Re: [MMUSIC] New Liaison Statement, "W3C WEBRTC WG to IETF MMUSIC WG"

Cullen Jennings <> Fri, 12 May 2017 20:56 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7A0C4127977 for <>; Fri, 12 May 2017 13:56:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.7
X-Spam-Status: No, score=-4.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id a7_fZIkTT7A0 for <>; Fri, 12 May 2017 13:56:09 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 467D8130F27 for <>; Fri, 12 May 2017 13:51:31 -0700 (PDT)
Received: from (localhost []) by (SMTP Server) with ESMTP id 698F75865; Fri, 12 May 2017 16:51:30 -0400 (EDT)
Received: by (Authenticated sender: with ESMTPSA id 8F80D57A8; Fri, 12 May 2017 16:51:29 -0400 (EDT)
Received: from [] ( []) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by (trex/5.7.12); Fri, 12 May 2017 16:51:30 -0400
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
From: Cullen Jennings <>
In-Reply-To: <>
Date: Fri, 12 May 2017 14:51:28 -0600
Cc: Bo Burman <>, Ben Campbell <>, Multiparty Multimedia Session Control Discussion List <>, Alexey Melnikov <>,,
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <>
To: Flemming Andreasen <>
X-Mailer: Apple Mail (2.3259)
Archived-At: <>
Subject: Re: [MMUSIC] New Liaison Statement, "W3C WEBRTC WG to IETF MMUSIC WG"
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 12 May 2017 20:56:12 -0000

Just read this now  and a few points ... 

1) I don't think this answer the questions asked.

2) the a and b miss the discussion of the context where this happens where things like a 2nd DTLS connection replacing a prior DTLS connection but on the same flow. 

I'm focused on getting JSEP completed right now so don't plan to spend time on this till somewhat later. 

> On Apr 21, 2017, at 6:44 AM, Flemming Andreasen <> wrote:
> Greetings MMUSIC.
> The issue raised below has been discussed on the MMUSIC mailing (see thread starting at and the recent MMUSIC meeting at IETF 98 (Chicago). A summary discussion has been provided at as well.
> Based on the above, we suggest to answer the liaison statement as follows:
> <quote>
> Thank you for raising the question regarding playout of unverified media to the MMUSIC WG. We have looked further into the issue raised and we would like to request a clarification of the exact sequence of events that WEBRTC believes can lead to this. In particular, we ask you to please show either
> (a) how ICE can complete prior to DTLS fingerprint exchange, or
> (b) how media can be received prior to ICE completing
> It is currently unclear to us how either of these situations can arise in which case we do not believe the issue raised would apply to WebRTC.
> For further background information, please refer to:
> -
> -
> </quote>
> Please let the chairs know (before April 28) if you have any comments.
> Thanks
> -- Flemming
> On 4/3/17 11:30 AM, Liaison Statement Management Tool wrote:
>> Submission Date: 2017-04-03
>> URL of the IETF Web page:
>> Please reply by 2017-04-16
>> From: Bernard Aboba <>
>> To: Flemming Andreasen <>,Bo Burman <>
>> Cc: Adam Roach <>,Flemming Andreasen <>,Ben Campbell <>,Bo Burman <>,Alexey Melnikov <>,Multiparty Multimedia Session Control Discussion List <>
>> Response Contacts:,,
>> Technical Contacts:
>> Purpose: For action
>> Body: Colleagues:
>> In the W3C WEBRTC WG, an issue has been submitted relating to playout of unverified media:
>> It has been suggested that if the browser is configured to do so, that playout be allowed for a limited period
>> (e.g. 5 seconds) prior to fingerprint verification:
>> Section 6.2 of draft-ietf-mmusic-4572-update-13 contains the following text, carried over from RFC 4572:
>> Note that when the offer/answer model is being used, it is possible
>> for a media connection to outrace the answer back to the offerer.
>> Thus, if the offerer has offered a 'setup:passive' or 'setup:actpass'
>> role, it MUST (as specified in RFC 4145 [7]) begin listening for an
>> incoming connection as soon as it sends its offer. However, it MUST
>> NOT assume that the data transmitted over the TLS connection is valid
>> until it has received a matching fingerprint in an SDP answer. If
>> the fingerprint, once it arrives, does not match the client's
>> certificate, the server endpoint MUST terminate the media connection
>> with a bad_certificate error, as stated in the previous paragraph.
>> Given the outstanding issue relating to handling of unverified media, the Chairs of the W3C WEBRTC WG
>> would like to request clarification from the IETF MMUSIC WG as to the meaning of the "MUST NOT" in the
>> above paragraph. In particular, what is it permitted for a WebRTC implementation to do with received data prior
>> to verification? For example:
>> 1. May data received over the data channel be provided to the web application prior to verification?
>> 2. May received media be played out prior to verification?
>> Attachments:
>>     webrtc-liason-to-mmusic copy.pdf
>> .
> _______________________________________________
> mmusic mailing list