IETF Logo Mail Archive

Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard

Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com> Thu, 14 February 2019 09:51 UTC

Return-Path: <sergio.garcia.murillo@gmail.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1083131056 for <perc@ietfa.amsl.com>; Thu, 14 Feb 2019 01:51:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9ZsUkDyWT86g for <perc@ietfa.amsl.com>; Thu, 14 Feb 2019 01:51:48 -0800 (PST)
Received: from mail-wm1-x32c.google.com (mail-wm1-x32c.google.com [IPv6:2a00:1450:4864:20::32c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A932413104E for <perc@ietf.org>; Thu, 14 Feb 2019 01:51:47 -0800 (PST)
Received: by mail-wm1-x32c.google.com with SMTP id v26so5394200wmh.3 for <perc@ietf.org>; Thu, 14 Feb 2019 01:51:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language; bh=4DAScoKeiZiuk6QTI7VU040pZEXDZoe8/0fDRVZ2374=; b=egOxSijZiqsZSUlHwNdM3WpPKXPZyS9Juwx4ZYBsItlwye2F8uXB8L4H7u7p7LMLdW erhQ3neS5ey7+2uPmN6AB9C17cscHDmdrCoCCo/JIR/CtyTSWmSmfo7vbC4F0cNeM+mh ONl/vWonPd0dsi4OdKjwOX82RAo7GQKmi2IXvv8viHaPR3O8jS4K3uh+aPzrJ3xsi6wB eDgV7aSPm4klGlA3Rz6EwT0dKtDYufVENlU1hofS+BfqU5Z3nL9xMzp83UwJ/VCJBuXB XTzUAWX5hqNoJavjuEwzg9Phcoe/OkuJoq6nlhRIH85XAymVMYmo5pDux/IlVZRm8RqA Ye+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=4DAScoKeiZiuk6QTI7VU040pZEXDZoe8/0fDRVZ2374=; b=A9y7TG76KXVu5NTBngUyb0vbrWiIitxfxZr2YhvFVWAGy+i4IOCoYDuzdcmYh+lxCt 8z4p+xbQLinJPCB9s7MiSUNZ3ULxjamcLsBfau2Yja57bckAB/b/O3Le7tchyF99aFLk ychjKGNs5gj3FEAFf6gq4n+PPa1GCR9p0bzcC/BLp3WxVLVYBzRGC22A+11jtTvbUw/4 57En0Xr+04rm5uspm6ml2tpr4i+kDQ7qU6ArbOmr6CloYHV4Qqov4M36OJzyem1OuaJO tMvYOla1AeqgKKTZ2Bjyzf4GZf33kvHOFqKPOfriOjg0tPN51bDruvvLDKZxnS3fVYnj pRVA==
X-Gm-Message-State: AHQUAuYRF2llUpNq00p7SgH1Lh7tMLCELSMBK23FQhZ4OnXVdpPY4/J0 gWGi97BFF8Hb5XI9Eeuf55ORzDIV
X-Google-Smtp-Source: AHgI3IZFW+639O8QaCwmbg2waRdSC72Iq535TaBzz98XJK69hToyiisLW67yM830aS5J3Q9LKEyXxQ==
X-Received: by 2002:a1c:2097:: with SMTP id g145mr1870014wmg.81.1550137905526; Thu, 14 Feb 2019 01:51:45 -0800 (PST)
Received: from [192.168.0.111] (37.red-80-28-109.staticip.rima-tde.net. [80.28.109.37]) by smtp.googlemail.com with ESMTPSA id c9sm1216707wrs.84.2019.02.14.01.51.44 for <perc@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 14 Feb 2019 01:51:44 -0800 (PST)
To: "perc@ietf.org" <perc@ietf.org>
References: <154889546931.10496.2408974719921724953.idtracker@ietfa.amsl.com> <CAPvvaaK_VUXvy2=1TBGfBWWYxiBdXBzuR=Y-rnAdJyg=M8OfQQ@mail.gmail.com> <5486C91C-48EA-4AA1-85EE-05A0B01C1E70@meetecho.com> <C6FEAEB9-CF8E-48AF-B03F-1406FF9CB303@cosmosoftware.io> <CAOW+2ducgj400pk3xPFAkRYxnYvqwhMsE9rOO0u9PgLpniaaRA@mail.gmail.com> <CAPvvaaLYFeNkZ4Pfdh4pa2btNW6EGZBnAOvXzVZ9egU8V-gBNQ@mail.gmail.com> <CAOW+2dvom822NgjF7OAa2A8YDeqZ+mbCqA=fUcq-Y49oFyGpsA@mail.gmail.com> <CAPvvaa+EzwgMXB_t7ZVTBgZH2y4=neUm1RymUNKnMV-6zyGPaQ@mail.gmail.com> <a74a8239-27dc-5704-096b-05cc5e02bd18@gmail.com> <543375ED-9A4F-452C-AE51-9499DAD5CEE0@gmail.com> <80a1f634-0888-c5e2-f6be-729d4cca3b28@cosmosoftware.io> <06d91175-b071-49fe-01cc-4a1323ad85f7@gmail.com> <91A16283-A392-4217-97E1-B04A5C8AD245@mozilla.com> <9c4149c0-184b-5ee9-e0a4-2b41420d3279@gmail.com> <37143A53-81C3-4391-998E-D7F2AD1F409C@nostrum.com> <417923aa-8771-863e-ee12-4107f674d918@gmail.com> <4CBF52C0-1D9F-4576-85B6-4F24F59CB3E6@nostrum.com>
