Re: [rtcweb] Summary of ICE discussion
"Ravindran Parthasarathi" <pravindran@sonusnet.com> Wed, 05 October 2011 14:34 UTC
Return-Path: <pravindran@sonusnet.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D9AD21F8AF7 for <rtcweb@ietfa.amsl.com>; Wed, 5 Oct 2011 07:34:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.491
X-Spam-Level:
X-Spam-Status: No, score=-2.491 tagged_above=-999 required=5 tests=[AWL=0.108, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YWlV01orb0sC for <rtcweb@ietfa.amsl.com>; Wed, 5 Oct 2011 07:34:46 -0700 (PDT)
Received: from mail-ma01.sonusnet.com (sonussf2.sonusnet.com [208.45.178.27]) by ietfa.amsl.com (Postfix) with ESMTP id 27F9C21F8CA9 for <rtcweb@ietf.org>; Wed, 5 Oct 2011 07:34:46 -0700 (PDT)
Received: from sonusmail07.sonusnet.com (sonusmail07.sonusnet.com [10.128.32.157]) by sonuspps2.sonusnet.com (8.14.3/8.14.3) with ESMTP id p95EcKH6014721; Wed, 5 Oct 2011 10:38:20 -0400
Received: from sonusinmail02.sonusnet.com ([10.70.51.30]) by sonusmail07.sonusnet.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 5 Oct 2011 10:37:42 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 05 Oct 2011 20:07:39 +0530
Message-ID: <2E239D6FCD033C4BAF15F386A979BF510F14C0@sonusinmail02.sonusnet.com>
In-Reply-To: <4E8C12FD.5010007@ericsson.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [rtcweb] Summary of ICE discussion
Thread-Index: AcyDN3onXBChTObjQmqkKm4vgz75PQAMS3Bg
References: <4E8B192E.80809@ericsson.com> <2E239D6FCD033C4BAF15F386A979BF510F142C@sonusinmail02.sonusnet.com> <4E8C12FD.5010007@ericsson.com>
From: Ravindran Parthasarathi <pravindran@sonusnet.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
X-OriginalArrivalTime: 05 Oct 2011 14:37:42.0979 (UTC) FILETIME=[57366130:01CC836C]
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Summary of ICE discussion
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Oct 2011 14:34:47 -0000
Hi Magnus, Thanks for the clarification about the issue in webserver based trust model. I agree for ICE as there is no other known solution for user consent in the proposed trust model. Still, data transmission consent is an open item. Thanks Partha >-----Original Message----- >From: Magnus Westerlund [mailto:magnus.westerlund@ericsson.com] >Sent: Wednesday, October 05, 2011 1:49 PM >To: Ravindran Parthasarathi >Cc: rtcweb@ietf.org >Subject: Re: [rtcweb] Summary of ICE discussion > >On 2011-10-05 08:07, Ravindran Parthasarathi wrote: >> In case user consent is the reason for ICE, ICE may not be right >> choice because of the multiplexing RTP in RTCWeb and user may be >> consent for audio and not for video which is not possible to indicate >> through ICE. It is possible to achieve by having different streams >> for each media but I strongly believe that it is not interesting >> topic for RTCWeb. > >No, it is not user consent, it is data transmission consent that is the >issue here. > >> >> I think that trust model with browser---RTCWeb server---browser for >> the user consent with individual media stream works because browser >> user trust RTCWeb server. I could think of offer/answer as user >> consent with media stream mechanism because offer or answer indicates >> media port is allocated in browser and listening for media from >> remote party, the consent reaches remote browser through RTCWeb >> server. The advantage in the model is that RTCWeb server shall have >> the policy to control media. Please let me know your comments on >> this. > > >My interpretation is that several has disagreed with you on this model. >I personally also disagree with this. There is a big difference between >allowing a webservice access to my media devices, i.e. microphone and >video as will expect it to perform a communication service where I at >least see parts of that communication happening. However, the user has >no way of verifying that of the media streams being setup by the web >service that it in fact not in addition uses the users resources for