Re: [pntaw] TURN over websockets

Simon Perreault <simon.perreault@viagenie.ca> Fri, 30 August 2013 12:53 UTC

Return-Path: <simon.perreault@viagenie.ca>
X-Original-To: pntaw@ietfa.amsl.com
Delivered-To: pntaw@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EAF921F9EBE for <pntaw@ietfa.amsl.com>; Fri, 30 Aug 2013 05:53:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.34
X-Spam-Level:
X-Spam-Status: No, score=-2.34 tagged_above=-999 required=5 tests=[AWL=0.260, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ka8JHWeaaM8c for <pntaw@ietfa.amsl.com>; Fri, 30 Aug 2013 05:53:32 -0700 (PDT)
Received: from jazz.viagenie.ca (jazz.viagenie.ca [IPv6:2620:0:230:8000::2]) by ietfa.amsl.com (Postfix) with ESMTP id 2023421F9DF3 for <pntaw@ietf.org>; Fri, 30 Aug 2013 05:53:32 -0700 (PDT)
Received: from [IPv6:::1] (unknown [IPv6:2001:660:3001:4012:804a:3155:d42a:4a6]) by jazz.viagenie.ca (Postfix) with ESMTPSA id 838DF4042A for <pntaw@ietf.org>; Fri, 30 Aug 2013 08:53:30 -0400 (EDT)
Message-ID: <522095CB.9030109@viagenie.ca>
Date: Fri, 30 Aug 2013 14:53:31 +0200
From: Simon Perreault <simon.perreault@viagenie.ca>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: pntaw@ietf.org
References: <52205AE1.9010807@gmail.com> <F81CEE99482EFE438DAE2A652361EE12179BF94B@MCHP04MSX.global-ad.net>
In-Reply-To: <F81CEE99482EFE438DAE2A652361EE12179BF94B@MCHP04MSX.global-ad.net>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
Subject: Re: [pntaw] TURN over websockets
X-BeenThere: pntaw@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion list for practices related to proxies, NATs, TURN, and WebRTC" <pntaw.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pntaw>, <mailto:pntaw-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pntaw>
List-Post: <mailto:pntaw@ietf.org>
List-Help: <mailto:pntaw-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pntaw>, <mailto:pntaw-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Aug 2013 12:53:36 -0000

Le 2013-08-30 14:34, Stach, Thomas a écrit :
> The goal behind this is certainly not to sneak WEBRTC media streams
> through heavily fortified networks that have DPI deployed. The goal
> rather to address a scenario e.g. at a small hotel with a
> not-so-skilled network admin, that opened his firewall on TCP port
> 80/443 to allow its guests to do some web browsing, but is afraid of
> opening its firewall for UDP traffic. If we want to deploy WEBRTC in
> such an environment TURN over TLS to port 443 would do the job.

+1

I too am not convinced that we need anything more than TURN over TLS to
port 443.

Simon