Re: [rtcweb] AVPF [was: Encryption mandate (and offer/answer)]

Matthew Kaufman <matthew.kaufman@skype.net> Mon, 12 September 2011 08:31 UTC

Return-Path: <matthew.kaufman@skype.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F76521F86EC for <rtcweb@ietfa.amsl.com>; Mon, 12 Sep 2011 01:31:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nU4fpJ+Of2IR for <rtcweb@ietfa.amsl.com>; Mon, 12 Sep 2011 01:30:59 -0700 (PDT)
Received: from mx.skype.net (mx.skype.net [78.141.177.88]) by ietfa.amsl.com (Postfix) with ESMTP id 2B9C921F86DD for <rtcweb@ietf.org>; Mon, 12 Sep 2011 01:30:58 -0700 (PDT)
Received: from mx.skype.net (localhost [127.0.0.1]) by mx.skype.net (Postfix) with ESMTP id 19EA8170E; Mon, 12 Sep 2011 10:33:01 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=skype.net; h=message-id :date:from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; s=mx; bh=D5DIzja7SzSlkL CBgc1+BiIuKFY=; b=sYUOceBP6uCUF5sBY9/oKsp0TqwK1mtmiiM3z0ScH4YWfB +kMimkdQiFwgd6XNlPS2O+GDyN0wqsYcjLXwOQEJVSDbd32z7zqKcLQ01+oIJiN4 ctOucb5a1+8NbSpDFPcQlv9jQhNFWTsOtOowEv/EjcIf4EMYUFEl7JZrNw2bU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=skype.net; h=message-id:date:from :mime-version:to:cc:subject:references:in-reply-to:content-type: content-transfer-encoding; q=dns; s=mx; b=E8aV6na3grE2rrVxYGXvkU KRutuyH9uepbQuA9zxiTMl+s6ijl3y4H8JYf5cPRA2uF1gbfwGL9fZ5pBhU1Ob0r lJ8EJnCSjKaE/6ptC8MMDRaswdv31zBK78hTWoK4gKBjhv383MSn3W3+LFcytIo1 WxJTWBGqilf/fI0YwA0YM=
Received: from zimbra.skype.net (zimbra.skype.net [78.141.177.82]) by mx.skype.net (Postfix) with ESMTP id 183947F6; Mon, 12 Sep 2011 10:33:01 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) by zimbra.skype.net (Postfix) with ESMTP id E77963507368; Mon, 12 Sep 2011 10:33:00 +0200 (CEST)
X-Virus-Scanned: amavisd-new at lu2-zimbra.skype.net
Received: from zimbra.skype.net ([127.0.0.1]) by localhost (zimbra.skype.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zr0v-Tny9+iY; Mon, 12 Sep 2011 10:33:00 +0200 (CEST)
Received: from Matthew-Kaufman-Air.local (c-217-115-41-36.cust.bredband2.com [217.115.41.36]) by zimbra.skype.net (Postfix) with ESMTPSA id BBC79350758D; Mon, 12 Sep 2011 10:32:59 +0200 (CEST)
Message-ID: <4E6DC3BA.4090706@skype.net>
Date: Mon, 12 Sep 2011 10:32:58 +0200
From: Matthew Kaufman <matthew.kaufman@skype.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2
MIME-Version: 1.0
To: Roman Shpount <roman@telurix.com>
References: <A444A0F8084434499206E78C106220CA0B00FDB08B@MCHP058A.global-ad.net> <4E67C3F7.7020304@jesup.org> <BE60FA11-8FFF-48E5-9F83-4D84A7FBE2BE@vidyo.com> <4E67F003.6000108@jesup.org> <7F2072F1E0DE894DA4B517B93C6A05852233E8554C@ESESSCMS0356.eemea.ericsson.se> <C3759687E4991243A1A0BD44EAC8230339CA68F054@BE235.mail.lan> <CAOJ7v-2u0UuNXh7bzmZFwiSucbsh=Ps=C3ZM5M3cJrXRmZgODA@mail.gmail.com> <CAKhHsXHXCkNdjtpxCSCk+ABbtxY15GEgouE6X6-sn-LqhnidQw@mail.gmail.com> <CABcZeBOdP6cAqBoiSV-Vdv1_EK3DfgnMamT3t3ccjDOMfELfBw@mail.gmail.com> <CAKhHsXFdU1ZaKQF8hbsOxwTS-_RfmFqQhgzGe=K4mRp+wz+_nQ@mail.gmail.com> <CAD5OKxtCMXzWLg40wV3teyh0TdiD1Xv4taW+BSguoDpAE46oJA@mail.gmail.com> <1541FDA8-C3F6-4D24-BEC4-60EDACB6B582@edvina.net> <CAD5OKxsuONT_-ZWS43BX7H8dkGscz2aM62m0uDyJauVTaUMC4g@mail.gmail.com> <CAD5OKxukC23Vabh=0qP_6o3x=oDLUX9t5_dLHk2McRweAxxpEg@mail.gmail.com> <903DEDB7-CA26-4354-90B2-BE97B78B0A34@skype.net> <CAD5OKxsJ7FM+p0+M43EM7uu7pVyJFzjNuRASbjFSN+-CRkCHBg@mail.gmail.com>
In-Reply-To: <CAD5OKxsJ7FM+p0+M43EM7uu7pVyJFzjNuRASbjFSN+-CRkCHBg@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Randell Jesup <randell-ietf@jesup.org>, Jonathan Lennox <jonathan@vidyo.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] AVPF [was: Encryption mandate (and offer/answer)]
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Sep 2011 08:31:00 -0000

On 9/12/11 4:45 AM, Roman Shpount wrote:
> Not sure if you want to configure TURN servers per organization. It is 
> not guaranteed that the TURN server will be used for the call. 
> Additionally you do want TURN server on the public internet, out side 
> of the corporate network. I think what you are trying to accomplish 
> should be implemented via proxy. SOCKS5 proxy can be used for media 
> and can be used to enforce corporate policies.

True, but there's no reason why a TURN server couldn't also be used, 
assuming that there is a way to specify a server (and the long-term 
credentials to be used)

SOCKS is particularly bad for UDP, and even SOCKS5 doesn't improve much 
upon that... this does bring up the question of whether or not the use 
cases should be updated to ensure that a client being a SOCKS proxy can 
use RTCWEB.

Matthew Kaufman