a >DoS attack. It is the destination of the media stream that needs to >consent to the media delivery, not the siganlling node for it. Thus a >path based media verification that ensures that information from the >signalling and the media path agrees provides a reasonable but not >perfect security against attacks. This is still vulnerable to attackers >that have the capability of both running the web service and intercept >and inject packets in the network on path between the web client and the >target of the attack. > >> >> The other reason like NAT & FW is not mandatory for intranet RTCWeb >> applications. I have mentioned as part of >> http://www.ietf.org/mail-archive/web/rtcweb/current/msg01619.html > >My interpretation of your statement was that it was disputed and that >the disputing statement was not faulty. > >Cheers > >Magnus Westerlund > >---------------------------------------------------------------------- >Multimedia Technologies, Ericsson Research EAB/TVM >---------------------------------------------------------------------- >Ericsson AB | Phone +46 10 7148287 >Färögatan 6 | Mobile +46 73 0949079 >SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com >----------------------------------------------------------------------
- Re: [rtcweb] Summary of ICE discussion Randell Jesup
- [rtcweb] Summary of ICE discussion Magnus Westerlund
- Re: [rtcweb] Summary of ICE discussion Iñaki Baz Castillo
- Re: [rtcweb] Summary of ICE discussion Randell Jesup
- Re: [rtcweb] Summary of ICE discussion Olle E. Johansson
- Re: [rtcweb] Summary of ICE discussion Eric Rescorla
- Re: [rtcweb] Summary of ICE discussion Cary Bran (cbran)
- Re: [rtcweb] Summary of ICE discussion Hadriel Kaplan
- Re: [rtcweb] Summary of ICE discussion Bernard Aboba
- Re: [rtcweb] Summary of ICE discussion Bernard Aboba
- Re: [rtcweb] Summary of ICE discussion Cullen Jennings
- Re: [rtcweb] Summary of ICE discussion Cullen Jennings
- Re: [rtcweb] Summary of ICE discussion Matthew Kaufman
- Re: [rtcweb] Summary of ICE discussion Matthew Kaufman
- Re: [rtcweb] Summary of ICE discussion Matthew Kaufman
- Re: [rtcweb] Summary of ICE discussion Bernard Aboba
- Re: [rtcweb] Summary of ICE discussion Matthew Kaufman
- Re: [rtcweb] Summary of ICE discussion Ravindran Parthasarathi
- Re: [rtcweb] Summary of ICE discussion Roman Shpount
- Re: [rtcweb] Summary of ICE discussion Magnus Westerlund
- Re: [rtcweb] Summary of ICE discussion Magnus Westerlund
- Re: [rtcweb] Summary of ICE discussion Harald Alvestrand
- Re: [rtcweb] Summary of ICE discussion Harald Alvestrand
- Re: [rtcweb] Summary of ICE discussion Jonathan Lennox
- Re: [rtcweb] Summary of ICE discussion Ravindran Parthasarathi
- Re: [rtcweb] Summary of ICE discussion Bernard Aboba
- Re: [rtcweb] Summary of ICE discussion Harald Alvestrand
- Re: [rtcweb] Summary of ICE discussion Cullen Jennings
- Re: [rtcweb] Summary of ICE discussion Paul Hoffman
- Re: [rtcweb] Summary of ICE discussion sebastien.cubaud
- Re: [rtcweb] Summary of ICE discussion Iñaki Baz Castillo
- [rtcweb] Sebastien Cubaud's non-ICE mechanism (Re… Harald Alvestrand
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… sebastien.cubaud
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Eric Rescorla
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Iñaki Baz Castillo
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Randell Jesup
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Jonathan Rosenberg
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Randell Jesup
- Re: [rtcweb] Summary of ICE discussion sebastien.cubaud
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Iñaki Baz Castillo
- Re: [rtcweb] Summary of ICE discussion Iñaki Baz Castillo
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Tim Panton
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… sebastien.cubaud
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… sebastien.cubaud
- Re: [rtcweb] Summary of ICE discussion sebastien.cubaud