From: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Message-ID: <b402642c-f7c3-4949-9011-50cab6463464@gmail.com>
Date: Thu, 14 Feb 2019 10:56:30 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
In-Reply-To: <4CBF52C0-1D9F-4576-85B6-4F24F59CB3E6@nostrum.com>
Content-Type: multipart/alternative; boundary="------------8F5C067705F5CE55818ADDEE"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/RRsyWWxhhhbSf55cGJYeyXuXMzg>
Subject: Re: [Perc] Last Call: <draft-ietf-perc-private-media-framework-08.txt> (A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing) to Proposed Standard
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2019 09:51:54 -0000

On 14/02/2019 4:51, Ben Campbell wrote:
> (+Cullen)
> (as individual)
>
> Hi Sergio,
>
> I don’t recall, and I don’t see anything in the notes or email 
> consensus call, that would suggest the consensus included anything 
> along the lines “it’s okay to let the js application have the media 
> keys.”

I have never said that there was a consensus around that.

> That is, even if the idea was to let PERC do it’s thing and let other 
> groups spin their own key management systems, I don’t think there’s a 
> consensus that everyone would be okay with that particular approach.

We don't know because the discussion has been prevented from even starting.


>
> Cullen: As the other join presenter, do you have thoughts?
>
> Thanks!
>
> Ben.
>
>> On Feb 13, 2019, at 2:49 PM, Sergio Garcia Murillo 
>> <sergio.garcia.murillo@gmail.com 
>> <mailto:sergio.garcia.murillo@gmail.com>> wrote:
>>
>> Hi Ben,
>>
>> The consensus we reached in Prague was that while many of us didn't 
>> like the proposed solution, we managed to put together a solution 
>> that was technically feasible, so we were not going to prevent the 
>> ones in favor of it for getting it done as it could be possible to 
>> advance with perc lite and alternative key management in different 
>> forums (namely w3c).
>>
>> When the use case was presented in the w3c webrtc for nv, the liaison 
>> statement was sent to prevent the discussion to even get started. So 
>> I personally consider the consensus is invalidated (and so seems 
>> others), others even question that the consensus was even reached on 
>> the first place.
>>
>> Best regards
>> Sergio
>>
>>
>>
>> On 13/02/2019 21:21, Ben Campbell wrote:
>>> (as individual)
>>>
>>> Hi Sergio,
>>>
>>> Can you elaborate on that comment? The statement you reference was 
>>> explicitly about preserving the PERC trust model. How does it 
>>> overturn any consensus in PERC?
>>>
>>> Thanks!
>>>
>>> Ben.
