Re: [rtcweb] Appropriateness of bypass mechanisms (Re: HTTP Fallback draft)

"Cullen Jennings (fluffy)" <fluffy@cisco.com> Fri, 07 September 2012 14:23 UTC

Return-Path: <fluffy@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 159C221F8513 for <rtcweb@ietfa.amsl.com>; Fri, 7 Sep 2012 07:23:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yTK0WBwDb4LR for <rtcweb@ietfa.amsl.com>; Fri, 7 Sep 2012 07:23:03 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id 3DD6321F84FE for <rtcweb@ietf.org>; Fri, 7 Sep 2012 07:22:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1572; q=dns/txt; s=iport; t=1347027783; x=1348237383; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=1j0EX/iTkxDUPpdYR8lEKoPqWJ20AM6Ns4MX8TfhZbA=; b=E8EE4hoezreD4vZNLcp6CTSvXph6beKoNIitTu1qxKV0FTTfGrN6F3l0 CiAlnidxkfIGAheGXmiUQxE25xByvUUu/jOHuZH3zWIZ+c7BbN22BkwYi md/UIOzYObH9Yap3maXOGeo1RiP8Xr8E6+Kp1Vt3a5CBOU+RPVoJdCk9M E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av4EADECSlCtJXG//2dsb2JhbABFuzqBB4IgAQEBAwESASc/BQsCAQgYHhAyJQIEDgUih2gGmyegSYsShVRgA5VdjjWBZ4Jk
X-IronPort-AV: E=Sophos;i="4.80,387,1344211200"; d="scan'208";a="119325892"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by rcdn-iport-6.cisco.com with ESMTP; 07 Sep 2012 14:22:51 +0000
Received: from xhc-rcd-x12.cisco.com (xhc-rcd-x12.cisco.com [173.37.183.86]) by rcdn-core2-4.cisco.com (8.14.5/8.14.5) with ESMTP id q87EMpUO015094 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 7 Sep 2012 14:22:51 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.253]) by xhc-rcd-x12.cisco.com ([173.37.183.86]) with mapi id 14.02.0318.001; Fri, 7 Sep 2012 09:22:51 -0500
From: "Cullen Jennings (fluffy)" <fluffy@cisco.com>
To: Harald Alvestrand <harald@alvestrand.no>
Thread-Topic: [rtcweb] Appropriateness of bypass mechanisms (Re: HTTP Fallback draft)
Thread-Index: AQHNjQRDzKB1tIUge060+/uXq+3R1A==
Date: Fri, 7 Sep 2012 14:22:51 +0000
Message-ID: <FE024D5B-3BC1-41E2-9740-93BE61741BF3@cisco.com>
References: <20120807180156.286e74d2@rainpc> <D5BDA7BE-FE55-47FA-99FD-1645084370B0@gmx.net> <20120807191226.5b8e7f32@rainpc> <BLU401-EAS2566333A7F4DEA0D3BFDBE593CD0@phx.gbl> <913383AAA69FF945B8F946018B75898A1477EDB9@xmb-rcd-x10.cisco.com> <CAD6AjGSU8mzbcdbOkgGtAms1tdHhjiuQn_NFXELwO2kjegJkCQ@mail.gmail.com> <502285B2.8080007@alvestrand.no>
In-Reply-To: <502285B2.8080007@alvestrand.no>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.20.249.167]
x-tm-as-product-ver: SMEX-10.2.0.1135-7.000.1014-19168.005
x-tm-as-result: No--28.806700-8.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: text/plain; charset="us-ascii"
Content-ID: <7A873E7259F3AC438D1A6B1EB4DD7CC8@cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Appropriateness of bypass mechanisms (Re: HTTP Fallback draft)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Sep 2012 14:23:04 -0000

On Aug 8, 2012, at 9:28 AM, Harald Alvestrand <harald@alvestrand.no> wrote:

> Forking thread....
> 
> On 08/08/2012 05:05 PM, Cameron Byrne wrote:
>> 
>> 
>> Is this thread  really about the ietf engineering a way to by-pass network policy set by network operators?
>> 
> It's about getting stuff done in the presence of rules that hinder the "simple way".
> Those rules may be set that way deliberately, by ignorance, because of implementation limitations, or in error; there's no way to know.
> 
>> I do not believe that is acceptable.
>> 
> We've already done TURN, including TURN over TLS.

TURN was specifically designed to allow the network operator to be able to continue to control and enforce policies similar to what they currently do in their firewalls. You will note Kaufman strongly disagreed with this design principle and would have done the permissions in TURN significantly differently - that would have actually made TURN faster and easier to use but would have removed this property. We choice to stay on the path of "not violating or circumventing the will of network administrators". 

That said, I think the discussion about making media relay / tunnel protocol that masquerades as HTTPS is leaping of the edge of the slippery slope. I have mixed feelings about if that is wise or not but that's a long discussion.

> 
> Old quote: "This is not about starting down the slippery slope; this is about how far we slide into the muck at the bottom".

Agree with that :-)