IETF Logo Mail Archive

Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard

Emil Ivov <emcho@jitsi.org> Sat, 02 February 2019 16:41 UTC

Return-Path: <emcho@jitsi.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A6DB124BE5 for <ietf@ietfa.amsl.com>; Sat, 2 Feb 2019 08:41:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.042
X-Spam-Level:
X-Spam-Status: No, score=-2.042 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jitsi-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Py6PsTGSfYPu for <ietf@ietfa.amsl.com>; Sat, 2 Feb 2019 08:41:26 -0800 (PST)
Received: from mail-vs1-xe44.google.com (mail-vs1-xe44.google.com [IPv6:2607:f8b0:4864:20::e44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 232D9124B0C for <ietf@ietf.org>; Sat, 2 Feb 2019 08:41:26 -0800 (PST)
Received: by mail-vs1-xe44.google.com with SMTP id n13so6162673vsk.4 for <ietf@ietf.org>; Sat, 02 Feb 2019 08:41:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jitsi-org.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NWyhnXRdM3HutLGy5/SEGy4DESR7fimOUkOu3dP1iFI=; b=k7rfvV3sUKevMpGgt3J5K9ephgJ9CbFzHTgkrEo+reNmll/VoxMeA3bh2HK2ci/scV 1fAu+8L7BAPL8QaX0kSyzMyf+SZloZlbSCwoMFnzXCdrh6XcJkurpa2ZC3hsr+PQVSjl zi/tqY0+sx6lnrInAXW62U+LEcT4oDUUYIio5Bcww86+SxV3rgAmno/agyJmOp5SPnMO /+zwIqJ/xdVUmv9pBXnlMa/fVu0t1Ch8SDcuLEG93frt+uzTjddsLADq+u6yg87u5JKr 1g6zLQD5l9vf3S3sqXdrfIzPzWzdTdD1AmDecMeU3PFiGApl3PG6/UKa4cY5vFm/b+eT Zd9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NWyhnXRdM3HutLGy5/SEGy4DESR7fimOUkOu3dP1iFI=; b=ihjZAjuFV1klaeiyQp3Fstg3Ly8CEkjhYaQy5laJnxRtO56bPj24QbzMgwSZKJHX82 HSsYluH31/w3xV3hbqfdRmVk8AB0/IDOay0s/JVTInFhDmE5i4gvJFVzSlSkmq+mKZX2 m65q5f8pPusvupE8RYcUXLw7PzOlK3nNDIgX8GZCS0CbDuc10EziWK6pqjPUWCtW4mcD KDm4qsMhddceNPGkJOxi8pNJCOdXPyaQyJAasxgfjginp5d3pPLGChV/SARi0v8FBH7X 0TkWgeRCmTrpUHsQEDbDDw8ZFTVBJt8reTIFVYWvT/oTTpvF9VNx8PktKrm0RAD6bhMM k1Rw==
X-Gm-Message-State: AJcUukfZLyxYAHSwNWRhMso9WKmzkaDPrN1ANMB2ghRB4B77flYAwGts gf1a2FWIS7EcQi3sFSEuaa7wWXBhXqKGqATxIBkgUQ==
X-Google-Smtp-Source: ALg8bN4WhHelyf6zgAOUMfEpWhAviMLF2DF4klwD1TIHuE7SYCsefvzK72Q5OW5oNJbnHhz8akHVAVWvpVNb4ejh17s=
X-Received: by 2002:a67:f943:: with SMTP id u3mr19615613vsq.149.1549125684922; Sat, 02 Feb 2019 08:41:24 -0800 (PST)
MIME-Version: 1.0
References: <154889546931.10496.2408974719921724953.idtracker@ietfa.amsl.com> <CAOW+2dui_imxyysOCrtdH7OiDcbooi83qtCDifEY3HQ6MpigWA@mail.gmail.com> <CAL02cgSip2cLr8a1+zfK2cg+n8gqUMc9CKPmb7mWd2iLSiRf-g@mail.gmail.com> <8e40d0db-cacb-db93-f2fe-db5b4a7cf7cf@gmail.com> <CAOW+2dtxnSYOPPWxodN633O=dPOQaUnu7eYvgUYkPYRt6iWbaw@mail.gmail.com> <CAPvvaaK_VUXvy2=1TBGfBWWYxiBdXBzuR=Y-rnAdJyg=M8OfQQ@mail.gmail.com> <CAOW+2dvnoOZJLJWtLBc+T1hwyuDP7-dykg54RS4Kng1rtbbMSA@mail.gmail.com>
In-Reply-To: <CAOW+2dvnoOZJLJWtLBc+T1hwyuDP7-dykg54RS4Kng1rtbbMSA@mail.gmail.com>
From: Emil Ivov <emcho@jitsi.org>
Date: Sat, 02 Feb 2019 16:41:12 +0000
Message-ID: <CAPvvaaJp9o=wOqpm7vej+ce7_RTZY2kOvjkF2WCmU=E2GYUcyw@mail.gmail.com>
Subject: Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard
To: Bernard Aboba <bernard.aboba@gmail.com>
Cc: Alexandre GOUAILLARD <alex.gouaillard@cosmosoftware.io>, Emad Omara <emadomara@google.com>, IETF discussion list <ietf@ietf.org>, Sergio Garcia Murillo <sergio.garcia.murillo@cosmosoftware.io>, "hta@google.com" <hta@google.com>, perc@ietf.org
Content-Type: multipart/alternative; boundary="00000000000029aae20580ebee59"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/mWbcTpKJBmSqW2vXmTBYuFj3z4o>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Feb 2019 16:41:29 -0000

