Re: [rtcweb] SDP_PRANSWER followed by SDP_OFFER scenario in JSEP

Christer Holmberg <> Thu, 03 May 2012 20:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7118421F8686 for <>; Thu, 3 May 2012 13:50:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.139
X-Spam-Status: No, score=-6.139 tagged_above=-999 required=5 tests=[AWL=0.110, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Dzemd6y5pqmm for <>; Thu, 3 May 2012 13:50:08 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id B2A1121F8675 for <>; Thu, 3 May 2012 13:50:07 -0700 (PDT)
X-AuditID: c1b4fb30-b7b07ae000006839-ab-4fa2ef7e78ef
Received: from (Unknown_Domain []) (using TLS with cipher AES128-SHA (AES128-SHA/128 bits)) (Client did not present a certificate) by (Symantec Mail Security) with SMTP id 64.D8.26681.E7FE2AF4; Thu, 3 May 2012 22:50:06 +0200 (CEST)
Received: from ([]) by ([]) with mapi; Thu, 3 May 2012 22:50:06 +0200
From: Christer Holmberg <>
To: Roman Shpount <>
Date: Thu, 03 May 2012 22:50:05 +0200
Thread-Topic: [rtcweb] SDP_PRANSWER followed by SDP_OFFER scenario in JSEP
Thread-Index: Ac0pbCCcBZjsQCL4S7el2wpWmQIS2gAAMpdN
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>, <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAA==
Cc: Randell Jesup <>, "" <>
Subject: Re: [rtcweb] SDP_PRANSWER followed by SDP_OFFER scenario in JSEP
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 03 May 2012 20:50:08 -0000


>>You could also choose not to alert the remote user until the ICE procedures have finished - more or less using ICE with preconditions.
>> Of course, that is going to trigger actions in STUN/TURN servers, even if the called party won't accept the call, but at least from a user 
>> experience perspective that is still better than lifting the hook, and having to wait for whatever-time-it-takes-for-ICE-to-finish seconds before one can start to talk.
> This also has a downside of disclosing user's IP to the caller without the user confirmation. For a lot of applications this can be serious security flaw. 

The client can still log when ICE procedures occur.

Because, even if I wait until your phone starts to ring, most likely I would still get your IP address without user confirmation (speaking in SIP terms, phones normally don't ask for user permission before they send 18x with SDP), eventhough you would easier be made aware of that it happens.

Another alternative is of course to do ICE with an SBC, and/or having an SBC doing ICE on behalf of you :)