Re: [rtcweb] Use Case draft (privacy)

"Ravindran, Parthasarathi" <> Mon, 30 April 2012 09:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 2902621F8606 for <>; Mon, 30 Apr 2012 02:12:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.51
X-Spam-Status: No, score=-6.51 tagged_above=-999 required=5 tests=[AWL=0.089, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 0pl4hcQLtqQB for <>; Mon, 30 Apr 2012 02:12:03 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 22D6B21F8526 for <>; Mon, 30 Apr 2012 02:12:03 -0700 (PDT)
Received: from ([]) (using TLSv1) by ([]) with SMTP ID; Mon, 30 Apr 2012 02:12:03 PDT
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Mon, 30 Apr 2012 05:12:06 -0400
Received: from ([fe80::8d0f:e4f9:a74f:3daf]) by ([fe80::80b9:dc60:caf7:7dfc%11]) with mapi id 14.01.0355.002; Mon, 30 Apr 2012 14:41:58 +0530
From: "Ravindran, Parthasarathi" <>
To: "Fabio Pietrosanti (naif)" <>, "" <>
Thread-Topic: [rtcweb] Use Case draft (privacy)
Thread-Index: AQHNJrBLJ7F0zFZTHE2C5/c491YXXJazFHJQ
Date: Mon, 30 Apr 2012 09:11:57 +0000
Message-ID: <>
References: <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [rtcweb] Use Case draft (privacy)
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 30 Apr 2012 09:12:04 -0000


Please note that gateway shall acts as web-browser and compliance to RTCWeb specifications. Here, WebRTC session is between general-purpose web-browser like IE, Chrome in the customer side and customized web-browser in the site side. 


>-----Original Message-----
>From: [] On Behalf
>Of Fabio Pietrosanti (naif)
>Sent: Monday, April 30, 2012 2:35 PM
>Subject: Re: [rtcweb] Use Case draft (privacy)
>On 4/27/12 6:35 PM, Jim Barnett wrote:
>> I would like to see a corporate call center use case.  Specifically, a
>> user downloads a web page from a corporate web site, clicks a 'call
>> button and is connected to a gateway server that is controlled by the
>> corporation.  The communication up to the corporate boundary cannot be
>> eavesdropped, but, inside the corporate boundary:  1) the corporation
>> can route the call to whoever it wants (meaning that the caller can
>> verify that he is connected to the corporation, but is not necessarily
>> assured of the identity of the person he is speaking to within the
>> corporation) 2) the corporation can eavesdrop/record the call (n.b.
>> this is mandatory in financial institutions, and common in most
>In that case, from a privacy perspective, it's HIGHLY RELEVANT to show
>in the UI to the user that the call does it's encrypted up to a gateway
>and not up to another peer.
>Please get back the thread on end-to-end vs end-to-site security.
>The user *must known and be aware* if a call is secured between two
>peers or if it's not secured up to a gateway (and who control such a
>rtcweb mailing list