The scenario you outline may be one. I call that SSRC rewriting for Last N

Simulcast through SSRC rewriting (that you describe) is the one that
concerns us currently.



On Sat 2 Feb 2019 at 12:51, Bernard Aboba <bernard.aboba@gmail.com> wrote:

> Emil said:
>
> "I want to second that as it is a particularly major problem: not allowing
> SSRC rewriting makes the entire framework unusable with SFU implementation
> I represent as well as every other SFU I am familiar with."
>
> [BA] Can you articulate why you consider SSRC rewriting essential to SFU
> operation?
>
> I can think of one scenario where SSRC rewriting does seem to be
> *required* -  Massive Online Courses (MOOCs). In these scenarios, there can
> be hundreds or even thousands of students, most of whom never speak during
> class, and teachers, who send media frequently.  MOOCs can be implemented
> via streaming media instead of RTP, but this complicates the interactive
> aspect.
>
> So there are implementations of MOOCs that use RTP, and I believe that
> SSRC rewriting is an important part of the design of these systems. For
> example, there are currently limitations in browsers as to the number of
> transceivers that can be active, so that providing a transceiver for each
> of the participants in the conference could conceivably cause the browser
> to run out of memory.
>
> This is circumvented by not exposing participants to the SSRCs of all of
> the users.  For example, the SFU may only allocate SSRCs for the professor
> and the "last N" students who have asked questions, so that a participant
> will only be aware of those SSRCs plus their own, instead of potentially
> needing to deal with the SSRCs of all the participants in the conference.
> This also has the effect of limiting the transceivers needed, most of which
> are in "recv-only" mode from the perspective of the course participants.
>
> When students wish to ask a question, permission is requested to access
> their devices (but not before).  Then once the student is speaking, their
> SSRC is translated, so that participants do not necessary see a new SSRC
> but only the SSRC of "the current speaking student".  Also, the SFU will
> typically consume the RTCP packets from students who are sending.
>
> On Sat, Feb 2, 2019 at 4:19 AM Emil Ivov <emcho@jitsi.org> wrote:
>
>> I want to second that as it is a particularly major problem: not allowing
>> SSRC rewriting makes the entire framework unusable with SFU implementation
>> I represent as well as every other SFU I am familiar with.
>>
>> I am also not sure that I agree with “SSRC rewriting could not be
>> allowed” is a conclusion that ever had any consensus in PERC, regardless of
>> what WG leadership is trying to make everyone believe.
>>
>> On Sat 2 Feb 2019 at 06:21, Bernard Aboba <bernard.aboba@gmail.com>
>> wrote:
>>
>>> Richard said:
>>>
>>> "Again, the answer is clear here, but the document should be clearer.
>>> The working group discussed SSRC rewriting several times, and concluded
>>> that SSRC rewriting could not be allowed in this system.  This decision is
>>> reflected, e.g., in the fact that the Double transform does not allow
>>> modification of SSRCs."
>>>