>>>
>>>> On Feb 13, 2019, at 4:53 AM, Sergio Garcia Murillo 
>>>> <sergio.garcia.murillo@gmail.com 
>>>> <mailto:sergio.garcia.murillo@gmail.com>> wrote:
>>>>
>>>> You are missing an important piece on the timeline:
>>>>
>>>> Statement from the IETF ART and SEC Area Directors regarding the 
>>>> "Trusted application, untrusted intermediary" use case
>>>> https://datatracker.ietf.org/liaison/1614/
>>>>
>>>> This liaison statement basically blows away any rough consensus 
>>>> from IETF 99 as the basis of my joint proposal was that it could be 
>>>> possible to proceed with the PERC lite proposal and that 
>>>> alternative keying mechanism could be studied without involving the 
>>>> PERC group.
>>>>
>>>> Best regards
>>>> Sergio
>>>>
>>>> On 13/02/2019 2:34, Nils Ohlmeier wrote:
>>>>> Thank you for the input on the framework and the double documents 
>>>>> from everyone.
>>>>>
>>>>> The points raised by the individuals here are not new and have 
>>>>> been discussed before by the WG at several occasions. And for 
>>>>> these issues there has be no WG consensus.
>>>>>
>>>>>
>>>>> Specifically on the points regarding double encryption:
>>>>> At IETF 95 double had consensus and got adopted (after 4 design 
>>>>> team meetings and 3 IETF meetings).
>>>>> https://www.ietf.org/proceedings/95/minutes/minutes-95-perc
>>>>>
>>>>> At IETF 96 the WG chairs re-opened the discussions around SSRC 
>>>>> mutability and Emil got asked to submit a draft on the security 
>>>>> impact of SSRC mutability
>>>>> https://www.ietf.org/proceedings/96/minutes/minutes-96-perc
>>>>>
>>>>> At IETF 98 SSRC immutability and RTX considerations were discussed 
>>>>> but no proposal made on security implications
>>>>> https://www.ietf.org/proceedings/98/minutes/minutes-98-perc-00
>>>>>
>>>>> At IETF 99 the double authors and Sergio presented a joint 
>>>>> proposal. The WG chairs called for consensus in the room and on 
>>>>> the list and concluded that with rough consensus, the proposal got 
>>>>> adopted.
>>>>> https://datatracker.ietf.org/meeting/99/materials/minutes-99-perc-01
>>>>> https://mailarchive.ietf.org/arch/msg/perc/3fPqYTE2qhT351nvp1b7wkf4-bc
>>>>>
>>>>> Best regards
>>>>>  Nils & Suhas
>>>>>  PERC WG chairs
>>>>>
>>>>>> On 2Feb, 2019, at 13:37, Sergio Garcia Murillo 
>>>>>> <sergio.garcia.murillo@gmail.com 
>>>>>> <mailto:sergio.garcia.murillo@gmail.com>> wrote:
>>>>>>
>>>>>> PERC may be a valid solution for some scenarios, maybe SIP.
>>>>>>
>>>>>> But in regards of WebRTC, my personal opinion is that it is not 
>>>>>> well suited and that we should do a fresh start, with an analysis 
>>>>>> of the requirements and specifics of webrtc, define trust models, 
>>>>>> role of the js apps, UI/UX, IdP and isolated media streams, key 
>>>>>> management within browser, compatibility with webrtc 1.0, if we 
>>>>>> need to support it in SDP or not, QUIC, WASM, etc.. and then 
>>>>>> check if PERC is able to fulfill them or what parts can be 
>>>>>> reused, if any.
>>>>>>
>>>>>> Best regards
>>>>>>
>>>>>> Sergio
>>>>>>
>>>>>>>
>>>>>>> On 02/02/2019 21:42, Bernard Aboba wrote:
>>>>>>>> Sergio -
>>>>>>>>
>>>>>>>> In your opinion, what portions of PERC are salvageable, if any? 
>>>>>>>> Is this a situation where we need to start over or could some 
>>>>>>>> aspect of PERC (e.g. Double if the triple encryption problem 
>>>>>>>> were fixed) be suitably modified and then implemented?
>>>>>>>>
>>>>>>>> On Feb 2, 2019, at 3:31 PM, Sergio Garcia Murillo 
>>>>>>>> <sergio.garcia.murillo@gmail.com 
>>>>>>>> <mailto:sergio.garcia.murillo@gmail.com>> wrote:
>>>>>>>>
>>>>>>>>> I think Emil and Bernard have described quite precisely where 
>>>>>>>>> we are and how we managed to get here.
