Re: [rtcweb] Solutions sought for non-ICE RTC calls, not +1 (Re: Requiring ICE for RTC calls)

Roman Shpount <roman@telurix.com> Wed, 28 September 2011 00:36 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CBCE21F8F5B for <rtcweb@ietfa.amsl.com>; Tue, 27 Sep 2011 17:36:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.566
X-Spam-Level:
X-Spam-Status: No, score=-2.566 tagged_above=-999 required=5 tests=[AWL=0.410, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HW5Ki1f4x8wm for <rtcweb@ietfa.amsl.com>; Tue, 27 Sep 2011 17:36:20 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 5A51421F8D3B for <rtcweb@ietf.org>; Tue, 27 Sep 2011 17:36:20 -0700 (PDT)
Received: by gyd12 with SMTP id 12so7140503gyd.31 for <rtcweb@ietf.org>; Tue, 27 Sep 2011 17:39:07 -0700 (PDT)
Received: by 10.236.185.228 with SMTP id u64mr52049053yhm.91.1317170346712; Tue, 27 Sep 2011 17:39:06 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by mx.google.com with ESMTPS id x12sm36035957yhi.10.2011.09.27.17.39.06 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 27 Sep 2011 17:39:06 -0700 (PDT)
Received: by ywa6 with SMTP id 6so7316270ywa.31 for <rtcweb@ietf.org>; Tue, 27 Sep 2011 17:39:05 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.4.170 with SMTP id l10mr40356652pbl.3.1317170345295; Tue, 27 Sep 2011 17:39:05 -0700 (PDT)
Received: by 10.68.55.39 with HTTP; Tue, 27 Sep 2011 17:39:05 -0700 (PDT)
In-Reply-To: <4E82678E.6060304@skype.net>
References: <CAD5OKxtNjmWBz92bRuxka7e-BUpTPgVUvr3ahJGpmZ-U5nuPbQ@mail.gmail.com> <CAOJ7v-3PrnNyesL+x-mto9Q9djjiJ13QZHXCiGfY1mv3nubrqQ@mail.gmail.com> <CAD5OKxsKTHCuBQdUnGQtGfF7NmZZExLe9Q9B9cNR=483neuHPQ@mail.gmail.com> <CAOJ7v-1rzdmviAnGknVZmrU_TDNoC3NmWd1g6iyx0WzZ4xB3Pw@mail.gmail.com> <4E820825.9090101@skype.net> <CAD5OKxvmKi3Py0gNcTdREdfS07hA-=f6L+u8KKVgSWztMft9kQ@mail.gmail.com> <CALiegfmL4VSRE+kgs5kXzQc3mCHnKpU-EAbVPKO4QNEYLKje=A@mail.gmail.com> <4E821E47.4080205@alvestrand.no> <CALiegfndBhod6Hoq6h63795x8f=ew28rDys=Fx8ScwVpVJwp1Q@mail.gmail.com> <CABcZeBOoF6MNSpATG2+_e99iRq7Jf9OoWWNCa=qRGW_v+maoHA@mail.gmail.com> <CAD5OKxubnxLAqybCgnBXpKR9S0rBEsoDg9enCaverjVWYad7Ew@mail.gmail.com> <CABcZeBPoQSM=L0-Er3j-ak2M6YfCbJkThbYuR_+=xUmcsxQz9Q@mail.gmail.com> <CAD5OKxsVE+LwKEcpe+hf+=i87Ucga0_VpkUGJkH5=HixV5Xkmw@mail.gmail.com> <CABcZeBM+FD5y7WenD=d_7jM1Fu+OrFyFgtsd1iGMpGfMe_gOKQ@mail.gmail.com> <CAD5OKxte2DYbgtFpF2jQGq_thYCyb1Li2ih5J6gpzamhJvRyTA@mail.gmail.com> <4E82678E.6060304@skype.net>
Date: Tue, 27 Sep 2011 20:39:05 -0400
Message-ID: <CAD5OKxv2UjmCmdDGo2ECbFr3b0-WUnUWhpdDreQYqP9yJUKR=A@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Matthew Kaufman <matthew.kaufman@skype.net>
Content-Type: multipart/alternative; boundary=bcaec5215f358a40af04adf59e0c
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Solutions sought for non-ICE RTC calls, not +1 (Re: Requiring ICE for RTC calls)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Sep 2011 00:36:21 -0000

On Tue, Sep 27, 2011 at 8:17 PM, Matthew Kaufman
<matthew.kaufman@skype.net>wrote;wrote:

>  No. This is not a correct description of the problem.
>
> ICE isn't about "trusting the site to not do something malicious with your
> media". ICE is about "trusting your browser to not attack other devices on
> your local network or the Internet".
>
> The browser must, without asking the user, be able to prove that the far
> end wishes to receive a stream of media. The standard we have available for
> that is a STUN connectivity check with short-term credentials, using a
> transaction ID that can neither be set from Javascript nor inspected from
> Javascript (to prevent spoofing of the reply). This is basically how ICE
> tests connectivity.
>
> Note that the consent must use the same protocol and port you will be
> sending media on. So for RTP or SRTP over UDP, the consent request must be
> sent and received over that same UDP port.
>
> Matthew Kaufman
>
>
You just repeated the same thing that I said, just a bit more clearly.

I guess we are making a conscientious not to be able to communicate with any
of the existing VoIP infrastructure including IP phones and SIP trunking
providers and expect them to implement ICE support. Until this happens RTC
end points will have to rely on some sort of media proxy to communicate with
existing infrastructure. Is this correct?

Do we have anybody in this list who has real life experience with deploying
large scale ICE based solutions over public internet? I just want to make
sure that we are not putting all of our eggs in the basket that no one ever
used.
_____________
Roman Shpount