Re: [pntaw] FW: New Version Notification for draft-wing-pcp-third-party-authz-01.txt

<Markus.Isomaki@nokia.com> Thu, 26 September 2013 12:24 UTC

Return-Path: <Markus.Isomaki@nokia.com>
X-Original-To: pntaw@ietfa.amsl.com
Delivered-To: pntaw@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CFD621E8093 for <pntaw@ietfa.amsl.com>; Thu, 26 Sep 2013 05:24:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.516
X-Spam-Level:
X-Spam-Status: No, score=-6.516 tagged_above=-999 required=5 tests=[AWL=0.083, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GBghSDEw2mcJ for <pntaw@ietfa.amsl.com>; Thu, 26 Sep 2013 05:23:59 -0700 (PDT)
Received: from mgw-sa01.nokia.com (smtp.nokia.com [147.243.1.47]) by ietfa.amsl.com (Postfix) with ESMTP id AB64221E8096 for <pntaw@ietf.org>; Thu, 26 Sep 2013 05:23:37 -0700 (PDT)
Received: from smtp.mgd.nokia.com ([65.54.30.49]) by mgw-sa01.nokia.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id r8QCGKp0004193 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=OK); Thu, 26 Sep 2013 15:16:21 +0300
Received: from 008-AM1MPN1-042.mgdnok.nokia.com ([169.254.2.224]) by 008-AM1MMR2-015.mgdnok.nokia.com ([65.54.30.49]) with mapi id 14.03.0136.001; Thu, 26 Sep 2013 12:16:20 +0000
From: <Markus.Isomaki@nokia.com>
To: <tireddy@cisco.com>, <pntaw@ietf.org>
Thread-Topic: [pntaw] FW: New Version Notification for draft-wing-pcp-third-party-authz-01.txt
Thread-Index: AQHOuCyVoaE5Gxq5+02WIu7RJIkO0pnX8d6g
Date: Thu, 26 Sep 2013 12:16:19 +0000
Message-ID: <E44893DD4E290745BB608EB23FDDB7620A0CDADA@008-AM1MPN1-042.mgdnok.nokia.com>
References: <913383AAA69FF945B8F946018B75898A1907CF6F@xmb-rcd-x10.cisco.com>
In-Reply-To: <913383AAA69FF945B8F946018B75898A1907CF6F@xmb-rcd-x10.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-tituslabs-classifications-30: TLPropertyRoot=Nokia; Confidentiality=Nokia Internal Use Only; Project=None;
x-titus-version: 3.5.9.3
x-headerinfofordlp: None
x-tituslabs-classificationhash-30: VgNFIFU9Hx+/nZJb9Kg7InCgP4dxIrO7ZrNJOzl+h1esatI1b4P4NpcAKjr2o2LF2pKMipseHQAu7oiIvoKLl3PHUQsUd/YZiNGjhVkqMYLXsL2wMQeQJO+3pF5yYCA6dDpZZS4fzaV+ixhh3pEB9f6lSh+F+qvpv+vFtByiY3FIKACXkFur4rv1WEtgJjoay4tnpt38RMttO1VpiihaSIxqu9RrvN8SV9HxNx9MVa1FUo7gentjLALDqbdlge+gCM51ucXz+gkTzucocWUBqboZankHTto+UHziOZ0qb4cmb32bUfb4nRJVa7QlabhX
x-originating-ip: [10.236.13.87]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Nokia-AV: Clean
Subject: Re: [pntaw] FW: New Version Notification for draft-wing-pcp-third-party-authz-01.txt
X-BeenThere: pntaw@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion list for practices related to proxies, NATs, TURN, and WebRTC" <pntaw.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pntaw>, <mailto:pntaw-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pntaw>
List-Post: <mailto:pntaw@ietf.org>
List-Help: <mailto:pntaw-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pntaw>, <mailto:pntaw-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Sep 2013 12:24:06 -0000

Hi,

Tirumaleswar Reddy wrote:
> 
> This draft http://tools.ietf.org/html/draft-wing-pcp-third-party-authz-01
> describes the mechanism for firewalls to only permit UDP media session
> associated with specific WebRTC servers. This addresses the firewall problem
> in Enterprise network without having to do DPI on WebRTC signaling
> protocol.
> 

While adding support for TURN over TLS (or TURN over Websockets) via proxy based connections is important to make WebRTC deployable in the near term, I also believe that this type of more explicit and dynamic firewall authorization solution is valuable in the long term.

Markus