>>>>>>>>>
>>>>>>>>> In my opinion it would be a big mistake to consider PERC as 
>>>>>>>>> *THE* solution for end to end encryption for 
>>>>>>>>> multiconferencing, as if there was a one size fits all 
>>>>>>>>> solution for the problem.
>>>>>>>>>
>>>>>>>>> Speaking from a WebRTC perspective, PERC, apart of have taken 
>>>>>>>>> some controversial technical decisions (OHB as header, the 
>>>>>>>>> ssrc rewriting issue and reverse the the order of FEC/RTX and 
>>>>>>>>> SRTP), does not take into consideration the specifics of 
>>>>>>>>> WebRTC (it could be argued that that was not in the scope of 
>>>>>>>>> this group), like the role of the js app, the possibility of 
>>>>>>>>> allowing key management in js, or the interaction with Idp and 
>>>>>>>>> isolated media streams. Not to speak about the recent 
>>>>>>>>> discussions about full frame vs per packet encryption or QUIC.
>>>>>>>>>
>>>>>>>>> Best regards
>>>>>>>>> Sergio
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 02/02/2019 18:42, Emil Ivov wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Sat 2 Feb 2019 at 16:50, Bernard Aboba 
>>>>>>>>>> <bernard.aboba@gmail.com <mailto:bernard.aboba@gmail.com>> wrote:
>>>>>>>>>>
>>>>>>>>>>     Emil said:
>>>>>>>>>>
>>>>>>>>>>     "The need to do a triple encryption for example is a
>>>>>>>>>>     particularly egregious consequence of the order problem.
>>>>>>>>>>     That’s a problem specific to the “double” documents."
>>>>>>>>>>
>>>>>>>>>>     [BA] Can you describe how the need for "triple
>>>>>>>>>>     encryption" arises?  The framework document doesn't even
>>>>>>>>>>     mention the issues with ordering of FEC/RTX/RED and
>>>>>>>>>>     encryption, let alone the need for "triple encryption".
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> One of the goals that some members of the group seemed to 
>>>>>>>>>> have was to allow specific applications to become 
>>>>>>>>>> PERC-compliant without changing the app code itself and by 
>>>>>>>>>> simply replacing the libsrtp library with a PERC-enabled one.
>>>>>>>>>>
>>>>>>>>>> I don’t know that this goal is a direct consequence of the 
>>>>>>>>>> framework’s conceptual approach (contrary to the imposition 
>>>>>>>>>> of key distribution and negotiation). I think it simply 
>>>>>>>>>> carries a promise for some minimal pragmatic value to some 
>>>>>>>>>> implementers.
>>>>>>>>>>
>>>>>>>>>> The issue with this approach is that it leaves hop-by-hop 
>>>>>>>>>> protection mechanisms such FEC and RTC unavailable to the SFU 
>>>>>>>>>> as they are usually performed before SRTP, which would make 
>>>>>>>>>> them e2e encrypted.
>>>>>>>>>>
>>>>>>>>>> The solution to that is simple. One merely needs to perform 
>>>>>>>>>> e2e encryption first, then apply FEC and/or RTX and only then 
>>>>>>>>>> apply the second (hop-by-hop) layer of SRTP.
>>>>>>>>>>
>>>>>>>>>> This approach was referred to as “wedging RTX and FEC” as it 
>>>>>>>>>> places them in between the two encryption operations.
>>>>>>>>>>
>>>>>>>>>> While wedging appeared to have overall support in hallway 
>>>>>>>>>> discussions by all SFU implementors except potentially one, 
>>>>>>>>>> it was mysteriously rejected by a subset of the WG and 
>>>>>>>>>> replaced with the following:
>>>>>>>>>>
>>>>>>>>>> Applications will apply SRTP-double first and, those that 
>>>>>>>>>> need to use FEC and RTX would have to apply them only after.
>>>>>>>>>>
>>>>>>>>>> It was quickly pointed out that this not only destroys the 
>>>>>>>>>> stated “don’t-change-the-app” goal, but also leaves RTX and 
>>>>>>>>>> mostly FEC unprotected and FEC receivers vulnerable to DoS. 
>>>>>>>>>> To this the proponents of this approach simply replied with: 
>>>>>>>>>> “well, those of you who use FEC/RTX will simply do a third 
>>>>>>>>>> round of SRTP”, thus arriving at a total of three encryptions 
>>>>>>>>>> for every packet..
