Re: [rtcweb] I-D Action: draft-muthu-behave-consent-freshness-03.txt - ICE lite?

Christer Holmberg <> Thu, 28 February 2013 08:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 076CF21F8B1E for <>; Thu, 28 Feb 2013 00:00:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.252
X-Spam-Status: No, score=-6.252 tagged_above=-999 required=5 tests=[AWL=-0.003, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hF9BBO9rSxwA for <>; Thu, 28 Feb 2013 00:00:22 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id E1E0621F845D for <>; Thu, 28 Feb 2013 00:00:21 -0800 (PST)
X-AuditID: c1b4fb30-b7f0d6d000007e61-1f-512f0e94310a
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id B6.8F.32353.49E0F215; Thu, 28 Feb 2013 09:00:20 +0100 (CET)
Received: from ([]) by ([]) with mapi id 14.02.0318.004; Thu, 28 Feb 2013 09:00:20 +0100
From: Christer Holmberg <>
To: "Muthu Arul Mozhi Perumal (mperumal)" <>, "" <>
Thread-Topic: I-D Action: draft-muthu-behave-consent-freshness-03.txt - ICE lite?
Thread-Index: Ac4ViWWqq1q2uiaNQhqddVgafiXeLg==
Date: Thu, 28 Feb 2013 08:00:19 +0000
Message-ID: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrGLMWRmVeSWpSXmKPExsUyM+Jvje4UPv1Ag/XzzS3ufJrDarH2Xzu7 A5PHlN8bWT2WLPnJFMAUxWWTkpqTWZZapG+XwJXx6spR9oKfkhVNS+4zNjC+FOli5OSQEDCR mNh1jxnCFpO4cG89G4gtJHCIUeJeP1ANF5C9mFHi27tFrF2MHBxsAhYS3f+0QWpEBFIlHjdO ZwSxhQWCJPZPWsYCEQ+W2PH3LxOErSfReKiVBaSVRUBVYtWTcpAwr4C3xOQDF8FWMQKt/X5q DVg5s4C4xK0n85kgzhGQWLLnPNRpohIvH/9jhbAVJa5OXw5VryOxYPcnNghbW2LZwtfMEPMF JU7OfMIygVF4FpKxs5C0zELSMgtJywJGllWM7LmJmTnp5eabGIFhfXDLb4MdjJvuix1ilOZg URLnDXe9ECAkkJ5YkpqdmlqQWhRfVJqTWnyIkYmDU6qBMYi9sJLNVc0ySdtm/bvn65UEVc4+ PDLz7SvGKLX7B8SWnfXqsZPxMH0g7X9046tZXJt2iLe7xuX/f3Tho6GbxarwjFsdho7LrxSu XZ/zw8h8Vo39nd3fb2z2W1v9aTZLn9xhjX4t7R3J6kzP5jjPWfPumfAdX47TFptMWeJVdr64 kMimZXN5rxJLcUaioRZzUXEiAIXj+4g5AgAA
Subject: Re: [rtcweb] I-D Action: draft-muthu-behave-consent-freshness-03.txt - ICE lite?
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 28 Feb 2013 08:00:23 -0000


The draft does mention ICE lite in the "Design Considerations" section, but not elsewhere in the document.

So, when the consent freshness mechanism is used, and one endpoint is ICE lite, I assume it would not send consent STUN requests, but only receive them. Or?



-----Original Message-----
From: [] On Behalf Of Muthu Arul Mozhi Perumal (mperumal)
Sent: 26. helmikuuta 2013 17:07
Subject: [rtcweb] FW: I-D Action: draft-muthu-behave-consent-freshness-03.txt


This draft was presented in RTCWEB during IETF 83.5 and 84 and was discussed earlier in the BEHAVE and RTCWEB mailing lists. Most of the comments received and consensus reached so far have been incorporated (as a result the draft has been trimmed). It now also has a section on the W3C API implications.

Is the draft heading in the right direction? Given that it just describes a STUN usage for performing consent freshness and liveness test and provides recommendations for the W3C APIs, would RTCWEB be a better home for this draft?

Comments welcome.

- Authors

-----Original Message-----
From: [] On Behalf Of
Sent: Monday, February 25, 2013 11:57 PM
Subject: I-D Action: draft-muthu-behave-consent-freshness-03.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : STUN Usage for Consent Freshness
	Author(s)       : Muthu Arul Mozhi Perumal
                          Dan Wing
                          Ram Mohan Ravindranath
                          Hadriel Kaplan
	Filename        : draft-muthu-behave-consent-freshness-03.txt
	Pages           : 7
	Date            : 2013-02-25

   Verification of peer consent before sending traffic is necessary in
   WebRTC deployments to ensure that a malicious JavaScript cannot use
   the browser as a platform for launching attacks.  A related problem
   is session liveness.  WebRTC applications may want to detect
   connection failure and take appropriate actions.  This document
   describes a STUN usage that enables a WebRTC browser to perform the
   following on a candidate pair ICE is using for a media component
   after session establishment:

The IETF datatracker status page for this draft is:

There's also a htmlized version available at:

A diff from the previous version is available at:

Internet-Drafts are also available by anonymous FTP at:

I-D-Announce mailing list
Internet-Draft directories: or
rtcweb mailing list