Re: [rtcweb] Use case change request: Identity in multiuser calls
Paul Kyzivat <pkyzivat@alum.mit.edu> Thu, 11 August 2011 16:50 UTC
Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D993821F8C93 for <rtcweb@ietfa.amsl.com>; Thu, 11 Aug 2011 09:50:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.575
X-Spam-Level:
X-Spam-Status: No, score=-2.575 tagged_above=-999 required=5 tests=[AWL=0.024, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sW3bZqJoDQeq for <rtcweb@ietfa.amsl.com>; Thu, 11 Aug 2011 09:50:24 -0700 (PDT)
Received: from QMTA11.westchester.pa.mail.comcast.net (qmta11.westchester.pa.mail.comcast.net [76.96.59.211]) by ietfa.amsl.com (Postfix) with ESMTP id BAC3B21F8C92 for <rtcweb@ietf.org>; Thu, 11 Aug 2011 09:50:23 -0700 (PDT)
Received: from omta07.westchester.pa.mail.comcast.net ([76.96.62.59]) by QMTA11.westchester.pa.mail.comcast.net with comcast id K4Xg1h0041GhbT85B4qzjW; Thu, 11 Aug 2011 16:50:59 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([24.62.109.41]) by omta07.westchester.pa.mail.comcast.net with comcast id K4qy1h00d0tdiYw3T4qyzb; Thu, 11 Aug 2011 16:50:58 +0000
Message-ID: <4E440870.8030301@alum.mit.edu>
Date: Thu, 11 Aug 2011 12:50:56 -0400
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <CA696857.1CB81%henry.sinnreich@gmail.com>
In-Reply-To: <CA696857.1CB81%henry.sinnreich@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [rtcweb] Use case change request: Identity in multiuser calls
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2011 16:50:25 -0000
On 8/11/11 12:07 PM, Henry Sinnreich wrote:
>> The participants are identified to
>> each other by the central server
>
> There may be no contradiction, but just to make sure the scenario, such as a
> confidential business meeting is included (not necessarily a social network
> scenario).
>
> A confidential conference MUST assure that all participants can also be
> safely identified first to each other, not necessarily by the server, end to
> end, to the full satisfaction of all the participants, who would otherwise
> refuse to continue to speak up or continue to attend at all.
> Who provides for the e2e identification? A 3rd party? Inside the app?
>
> Did I understand correctly there is no contradiction?
> Any problem in clarifying this?
This is an example of the sort of thing I was speaking of in my earlier
reply - that there are differing levels of identity that may be desired.
In some cases, participants may want to be fully anonymous. But even
then, it will typically be important that one participant be able to
identify *which* of the other (anonymous) participants it is receiving
media from. (E.g. by noting which participant in the roster is the
current speaker - anon1, anon2, ...)
In other cases the participants *true* identities are hidden, but
handles/nicknames may be used to identify them in the roster and in
chats. ("snoopy" and "red barron" rather than anon1 and anon2.)
But in that case there are issues of how the handles are associated with
participants. It could be that handles are permanently assigned to real
users by the server. Then you can be confident that when talking to
"snoopy" it is always someone well defined - same as the last time -
without awareness of who that person *actually* is.
Alternatively, the server might allow handles to be used on a fcfs basis
per conference. Or it might allow handles to be non-unique, so that you
could have two "snoopy"s at the same time, bound to unrelated users.
Henry - what sort of mechanism did you have in mind for these anonymous
participants to identify themselves to one another? Are you talking
about the exchange of credentials using the server as an intermediary in
the exchange? Or did you have in mind an exchange outside the server.
(E.g. Bob establishes a secure connection to Alice and over it tells her
"I'm anon2 in conference foo right now"?
Thanks,
Paul
> Thanks, Henry
>
>
> On 8/10/11 9:16 AM, "Harald Alvestrand"<harald@alvestrand.no> wrote:
>
>> In draft-ietf-rtcweb-use-cases-and-requirements, I would like to extend
>> one part of the scenario "4.3.3 Video conferencing system with central
>> server".
>>
>> I would like to add one more paragraph:
>>
>> "All participant are authenticated by the central server, and authorized
>> to connect to the central server. The participants are identified to
>> each other by the central server, and the participants do not have
>> access to each others' credentials such as e-mail addresses or login IDs".
>>
>> This is necessary in order to drive use cases that resemble Google
>> Hangout, where it is a requirement that people are able to participate
>> without disclosing their Google login IDs to each other.
>> (in the particular case of Hangout, the display name on their profile
>> *is* disclosed ... but that's a different matter)
>>
>> The reason I think this is important is that it feeds directly into the
>> discussion of what WebRTC needs to authorize: The final source or
>> destination of media, or the identity of the handler at the first hop.
>> In at least the case of Hangouts, the requirement is to *not* authorize
>> the final source or destination.
>>
>> Not sure yet how to formulate that as a requirement, and not sure yet if
>> it applies to the cases without a central server, such as 4.2.6. We may
>> have to decide.
>>
>> Harald
>>
>>
>> _______________________________________________
>> rtcweb mailing list
>> rtcweb@ietf.org
>> https://www.ietf.org/mailman/listinfo/rtcweb
>
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>
- [rtcweb] Use case change request: Identity in mul… Harald Alvestrand
- Re: [rtcweb] Use case change request: Identity in… Paul Kyzivat
- Re: [rtcweb] Use case change request: Identity in… Randell Jesup
- Re: [rtcweb] Use case change request: Identity in… Stefan Håkansson LK
- Re: [rtcweb] Use case change request: Identity in… Harald Alvestrand
- Re: [rtcweb] Use case change request: Identity in… Stefan Håkansson LK
- Re: [rtcweb] Use case change request: Identity in… Harald Alvestrand
- Re: [rtcweb] Use case change request: Identity in… Harald Alvestrand
- Re: [rtcweb] Use case change request: Identity in… Henry Sinnreich
- Re: [rtcweb] Use case change request: Identity in… Paul Kyzivat
- Re: [rtcweb] Use case change request: Identity in… Igor Faynberg
- Re: [rtcweb] Use case change request: Identity in… Henry Sinnreich
- Re: [rtcweb] Use case change request: Identity in… Igor Faynberg
- Re: [rtcweb] Use case change request: Identity in… Henry Sinnreich
- Re: [rtcweb] Use case change request: Identity in… Randell Jesup
- Re: [rtcweb] Use case change request: Identity in… Igor Faynberg
- Re: [rtcweb] Use case change request: Identity in… Paul Kyzivat
- [rtcweb] Exchange of trusted identities in server… Harald Alvestrand
- Re: [rtcweb] Exchange of trusted identities in se… Igor Faynberg
- Re: [rtcweb] Exchange of trusted identities in se… Paul Kyzivat
- Re: [rtcweb] Exchange of trusted identities in se… Alan Johnston
- Re: [rtcweb] Exchange of trusted identities in se… Randell Jesup