>>>>>>>>>>
>>>>>>>>>> The discussions around this topic were highly contentious.
>>>>>>>>>>
>>>>>>>>>> Hope this makes things clear,
>>>>>>>>>> Emil
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>     On Sat, Feb 2, 2019 at 11:46 AM Emil Ivov
>>>>>>>>>>     <emcho@jitsi.org <mailto:emcho@jitsi.org>> wrote:
>>>>>>>>>>
>>>>>>>>>>         Yes pretty much those.
>>>>>>>>>>
>>>>>>>>>>         The need to do a triple encryption for example is a
>>>>>>>>>>         particularly egregious consequence of the order
>>>>>>>>>>         problem. That’s a problem specific to the “double”
>>>>>>>>>>         documents.
>>>>>>>>>>
>>>>>>>>>>         I would however also say that the decision to bake
>>>>>>>>>>         one specific way of performing key negotiation into
>>>>>>>>>>         the framework rather than leaving it open was both
>>>>>>>>>>         unnecessary and quite problematic.
>>>>>>>>>>
>>>>>>>>>>         Emil
>>>>>>>>>>
>>>>>>>>>>         On Sat 2 Feb 2019 at 12:23, Bernard Aboba
>>>>>>>>>>         <bernard.aboba@gmail.com
>>>>>>>>>>         <mailto:bernard.aboba@gmail.com>> wrote:
>>>>>>>>>>
>>>>>>>>>>             "on the consensus not reached on this and other
>>>>>>>>>>             topics."
>>>>>>>>>>
>>>>>>>>>>             [BA] Out of curiosity, what other topics do you
>>>>>>>>>>             consider to be problematic within the framework? 
>>>>>>>>>>             I am aware of at least two others where
>>>>>>>>>>             implementers have chosen different paths than in
>>>>>>>>>>             the PERC framework:
>>>>>>>>>>
>>>>>>>>>>             * Order of application of encryption versus
>>>>>>>>>>             FEC/RTX/RED
>>>>>>>>>>             * Whole frame encryption versus payload encryption
>>>>>>>>>>
>>>>>>>>>>             With respect to consensus, this is IETF last
>>>>>>>>>>             call, one of whose purposes is to determine
>>>>>>>>>>             whether there is IETF consensus to publish this
>>>>>>>>>>             document as a Proposed Standard.  Are you saying
>>>>>>>>>>             that you do not agree that there is an IETF
>>>>>>>>>>             consensus to publish this document as a Proposed
>>>>>>>>>>             Standard?  Or that there is no IETF consensus to
>>>>>>>>>>             publish *any* of the PERC WG output as a Proposed
>>>>>>>>>>             Standard?
>>>>>>>>>>
>>>>>>>>>>             On Sat, Feb 2, 2019 at 5:40 AM Alexandre
>>>>>>>>>>             GOUAILLARD <alex.gouaillard@cosmosoftware.io
>>>>>>>>>>             <mailto:alex..gouaillard@cosmosoftware.io>> wrote:
>>>>>>>>>>
>>>>>>>>>>                 +1 on ssrc rewriting, and on the consensus
>>>>>>>>>>                 not reached on this and other topics.
>>>>>>>>>>
>>>>>>>>>>                 Sent from my iPhone
>>>>>>>>>>
>>>>>>>>>>                 On 2 Feb 2019, at 17:18, Lorenzo Miniero
>>>>>>>>>>                 <lorenzo@meetecho.com
>>>>>>>>>>                 <mailto:lorenzo@meetecho.com>> wrote:
>>>>>>>>>>
>>>>>>>>>>>                 +1, SSRC rewriting is pretty much
>>>>>>>>>>>                 fundamental to all SFUs out there.
>>>>>>>>>>>
>>>>>>>>>>>                 Lorenzo
>>>>>>>>>>>
>>>>>>>>>>>                 Il 2 febbraio 2019 10:19:06 CET, Emil Ivov
>>>>>>>>>>>                 <emcho@jitsi.org <mailto:emcho@jitsi.org>>
>>>>>>>>>>>                 ha scritto:
>>>>>>>>>>>
>>>>>>>>>>>                     I want to second that as it is a
>>>>>>>>>>>                     particularly major problem: not allowing
>>>>>>>>>>>                     SSRC rewriting makes the entire
>>>>>>>>>>>                     framework unusable with SFU
>>>>>>>>>>>                     implementation I represent as well as
>>>>>>>>>>>                     every other SFU I am familiar with.
