Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard
Emil Ivov <emcho@jitsi.org> Sat, 02 February 2019 09:19 UTC
Return-Path: <emcho@jitsi.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDF4F130E95 for <ietf@ietfa.amsl.com>; Sat, 2 Feb 2019 01:19:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.042
X-Spam-Level:
X-Spam-Status: No, score=-2.042 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jitsi-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g2VhH1sXtMGA for <ietf@ietfa.amsl.com>; Sat, 2 Feb 2019 01:19:19 -0800 (PST)
Received: from mail-ua1-x943.google.com (mail-ua1-x943.google.com [IPv6:2607:f8b0:4864:20::943]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5215112872C for <ietf@ietf.org>; Sat, 2 Feb 2019 01:19:19 -0800 (PST)
Received: by mail-ua1-x943.google.com with SMTP id e16so2985944uam.12 for <ietf@ietf.org>; Sat, 02 Feb 2019 01:19:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jitsi-org.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vBBXrfau2o2oIk0QdV2xwS+1EDHO857aP/9qM+dHMYs=; b=1F+VgbRtT4/noNXgIBuJ4HeBBpRaOkFRfWs5UQG2+QicxPnmwdSBBGQr11meUcCpp0 pAp/BLv59texlL0o+HzaLRB84Lj9+lbdnukw6IrjdGUUWVt1dPK71gYheta1QQ0UTVXS MWAixUHPzr/gaU2tjbpaPRLjo/qnS0olMeyoSl4NdwGwUT6iDnB0GGtQfY3G/fcreDy9 4CX4cNgDPHAO47xDSY19n7v3Zsgo8m6XDho1n6mNY/h8qTBJavY8fNjxur0rOQMEgt/V nmSXUG/ZSA23lmEkf9BwfDTChQYqN19+M5wBxINfeEEakhvA8ySZisn7niWo8wOEhjGY lG4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vBBXrfau2o2oIk0QdV2xwS+1EDHO857aP/9qM+dHMYs=; b=mT35rZyYpEsd/m6N/fw8Yj2pPydWR4pfi3/svnltC07unfFsiJKigT7iWLuEKmt/A8 Fq4raBVOT5Ap2/LURldKqd5O5ubsVkCoEs7AGjTPMD71XFLO4PIpb9D3+JVHX6ovebPE CgpyebJM5XVIH2OSs16Z3dH0fNFOKb9aufxvv/J8MhLXl7c0idkyiynZYc+atiPYfUkU i1gXl1WSHOQsMFPYWHWYeEAgtQwh+3WzuDpq+xciT1Jl7x5ApDWGpNRp7n1pM/RutcBr 8CG8dUe3BEdnh3HsgLgQgRAyV7OShZdQ3hxJaa2QZjHQ0lvu9NIvQJmadI9ff4sgLaxW WxhQ==
X-Gm-Message-State: AJcUukctUJF7TwLXLsnx6RoBiBI2GOYLLrAcHpLycrXID+Lf/8YavhaY bjTMC47al7jX4+UYy2EKZY89j03zV053TmgcdFeXOQ==
X-Google-Smtp-Source: ALg8bN6ATeKYKklC/ZcJ2yHMTFqCnBViub2ugYfotRIg34ZdWu/vCGKFJzpYfe3DMsYuCOG6lQD5BKmdGvSIKLd/0Qw=
X-Received: by 2002:a9f:2b44:: with SMTP id q4mr17207346uaj.126.1549099158043; Sat, 02 Feb 2019 01:19:18 -0800 (PST)
MIME-Version: 1.0
References: <154889546931.10496.2408974719921724953.idtracker@ietfa.amsl.com> <CAOW+2dui_imxyysOCrtdH7OiDcbooi83qtCDifEY3HQ6MpigWA@mail.gmail.com> <CAL02cgSip2cLr8a1+zfK2cg+n8gqUMc9CKPmb7mWd2iLSiRf-g@mail.gmail.com> <8e40d0db-cacb-db93-f2fe-db5b4a7cf7cf@gmail.com> <CAOW+2dtxnSYOPPWxodN633O=dPOQaUnu7eYvgUYkPYRt6iWbaw@mail.gmail.com>
In-Reply-To: <CAOW+2dtxnSYOPPWxodN633O=dPOQaUnu7eYvgUYkPYRt6iWbaw@mail.gmail.com>
From: Emil Ivov <emcho@jitsi.org>
Date: Sat, 02 Feb 2019 09:19:06 +0000
Message-ID: <CAPvvaaK_VUXvy2=1TBGfBWWYxiBdXBzuR=Y-rnAdJyg=M8OfQQ@mail.gmail.com>
Subject: Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard
To: Bernard Aboba <bernard.aboba@gmail.com>
Cc: Alexandre GOUAILLARD <alex.gouaillard@cosmosoftware.io>, Emad Omara <emadomara@google.com>, IETF discussion list <ietf@ietf.org>, Sergio Garcia Murillo <sergio.garcia.murillo@cosmosoftware.io>, "hta@google.com" <hta@google.com>, perc@ietf.org
Content-Type: multipart/alternative; boundary="00000000000009a0550580e5c11a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/WmAA3S3x9aRFGWW_dhZmglJ2J5w>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Feb 2019 09:19:22 -0000
I want to second that as it is a particularly major problem: not allowing SSRC rewriting makes the entire framework unusable with SFU implementation I represent as well as every other SFU I am familiar with. I am also not sure that I agree with “SSRC rewriting could not be allowed” is a conclusion that ever had any consensus in PERC, regardless of what WG leadership is trying to make everyone believe. On Sat 2 Feb 2019 at 06:21, Bernard Aboba <bernard.aboba@gmail.com> wrote: > Richard said: > > "Again, the answer is clear here, but the document should be clearer. > The working group discussed SSRC rewriting several times, and concluded > that SSRC rewriting could not be allowed in this system. This decision is > reflected, e.g., in the fact that the Double transform does not allow > modification of SSRCs." > > [BA] Not being able to rewrite SSRCs has some major