to access sensitive resources, and those
>    which cannot be authenticated and thus are untrusted.
>
>
> WebRTC already IdP as trusted for identity purposes, so it should be up to
> the RTCWEB group to decide what is a trusted endpoint and what is not in
> webrtc. As Bernard is stating, we could decide that there are other key
> management solutions trusted (even in JS or WASM), as for for example is
> being done in EME:
>
>
> https://github.com/WICG/media-capabilities/blob/master/explainer.md#encryption
>
> Best regards
>
> Sergio
> _______________________________________________
> Perc mailing list
> Perc@ietf.org
> https://www.ietf.org/mailman/listinfo/perc
>

v2.23.0 | Report a Bug | By Email