IETF Logo Mail Archive

Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard

Lorenzo Miniero <lorenzo@meetecho.com> Sat, 02 February 2019 10:18 UTC

Return-Path: <lorenzo@meetecho.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F365012896A for <ietf@ietfa.amsl.com>; Sat, 2 Feb 2019 02:18:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.042
X-Spam-Level:
X-Spam-Status: No, score=-2.042 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=aruba.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xNU6LhhtT0aB for <ietf@ietfa.amsl.com>; Sat, 2 Feb 2019 02:18:20 -0800 (PST)
Received: from smtpcmd0871.aruba.it (smtpcmd0871.aruba.it [62.149.156.71]) by ietfa.amsl.com (Postfix) with ESMTP id 84F361292F1 for <ietf@ietf.org>; Sat, 2 Feb 2019 02:18:19 -0800 (PST)
Received: from [10.26.217.52] ([176.200.163.100]) by smtpcmd08.ad.aruba.it with bizsmtp id XmJG1z00J2AGvNQ01mJGiA; Sat, 02 Feb 2019 11:18:17 +0100
Date: Sat, 02 Feb 2019 11:18:15 +0100
User-Agent: K-9 Mail for Android
In-Reply-To: <CAPvvaaK_VUXvy2=1TBGfBWWYxiBdXBzuR=Y-rnAdJyg=M8OfQQ@mail.gmail.com>
References: <154889546931.10496.2408974719921724953.idtracker@ietfa.amsl.com> <CAOW+2dui_imxyysOCrtdH7OiDcbooi83qtCDifEY3HQ6MpigWA@mail.gmail.com> <CAL02cgSip2cLr8a1+zfK2cg+n8gqUMc9CKPmb7mWd2iLSiRf-g@mail.gmail.com> <8e40d0db-cacb-db93-f2fe-db5b4a7cf7cf@gmail.com> <CAOW+2dtxnSYOPPWxodN633O=dPOQaUnu7eYvgUYkPYRt6iWbaw@mail.gmail.com> <CAPvvaaK_VUXvy2=1TBGfBWWYxiBdXBzuR=Y-rnAdJyg=M8OfQQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----6RM9CLM5C75SWHUL47OUVJM53C4XYO"
Content-Transfer-Encoding: 7bit
Subject: Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard
To: perc@ietf.org, Emil Ivov <emcho@jitsi.org>, Bernard Aboba <bernard.aboba@gmail.com>
CC: Alexandre GOUAILLARD <alex.gouaillard@cosmosoftware.io>, IETF discussion list <ietf@ietf.org>, Emad Omara <emadomara@google.com>, "hta@google.com" <hta@google.com>, Sergio Garcia Murillo <sergio.garcia.murillo@cosmosoftware.io>
From: Lorenzo Miniero <lorenzo@meetecho.com>
Message-ID: <5486C91C-48EA-4AA1-85EE-05A0B01C1E70@meetecho.com>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aruba.it; s=a1; t=1549102697; bh=pWO6W7+Tv+OsRK7cyrtx4ZEs5oR/WsXXkt37gnsrJkM=; h=Date:MIME-Version:Content-Type:Subject:To:From; b=Nt2eCpxi7jaRgJWJ+Jc8e4EzP/MkMTg89lx3k7+tzMr34gP/UE3Jv4zpB+jk3GXpX +IUpAiBSeebbqsfwGyFqAfBNjD6SQ0p/BIr/9dSdAdiryTmHrZOaefxcBXR+tUa/Fc OGYY/FYe6SIsQtgeQoSu9ROUZj6pwvQD8dyQdeTU3oilFCSHUWHl0CJYfPQT+N3BKo RgC3nMHag3/rlnV026U2BPtsgt4tJabkP+C3CA4EZMFji5KCYdvEauFR8CAV9dutSr J4l7p97s6tFTZBOssj8DWl7x9TBqBkE6eQGYvxspe3clt9PUozDItrEBwIQhFAvVi0 Kb67gvPhrU0rA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/k0X1SxB8K3H1MMDcTgZxre0EUJo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Feb 2019 10:18:25 -0000

+1, SSRC rewriting is pretty much fundamental to all SFUs out there.