implications with > respect to requirements on PERC endpoints. Typically today's MDD will > switch between the simulcast streams provided by an endpoint, forwarding > only a single stream to other participants, based on the bandwidth, > resolution and framerates. If rewriting of SSRCs is not possible, do PERC > endpoints need to be able to receive simulcast? If PERC endpoints do need > to be able to receive simulcast, what are the requirements for endpoints? > For example, should endpoints expect the MDD to use RID header extensions > to identify the incoming simulcast streams? > > Receiving of simulcast is tricky because the endpoint is receiving > multiple streams with different sequence number spaces which may contain > holes because of reordering or loss. This not only complicates the > application of RTX, RED and FEC, but also the operation of the endpoint. > As a result, as noted in the WEBRTC specification Section 5.4.1, support > for reception of simulcast is optional. I am aware of two ORTC > implementations that have attempted to support simulcast reception, neither > of which is robust in scenarios with considerable loss and/or reordering. > And neither implementation supports the RID header extension on received > simulcast streams. > > > > > On Fri, Feb 1, 2019 at 12:23 PM Sergio Garcia Murillo < > sergio.garcia.murillo@gmail.com> wrote: > >> On 01/02/2019 17:18, Richard Barnes wrote: >> >> So I would propose we add something like the following to this >> definition: >> >> "In the context of WebRTC, where control of a session is divided between >> a JavaScript application and a browser, the browser acts as the Trusted >> Endpoint for purposes of this framework (just as it acts as the endpoint >> for DTLS-SRTP in one-to-one calls). >> >> >> If we decide to adopt perc (big if) in webrtc, shouldn't this be defined >> within the https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-17 >> doc ? >> >> >> Optimally, we would not rely on trust in any entities other than the >> browser. However, this is unfortunately not possible if we wish to >> have a functional system. Other network elements fall into two >> categories: those which can be authenticated by the browser and thus >> can be granted permissions to access sensitive resources, and those >> which cannot be authenticated and thus are untrusted. >> >> >> WebRTC already IdP as trusted for identity purposes, so it should be up >> to the RTCWEB group to decide what is a trusted endpoint and what is not in >> webrtc. As Bernard is stating, we could decide that there are other key >> management solutions trusted (even in JS or WASM), as for for example is >> being done in EME: >> >> >> https://github.com/WICG/media-capabilities/blob/master/explainer.md#encryption >> >> Best regards >> >> Sergio >> _______________________________________________ >> Perc mailing list >> Perc@ietf.org >> https://www.ietf.org/mailman/listinfo/perc >> > -- sent from my mobile
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Richard Barnes
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Emil Ivov
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Lorenzo Miniero
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Alexandre GOUAILLARD
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Emil Ivov
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Emil Ivov
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Emil Ivov
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Emil Ivov
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Nils Ohlmeier
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Emil Ivov
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Nils Ohlmeier
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Alexandre GOUAILLARD
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Cullen Jennings
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Cullen Jennings
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Emad Omara
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Sergio Garcia Murillo
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Emil Ivov
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Bernard Aboba
- Re: [Perc] Last Call: <draft-ietf-perc-private-me… Suhas Nandakumar