>>> [BA]  Not being able to rewrite SSRCs has some major implications with
>>> respect to requirements on PERC endpoints.  Typically today's MDD will
>>> switch between the simulcast streams provided by an endpoint, forwarding
>>> only a single stream to other participants, based on the bandwidth,
>>> resolution and framerates.  If rewriting of SSRCs is not possible, do PERC
>>> endpoints need to be able to receive simulcast? If PERC endpoints do need
>>> to be able to receive simulcast, what are the requirements for endpoints?
>>> For example, should endpoints expect the MDD to use RID header extensions
>>> to identify the incoming simulcast streams?
>>>
>>> Receiving of simulcast is tricky because the endpoint is receiving
>>> multiple streams with different sequence number spaces which may contain
>>> holes because of reordering or loss. This not only complicates the
>>> application of RTX, RED and FEC, but also the operation of the endpoint.
>>> As a result, as noted in the WEBRTC specification Section 5.4.1, support
>>> for reception of simulcast is optional. I am aware of two ORTC
>>> implementations that have attempted to support simulcast reception, neither
>>> of which is robust in scenarios with considerable loss and/or reordering.
>>> And neither implementation supports the RID header extension on received
>>> simulcast streams.
>>>
>>>
>>>
>>>
>>> On Fri, Feb 1, 2019 at 12:23 PM Sergio Garcia Murillo <
>>> sergio.garcia.murillo@gmail.com> wrote:
>>>
>>>> On 01/02/2019 17:18, Richard Barnes wrote:
>>>>
>>>> So I would propose we add something like the following to this
>>>> definition:
>>>>
>>>> "In the context of WebRTC, where control of a session is divided
>>>> between a JavaScript application and a browser, the browser acts as the
>>>> Trusted Endpoint for purposes of this framework (just as it acts as the
>>>> endpoint for DTLS-SRTP in one-to-one calls).
>>>>
>>>>
>>>> If we decide to adopt perc (big if) in webrtc, shouldn't this be
>>>> defined within the
>>>> https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-17 doc ?
>>>>
>>>>
>>>>    Optimally, we would not rely on trust in any entities other than the
>>>>    browser.  However, this is unfortunately not possible if we wish to
>>>>    have a functional system.  Other network elements fall into two
>>>>    categories: those which can be authenticated by the browser and thus
>>>>    can be granted permissions to access sensitive resources, and those
>>>>    which cannot be authenticated and thus are untrusted.
>>>>
>>>>
>>>> WebRTC already IdP as trusted for identity purposes, so it should be up
>>>> to the RTCWEB group to decide what is a trusted endpoint and what is not in
>>>> webrtc. As Bernard is stating, we could decide that there are other key
>>>> management solutions trusted (even in JS or WASM), as for for example is
>>>> being done in EME:
>>>>
>>>>
>>>> https://github.com/WICG/media-capabilities/blob/master/explainer.md#encryption
>>>>
>>>> Best regards
>>>>
>>>> Sergio
>>>> _______________________________________________
>>>> Perc mailing list
>>>> Perc@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/perc
>>>>
>>> --
>> sent from my mobile
>>
> --
sent from my mobile

v2.23.0 | Report a Bug | By Email