Re: [rtcweb] Filling in details on "trickle ICE"

Matthew Kaufman <matthew.kaufman@skype.net> Mon, 27 August 2012 19:53 UTC

Return-Path: <matthew.kaufman@skype.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8658021F84B3 for <rtcweb@ietfa.amsl.com>; Mon, 27 Aug 2012 12:53:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.999
X-Spam-Level:
X-Spam-Status: No, score=-3.999 tagged_above=-999 required=5 tests=[AWL=-0.400, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S8MZfQ8rRnRd for <rtcweb@ietfa.amsl.com>; Mon, 27 Aug 2012 12:53:56 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe004.messaging.microsoft.com [216.32.180.14]) by ietfa.amsl.com (Postfix) with ESMTP id 75FD921F8495 for <rtcweb@ietf.org>; Mon, 27 Aug 2012 12:53:56 -0700 (PDT)
Received: from mail226-va3-R.bigfish.com (10.7.14.243) by VA3EHSOBE009.bigfish.com (10.7.40.29) with Microsoft SMTP Server id 14.1.225.23; Mon, 27 Aug 2012 19:53:55 +0000
Received: from mail226-va3 (localhost [127.0.0.1]) by mail226-va3-R.bigfish.com (Postfix) with ESMTP id 5D6E89001D5; Mon, 27 Aug 2012 19:53:55 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC104.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -26
X-BigFish: VS-26(zz9371I542Mzz1202hzz1033IL8275dhz2fh2a8h668h839h944hd25hf0ah107ah)
Received-SPF: pass (mail226-va3: domain of skype.net designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=matthew.kaufman@skype.net; helo=TK5EX14HUBC104.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail226-va3 (localhost.localdomain [127.0.0.1]) by mail226-va3 (MessageSwitch) id 1346097233234450_27463; Mon, 27 Aug 2012 19:53:53 +0000 (UTC)
Received: from VA3EHSMHS041.bigfish.com (unknown [10.7.14.248]) by mail226-va3.bigfish.com (Postfix) with ESMTP id 36A61780045; Mon, 27 Aug 2012 19:53:53 +0000 (UTC)
Received: from TK5EX14HUBC104.redmond.corp.microsoft.com (131.107.125.8) by VA3EHSMHS041.bigfish.com (10.7.99.51) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 27 Aug 2012 19:53:53 +0000
Received: from TK5EX14MBXC272.redmond.corp.microsoft.com ([169.254.2.89]) by TK5EX14HUBC104.redmond.corp.microsoft.com ([157.54.80.25]) with mapi id 14.02.0318.003; Mon, 27 Aug 2012 19:53:51 +0000
From: Matthew Kaufman <matthew.kaufman@skype.net>
To: Jim Barnett <Jim.Barnett@genesyslab.com>, Martin Thomson <martin.thomson@gmail.com>, Cullen Jennings <fluffy@iii.ca>
Thread-Topic: [rtcweb] Filling in details on "trickle ICE"
Thread-Index: AQHNggtYU4RJsiahn0ePX6kIvBvYA5dpHYyAgAABRICAAAOYgIAACHQAgAADxICAABZ7AIAAM/2AgAATuQCABIcVcA==
Date: Mon, 27 Aug 2012 19:53:50 +0000
Message-ID: <AE1A6B5FD507DC4FB3C5166F3A05A4840E4E7B56@tk5ex14mbxc272.redmond.corp.microsoft.com>
References: <CABcZeBMzgAs=hK38hCjS7t6yLjkTydS2TQUb8R3rBbRKGakVdQ@mail.gmail.com><CABkgnnVBBAH=HCkn_cksBs_9A_hm=VfFwcTtvOM3C7XB2h2KTA@mail.gmail.com><CABcZeBMFUFjU=FQo5LeJrcMfajeae0j+PWw5U2g5dUQNcJLWaA@mail.gmail.com><CABkgnnXiL3_U+Hci9ooDqBCsoV3KF8pwgcf9zbuN6EKZkK+aiQ@mail.gmail.com><CABcZeBNkkH93ybuMWoFg-ddKWnRgdn2Vgyb50W21A2GoMWxw6Q@mail.gmail.com><CABkgnnXQ25ZYNqeO+=FsYDR3aNvFS2zvrKWGs5o=h8m+Eq=Y+Q@mail.gmail.com><3B8DB12B-ABB3-4AC2-A0A0-93DC62C619D3@iii.ca> <CABkgnnU3ecmhUwCYHmppwLJz-nbSA6=VRF7nF7wcpb+5QAWmdQ@mail.gmail.com> <E17CAD772E76C742B645BD4DC602CD81069D82BF@NAHALD.us.int.genesyslab.com>
In-Reply-To: <E17CAD772E76C742B645BD4DC602CD81069D82BF@NAHALD.us.int.genesyslab.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.76]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: skype.net
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Filling in details on "trickle ICE"
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Aug 2012 19:53:57 -0000

If both ends want to do a full, standards compliant (which also implies *not* trickle) ICE, then we can bake that into the browser following the existing RFC as specification.

If both ends want to do something that isn't that, then we either need to write down *exactly* how they do that "something else" (which would imply an RFC or three for things like how trickle ICE works, how it is discovered, what SDP implications it has, etc.) *or* we need to provide knobs that allow the developer, through Javascript, to ensure that both ends do the same (or compatible) "something elses".

Note that the only reason ICE-like STUN connectivity tests are a MUST is that it is required for consent verification. There are any number of reasons why an endpoint might wish to do something other than what a full standards-compliant ICE implementation would require... this thread has been about the issues around trickle candidates, but there's also the case where you're on a webpage of mine and I know I'm going to send your call via a gateway that has a public IP address. There is no reason to run any of what ICE requires *except* the security-considerations-mandated consent verification, and only in the browser-to-gateway test direction.

Again, we could write another RFC covering that case... or we could just do what our (Microsoft's) proposal suggests and provide the developer with the controls necessary to implement *any* of these use cases, including the mode that matches the current ICE RFC.

As a side effect, the developer then *also* has the flexibility to improve interoperation with things like pre-final ICE implementations, as long as they meet the requirements around STUN connectivity tests.

So to recap, if you want something fancy like ICE with trickle candidates you have two options:

X) Give the developer the flexibility to build variations upon ICE within the security constraints, or
Y) Start writing Internet Drafts describing all the variations upon ICE you might wish to use and then get every browser vendor to add them

Matthew Kaufman


-----Original Message-----
From: rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] On Behalf Of Jim Barnett
Sent: Friday, August 24, 2012 3:33 PM
To: Martin Thomson; Cullen Jennings
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Filling in details on "trickle ICE"

Martin,
  Just to make sure that I understand your position, I take you to be
saying:  
1) in the case where both endpoints have downloaded their apps from the same server, they can do trickle ICE any way that they want.
2) in the case where an application is  talking to an unknown or legacy peer, trickle  ICE is a bad idea because there is no standard way to do it. (i.e. try it at your own risk)

Is this correct?

- Jim