>>>>>>>>>>>
>>>>>>>>>>>                     I am also not sure that I agree with
>>>>>>>>>>>                     “SSRC rewriting could not be allowed” is
>>>>>>>>>>>                     a conclusion that ever had any consensus
>>>>>>>>>>>                     in PERC, regardless of what WG
>>>>>>>>>>>                     leadership is trying to make everyone
>>>>>>>>>>>                     believe.
>>>>>>>>>>>
>>>>>>>>>>>                     On Sat 2 Feb 2019 at 06:21, Bernard
>>>>>>>>>>>                     Aboba <bernard.aboba@gmail.com
>>>>>>>>>>>                     <mailto:bernard.aboba@gmail.com>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>                         Richard said:
>>>>>>>>>>>
>>>>>>>>>>>                         "Again, the answer is clear here,
>>>>>>>>>>>                         but the document should be clearer. 
>>>>>>>>>>>                         The working group discussed SSRC
>>>>>>>>>>>                         rewriting several times, and
>>>>>>>>>>>                         concluded that SSRC rewriting could
>>>>>>>>>>>                         not be allowed in this system. This
>>>>>>>>>>>                         decision is reflected, e.g., in the
>>>>>>>>>>>                         fact that the Double transform does
>>>>>>>>>>>                         not allow modification of SSRCs."
>>>>>>>>>>>
>>>>>>>>>>>                         [BA] Not being able to rewrite SSRCs
>>>>>>>>>>>                         has some major implications with
>>>>>>>>>>>                         respect to requirements on PERC
>>>>>>>>>>>                         endpoints. Typically today's MDD
>>>>>>>>>>>                         will switch between the simulcast
>>>>>>>>>>>                         streams provided by an endpoint,
>>>>>>>>>>>                         forwarding only a single stream to
>>>>>>>>>>>                         other participants, based on the
>>>>>>>>>>>                         bandwidth, resolution and
>>>>>>>>>>>                         framerates. If rewriting of SSRCs is
>>>>>>>>>>>                         not possible, do PERC endpoints need
>>>>>>>>>>>                         to be able to receive simulcast? If
>>>>>>>>>>>                         PERC endpoints do need to be able to
>>>>>>>>>>>                         receive simulcast, what are the
>>>>>>>>>>>                         requirements for endpoints? For
>>>>>>>>>>>                         example, should endpoints expect the
>>>>>>>>>>>                         MDD to use RID header extensions to
>>>>>>>>>>>                         identify the incoming simulcast
>>>>>>>>>>>                         streams?
>>>>>>>>>>>
>>>>>>>>>>>                         Receiving of simulcast is tricky
>>>>>>>>>>>                         because the endpoint is receiving
>>>>>>>>>>>                         multiple streams with different
>>>>>>>>>>>                         sequence number spaces which may
>>>>>>>>>>>                         contain holes because of reordering
>>>>>>>>>>>                         or loss. This not only complicates
>>>>>>>>>>>                         the application of RTX, RED and FEC,
>>>>>>>>>>>                         but also the operation of the
>>>>>>>>>>>                         endpoint.  As a result, as noted in
>>>>>>>>>>>                         the WEBRTC specification Section
>>>>>>>>>>>                         5.4.1, support for reception of
>>>>>>>>>>>                         simulcast is optional. I am aware of
>>>>>>>>>>>                         two ORTC implementations that have
>>>>>>>>>>>                         attempted to support simulcast
>>>>>>>>>>>                         reception, neither of which is
>>>>>>>>>>>                         robust in scenarios with
>>>>>>>>>>>                         considerable loss and/or reordering.
