Re: [rtcweb] Resolving RTP/SDES question in Paris

Harald Alvestrand <> Tue, 10 April 2012 18:39 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4FCEF11E812E for <>; Tue, 10 Apr 2012 11:39:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -110.06
X-Spam-Status: No, score=-110.06 tagged_above=-999 required=5 tests=[AWL=-0.061, BAYES_00=-2.599, J_CHICKENPOX_53=0.6, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ap8zSElIejzx for <>; Tue, 10 Apr 2012 11:39:39 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 64D9411E80B8 for <>; Tue, 10 Apr 2012 11:39:39 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9CA3239E20A; Tue, 10 Apr 2012 20:39:35 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 136X5Y7J568T; Tue, 10 Apr 2012 20:39:35 +0200 (CEST)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id 188BE39E17B; Tue, 10 Apr 2012 20:39:35 +0200 (CEST)
Message-ID: <>
Date: Tue, 10 Apr 2012 20:39:34 +0200
From: Harald Alvestrand <>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20120313 Thunderbird/3.1.20
MIME-Version: 1.0
To: Roman Shpount <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "<>" <>
Subject: Re: [rtcweb] Resolving RTP/SDES question in Paris
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 10 Apr 2012 18:39:40 -0000

On 04/10/2012 08:22 PM, Roman Shpount wrote:
> I thought about customer provided TURN servers and I do not think they 
> will be sufficient, due to the fact that no information describing the 
> media (URL of the application that initiated this media call, 
> codec,any codec related parameters, keys). I think some sort of 
> network based hook that will allow browser to send all the signaling 
> information to some sort of WebRTC signaling proxy server would be 
> required to enable any type of managed corporate use. Since we gave up 
> the standard signaling protocol we gave up a lot of functionality 
> enterprise customers expect from real time communications. In case of 
> SIP enterprise can deploy some sort of proxy server and enforce any 
> type of enterprise specific policy. The only way to fill this gap is 
> to provide an ability to modify signaling coming from and being sent 
> via WebRTC API in a manner independent of the application code, by 
> configuring a policy enforcement server in web browser. The protocol 
> used to communicate with the policy enforcement server can be 
> something as simple as HTTP post with SDP data with response being 
> policy server modified SDP.  Any additional requirements such as 
> authentication and encryption of communications between WebRTC client 
> and WebRTC policy server will be provided via standard HTTP means 
> (HTTPS, and Digest authentication).

This requires the code that sends the SDP to the policy server to be 
part of the browser, since you obviously can't trust the Javascript to 
do the call-out to the server. (If you could trust the Javascript, you 
could also trust it to enforce policy.)

In that case, why don't you just require that the browser do the 
wiretapping for you by copying the media? Much simpler, and you don't 
have to worry about interpreting the SIP.