Lorenzo

Il 2 febbraio 2019 10:19:06 CET, Emil Ivov <emcho@jitsi.org> ha scritto:
>I want to second that as it is a particularly major problem: not
>allowing
>SSRC rewriting makes the entire framework unusable with SFU
>implementation
>I represent as well as every other SFU I am familiar with.
>
>I am also not sure that I agree with “SSRC rewriting could not be
>allowed”
>is a conclusion that ever had any consensus in PERC, regardless of what
>WG
>leadership is trying to make everyone believe.
>
>On Sat 2 Feb 2019 at 06:21, Bernard Aboba <bernard.aboba@gmail.com>
>wrote:
>
>> Richard said:
>>
>> "Again, the answer is clear here, but the document should be clearer.
>> The working group discussed SSRC rewriting several times, and
>concluded
>> that SSRC rewriting could not be allowed in this system.  This
>decision is
>> reflected, e.g., in the fact that the Double transform does not allow
>> modification of SSRCs."
>>
>> [BA]  Not being able to rewrite SSRCs has some major implications
>with
>> respect to requirements on PERC endpoints.  Typically today's MDD
>will
>> switch between the simulcast streams provided by an endpoint,
>forwarding
>> only a single stream to other participants, based on the bandwidth,
>> resolution and framerates.  If rewriting of SSRCs is not possible, do
>PERC
>> endpoints need to be able to receive simulcast? If PERC endpoints do
>need
>> to be able to receive simulcast, what are the requirements for
>endpoints?
>> For example, should endpoints expect the MDD to use RID header
>extensions
>> to identify the incoming simulcast streams?
>>
>> Receiving of simulcast is tricky because the endpoint is receiving
>> multiple streams with different sequence number spaces which may
>contain
>> holes because of reordering or loss. This not only complicates the
>> application of RTX, RED and FEC, but also the operation of the
>endpoint.
>> As a result, as noted in the WEBRTC specification Section 5.4.1,
>support
>> for reception of simulcast is optional. I am aware of two ORTC
>> implementations that have attempted to support simulcast reception,
>neither
>> of which is robust in scenarios with considerable loss and/or
>reordering.
>> And neither implementation supports the RID header extension on
>received
>> simulcast streams.
>>
>>
>>
>>
>> On Fri, Feb 1, 2019 at 12:23 PM Sergio Garcia Murillo <
>> sergio.garcia.murillo@gmail.com> wrote:
>>
>>> On 01/02/2019 17:18, Richard Barnes wrote:
>>>
>>> So I would propose we add something like the following to this
>>> definition:
>>>
>>> "In the context of WebRTC, where control of a session is divided
>between
>>> a JavaScript application and a browser, the browser acts as the
>Trusted
>>> Endpoint for purposes of this framework (just as it acts as the
>endpoint
>>> for DTLS-SRTP in one-to-one calls).
>>>
>>>
>>> If we decide to adopt perc (big if) in webrtc, shouldn't this be
>defined
>>> within the
>https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-17
>>> doc ?
>>>
>>>
>>>    Optimally, we would not rely on trust in any entities other than
>the
>>>    browser.  However, this is unfortunately not possible if we wish
>to
>>>    have a functional system.  Other network elements fall into two
>>>    categories: those which can be authenticated by the browser and
>thus
>>>    can be granted permissions to access sensitive resources, and
>those
>>>    which cannot be authenticated and thus are untrusted.
>>>
>>>
>>> WebRTC already IdP as trusted for identity purposes, so it should be
>up
>>> to the RTCWEB group to decide what is a trusted endpoint and what is
>not in
>>> webrtc. As Bernard is stating, we could decide that there are other
>key
>>> management solutions trusted (even in JS or WASM), as for for
>example is
>>> being done in EME:
>>>
>>>
>>>
>https://github.com/WICG/media-capabilities/blob/master/explainer.md#encryption
>>>
>>> Best regards
>>>
>>> Sergio
>>> _______________________________________________
>>> Perc mailing list
>>> Perc@ietf.org
>>> https://www.ietf.org/mailman/listinfo/perc
>>>
>> --
>sent from my mobile

-- 
Inviato dal mio dispositivo Android con K-9 Mail. Perdonate la brevità.

v2.23.0 | Report a Bug | By Email