Re: [rtcweb] Question about ICE-Lite server

[Harald Alvestrand <harald@alvestrand.no>]

On 07/04/2014 03:15 PM, Iñaki Baz Castillo wrote:
> Hi,
>
> In case of aggressive ICE the controlling agent (let's say: the
> client), and assuming the client has IPv4 and IPv6 and the ICE-Lite
> server as well, the server will receive multiple STUN Requests with
> USE-CANDIDATE and will decide which one to select based on computed
> candidate-pair priorities (so both the client and server select the
> same as they follow the same algorithm).
>
> Now my question is: let's assume that the server is just provided with
> local ICE username and password, but knows nothing about the fields in
> ICE candidates (let's assume that the SDP is negotiated by other
> entity which does not notify the media server about ICE candidate
> parameters others than local username and password).

To me this sounds like "can an endpoint participate in ICE without 
participating in the exchange of candidates" - and my immediate reaction 
is "if it could, it would be a security risk".

I don't think it's possible. And I think that's a Good Thing.

>
> So the media server just knows its local ICE username and password,
> but it receives a ICE Request with USE-CANDIDATE on the IPv4 interface
> and another on the IPv6 interface.
>
> Can the ICE server determine which pair to select (the IPv4 or the
> IPv6) by just inspecting the PRIORITY attribute in both STUN Requests
> and select the one with highest value?
>
> Or does the server need to assign priority, component and all the ICE
> stuff to its interfaces and also be provided with the client's and its
> own ICE candidates?
>
> Thanks a lot.
>