Re: [rtcweb] More on authorization and endpoint authentication
Igor Faynberg <igor.faynberg@alcatel-lucent.com> Fri, 05 August 2011 18:05 UTC
Return-Path: <igor.faynberg@alcatel-lucent.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0859511E809B for <rtcweb@ietfa.amsl.com>; Fri, 5 Aug 2011 11:05:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.932
X-Spam-Level:
X-Spam-Status: No, score=-6.932 tagged_above=-999 required=5 tests=[AWL=-0.333, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id em70FxwbeTvL for <rtcweb@ietfa.amsl.com>; Fri, 5 Aug 2011 11:05:31 -0700 (PDT)
Received: from ihemail4.lucent.com (ihemail4.lucent.com [135.245.0.39]) by ietfa.amsl.com (Postfix) with ESMTP id 075E711E8098 for <rtcweb@ietf.org>; Fri, 5 Aug 2011 11:05:30 -0700 (PDT)
Received: from usnavsmail2.ndc.alcatel-lucent.com (usnavsmail2.ndc.alcatel-lucent.com [135.3.39.10]) by ihemail4.lucent.com (8.13.8/IER-o) with ESMTP id p75I5gEW014696 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 5 Aug 2011 13:05:42 -0500 (CDT)
Received: from umail.lucent.com (umail-ce2.ndc.lucent.com [135.3.40.63]) by usnavsmail2.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id p75I5fY7031561 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 5 Aug 2011 13:05:42 -0500
Received: from [135.244.34.99] (faynberg.lra.lucent.com [135.244.34.99]) by umail.lucent.com (8.13.8/TPES) with ESMTP id p75I5fe7028377; Fri, 5 Aug 2011 13:05:41 -0500 (CDT)
Message-ID: <4E3C30F4.60407@alcatel-lucent.com>
Date: Fri, 05 Aug 2011 14:05:40 -0400
From: Igor Faynberg <igor.faynberg@alcatel-lucent.com>
Organization: Alcatel-Lucent
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
MIME-Version: 1.0
To: Ted Hardie <ted.ietf@gmail.com>
References: <CABcZeBM2hgNkBgvB=8uw_CKuQ+=F=TPBtJq16SyvQ=SKPNVY+A@mail.gmail.com> <BLU152-W15D1D8903A1053AA4D74B9933C0@phx.gbl> <CABcZeBOTtF4rz7X2tmumwCL85v2k-ghzagYD4_F204Su-KVKtw@mail.gmail.com> <CA+9kkMCZdXGAJ1nUxnb5SHzFUaqpmbffN44rz8qGxkjXTs0H7g@mail.gmail.com>
In-Reply-To: <CA+9kkMCZdXGAJ1nUxnb5SHzFUaqpmbffN44rz8qGxkjXTs0H7g@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.39
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.10
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] More on authorization and endpoint authentication
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: igor.faynberg@alcatel-lucent.com
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 18:05:32 -0000
There are many interesting points here (as there are elsewhere on this thread). Just to pick one, I wonder if it is an appropriate time to start zeroing in on acceptable identities as well as on the way of mapping them to a specific "person" (including bots). There are two aspects to it. One is authentcation (i.e., a sort of a transitive closure reliance: if I know that A and B are different identities of P, and I have authenticated P based on A, I may , in certain circumstances, trust what comes from B), and the other is actually the choice of identifier. Of course, I realize that this question sort of strays off the thread... On the identifer choice, in direct response to Ted's last point, I would think that using SIP identities has much merit in several deployments. One is mobile telecom, where incidentally an end-point device is always sufficiently authenticated, with a straight-forward extension to the person's authentication as the next step. (By the way, when I read the quoted paragraph from Eric, I did assume that he meant "identity." ) Igor On 8/5/2011 1:38 PM, Ted Hardie wrote: > On Fri, Aug 5, 2011 at 6:41 AM, Eric Rescorla<ekr@rtfm.com> wrote: >> However, the point I was trying to make is that this is distinct from letting >> the Web server that provided the page route the messages itself. You >> might imagine not trusting the page but nevertheless be willing to allow >> it to provide you with an address which you can independently verify >> and derference. >> >> Best, >> -Ekr > > Do you really mean "an address" which you can independently verify and > dereference, or an identity you can verify? > > Let's take the poker site example. The web site owner wants to embed > video streams in the poker application, so that the players are > reasonably assured that they are not playing a bot (or, at least, that > the player using a bot must be physically present during the game). > The poker players are likely put into groups based on arrival time, > maximum bid, etc. in one mode; in another mode, a group of friends > may come and play together. In the first mode, the players likely do > not want to share any identifying information with each other. In the > second mode, the first player might invite the other players to a > room, by sharing a URI provided by the web server, or he might pass > their identities to the web server, so it can limit access to those > signing in with those identities. > > In neither case, do we really want the web server to pass the video. > It serves as the initial signaling path for the messages among > players, but that's really it for the audio/video streaming part. > > I've been assuming that the website would provide an identity in this > case, if one were needed (e.g. player5579@pokersite.example), but that > the primary reason for that identity would be outside the connectivity > model (so you know if you're playing the same player again, for > example, and can react if the picture looks different, or you don't > want to play with someone who is better than you). Anyone in model > one (using a URI to join a specific game) would be assigned an > identity. Anyone in model two (where the website locks down the game > to specific players) has to know what the player identities are to > invite. > > In neither case does this seem to me to map well to SIP identity, and > I'm concerned that if we start with SIP identity as a mental model, > we're going to have softphones in browsers that can't do any of the > more web-based things that we actually want to enable. > > regards, > > Ted > _______________________________________________ > rtcweb mailing list > rtcweb@ietf.org > https://www.ietf.org/mailman/listinfo/rtcweb
- [rtcweb] More on authorization and endpoint authe… Eric Rescorla
- Re: [rtcweb] More on authorization and endpoint a… Bernard Aboba
- Re: [rtcweb] More on authorization and endpoint a… Harald Alvestrand
- Re: [rtcweb] More on authorization and endpoint a… Eric Rescorla
- Re: [rtcweb] More on authorization and endpoint a… Ted Hardie
- Re: [rtcweb] More on authorization and endpoint a… Igor Faynberg