Re: [rtcweb] A plea for simplicity, marketability - and... who are we designing RTCWEB for?

Iñaki Baz Castillo <> Thu, 20 October 2011 15:57 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A900621F8C92 for <>; Thu, 20 Oct 2011 08:57:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.632
X-Spam-Status: No, score=-2.632 tagged_above=-999 required=5 tests=[AWL=0.045, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Ys7Z9S1oz51I for <>; Thu, 20 Oct 2011 08:57:37 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 2ABAE21F8C7D for <>; Thu, 20 Oct 2011 08:57:37 -0700 (PDT)
Received: by vcbfo1 with SMTP id fo1so3117304vcb.31 for <>; Thu, 20 Oct 2011 08:57:36 -0700 (PDT)
MIME-Version: 1.0
Received: by with SMTP id r17mr586040vcw.6.1319126256576; Thu, 20 Oct 2011 08:57:36 -0700 (PDT)
Received: by with HTTP; Thu, 20 Oct 2011 08:57:36 -0700 (PDT)
In-Reply-To: <>
References: <> <BLU152-W43CB8DACCEA54AA5558B2493EA0@phx.gbl> <> <BLU152-W19B31DA6C6DB2FE60FC51C93EB0@phx.gbl> <> <>
Date: Thu, 20 Oct 2011 17:57:36 +0200
Message-ID: <>
From: Iñaki Baz Castillo <>
To: Roman Shpount <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [rtcweb] A plea for simplicity, marketability - and... who are we designing RTCWEB for?
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 20 Oct 2011 15:57:37 -0000

2011/10/20 Roman Shpount <>:
> This application will never setup a P2P call between two browsers, it is
> always between provider and the browser, so it can ask for relaxed security
> since it only calls its own IP.

There is long rationale about this topic in the list. Security cannot
(MUST NOT) be relaxed, never, because just the human can determine
when to allow "relaxed security" (and we don't want that a malicius
site asks the human user "press Accept Relaxed Security and you can
win a car". The browser has no way to determine whether the
destination of *all* the calls is a "trusted" server or not.

Also you are asuming that the media is sent to the same IP of the web
server (in case a RTCweb scenario does not include user2user calls).
This is a too much simplified scenario, and you miss that a DNS A
record can point to N IP's, and you also miss the case in which the
webserver has an IP different than the media server (regardless they
both are located within the same provider infrastucture). The browser
cannot determine it by itself, so security is always a need, and IMHO
it's a bad idea to allow a very corner case in which such security
could be relaxed.

Iñaki Baz Castillo