>>>>>>>>>>>                         And neither implementation supports
>>>>>>>>>>>                         the RID header extension on received
>>>>>>>>>>>                         simulcast streams.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>                         On Fri, Feb 1, 2019 at 12:23 PM
>>>>>>>>>>>                         Sergio Garcia Murillo
>>>>>>>>>>>                         <sergio.garcia.murillo@gmail.com
>>>>>>>>>>>                         <mailto:sergio.garcia.murillo@gmail.com>>
>>>>>>>>>>>                         wrote:
>>>>>>>>>>>
>>>>>>>>>>>                             On 01/02/2019 17:18, Richard
>>>>>>>>>>>                             Barnes wrote:
>>>>>>>>>>>>                             So I would propose we add
>>>>>>>>>>>>                             something like the following to
>>>>>>>>>>>>                             this definition:
>>>>>>>>>>>>
>>>>>>>>>>>>                             "In the context of WebRTC,
>>>>>>>>>>>>                             where control of a session is
>>>>>>>>>>>>                             divided between a JavaScript
>>>>>>>>>>>>                             application and a browser, the
>>>>>>>>>>>>                             browser acts as the Trusted
>>>>>>>>>>>>                             Endpoint for purposes of this
>>>>>>>>>>>>                             framework (just as it acts as
>>>>>>>>>>>>                             the endpoint for DTLS-SRTP in
>>>>>>>>>>>>                             one-to-one calls).
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>                             If we decide to adopt perc (big
>>>>>>>>>>>                             if) in webrtc, shouldn't this be
>>>>>>>>>>>                             defined within the
>>>>>>>>>>>                             https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-17
>>>>>>>>>>>                             doc ?
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>                                 Optimally, we would not rely on trust in any entities other than the
>>>>>>>>>>>                                 browser.  However, this is unfortunately not possible if we wish to
>>>>>>>>>>>                                 have a functional system.  Other network elements fall into two
>>>>>>>>>>>                                 categories: those which can be authenticated by the browser and thus
>>>>>>>>>>>                                 can be granted permissions to access sensitive resources, and those
>>>>>>>>>>>                                 which cannot be authenticated and thus are untrusted.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>                             WebRTC already IdP as trusted
>>>>>>>>>>>                             for identity purposes, so it
>>>>>>>>>>>                             should be up to the RTCWEB group
>>>>>>>>>>>                             to decide what is a trusted
>>>>>>>>>>>                             endpoint and what is not in
>>>>>>>>>>>                             webrtc. As Bernard is stating,
>>>>>>>>>>>                             we could decide that there are
>>>>>>>>>>>                             other key management solutions
>>>>>>>>>>>                             trusted (even in JS or WASM), as
>>>>>>>>>>>                             for for example is being done in
>>>>>>>>>>>                             EME:
>>>>>>>>>>>
>>>>>>>>>>>                             https://github.com/WICG/media-capabilities/blob/master/explainer.md#encryption
>>>>>>>>>>>
>>>>>>>>>>>                             Best regards
>>>>>>>>>>>
>>>>>>>>>>>                             Sergio
>>>>>>>>>>>
>>>>>>>>>>>                             _______________________________________________
>>>>>>>>>>>                             Perc mailing list
>>>>>>>>>>>                             Perc@ietf.org <mailto:Perc@ietf.org>
>>>>>>>>>>>                             https://www.ietf.org/mailman/listinfo/perc
>>>>>>>>>>>
>>>>>>>>>>>                     -- 
>>>>>>>>>>>                     sent from my mobile
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>                 -- 
>>>>>>>>>>>                 Inviato dal mio dispositivo Android con K-9
>>>>>>>>>>>                 Mail. Perdonate la brevità.
>>>>>>>>>>
>>>>>>>>>>         -- 
>>>>>>>>>>         sent from my mobile
>>>>>>>>>>
>>>>>>>>>> -- 
>>>>>>>>>> sent from my mobile
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> Perc mailing list
>>>>>>>>>> Perc@ietf.org
>>>>>>>>>> https://www.ietf.org/mailman/listinfo/perc
>>>>>>>>>
>>>>>>>>>
>>>>>> _______________________________________________
>>>>>> Perc mailing list
>>>>>> Perc@ietf.org <mailto:Perc@ietf.org>
>>>>>> https://www.ietf.org/mailman/listinfo/perc
>>>>>
>>>>
>>>> _______________________________________________
>>>> Perc mailing list
>>>> Perc@ietf.org <mailto:Perc@ietf.org>
>>>> https://www.ietf.org/mailman/listinfo/perc
>>>
>>
>

v2.23.0 | Report a Bug | By Email