Re: [rtcweb] Signalling, SDP, and the way we think about interconnecting RTCWEB applications

Randell Jesup <randell-ietf@jesup.org> Mon, 17 October 2011 15:05 UTC

Return-Path: <randell-ietf@jesup.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D86121F8C44 for <rtcweb@ietfa.amsl.com>; Mon, 17 Oct 2011 08:05:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.539
X-Spam-Level:
X-Spam-Status: No, score=-2.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L+mAKyOZkzk4 for <rtcweb@ietfa.amsl.com>; Mon, 17 Oct 2011 08:05:01 -0700 (PDT)
Received: from r2-chicago.webserversystems.com (r2-chicago.webserversystems.com [173.236.101.58]) by ietfa.amsl.com (Postfix) with ESMTP id 1689621F8C3A for <rtcweb@ietf.org>; Mon, 17 Oct 2011 08:05:00 -0700 (PDT)
Received: from pool-173-49-141-165.phlapa.fios.verizon.net ([173.49.141.165] helo=[192.168.1.12]) by r2-chicago.webserversystems.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <randell-ietf@jesup.org>) id 1RFokO-00032U-6m for rtcweb@ietf.org; Mon, 17 Oct 2011 10:05:00 -0500
Message-ID: <4E9C430A.1070600@jesup.org>
Date: Mon, 17 Oct 2011 11:00:26 -0400
From: Randell Jesup <randell-ietf@jesup.org>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <AAE428925197FE46A5F94ED6643478FEA925614C6A@HE111644.EMEA1.CDS.T-INTERNAL.COM> <92A553E5-107A-4987-A5F5-1F56FB5A7800@acmepacket.com> <CALiegfn6nv1D2HjeMo-jPDh9Acph7JdH1DT1xZXUtHqzqxya3Q@mail.gmail.com> <CA+9kkMB3p1u7hRX_vO1bQbQ2z-V+0rLiJmi+ZqkEA0mqc66keQ@mail.gmail.com> <CALiegf=26_6r_YjBCmO+6_GnrAzi=KcLoPFqUi-y1E8m_gWreQ@mail.gmail.com> <CA+9kkMDsWyKdvXSRMV0OGEeEYbSENFHSOovNJDUGK30N_pGrnQ@mail.gmail.com> <CABRok6nsVH5tYfwFqQpmjF=Kj-wZQDB9XUX8oOee8r3wr51fKA@mail.gmail.com> <CAAJUQMg79h1=V4m9agq9CcEmFknTaaXrgUz9qtq9EL-0_nChiQ@mail.gmail.com> <4E996E80.6070500@alvestrand.no> <CABRok6k=8wa_K7X+MHwaii+6ANfTquLqauMKgm7KP82wf6pKyA@mail.gmail.com> <8486C8728176924BAF5BDB2F7D7EEDDF3E0906A2@ucolhp4d.easf.csd.disa.mil> <CAAJUQMjsRu=eQic002-T-V0rK=1ByRUD8vV2_+C3Q-cHf-ZL4g@mail.gmail.com> <CAAJUQMiV0-w7QBpWk1dc+BprM0T1MiKt-yuH7V9YyZ=vwD=z7Q@mail.gmail.com> <4E9BA235.3010808@jesup.org> <CAAJUQMjx3KnAqqFbEzzKBw_QMa48+yokQ8U4wemMGGVQhOepCg@mail.gmail.com>
In-Reply-To: <CAAJUQMjx3KnAqqFbEzzKBw_QMa48+yokQ8U4wemMGGVQhOepCg@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r2-chicago.webserversystems.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jesup.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: Re: [rtcweb] Signalling, SDP, and the way we think about interconnecting RTCWEB applications
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Oct 2011 15:05:01 -0000

On 10/17/2011 2:14 AM, Wolfgang wrote:
> On Mon, Oct 17, 2011 at 5:34 AM, Randell Jesup<randell-ietf@jesup.org>;  wrote:
>>> In my model the server would know what type of call was set up as it
>>> always controls both ends of the call. If some other application
>>> controls the calling party, you need some standardized protocol like
>>> SDP.
>>
>> So the server negotiates the parameters?  I'm not sure what "my model" means
>> here (and I reviewed earlier messages from you here).

> I didn't have company email access during the weekend and I'm the author of
> https://datatracker.ietf.org/doc/draft-beck-rtcweb-alt-ic/. The idea
> is to always use
> only one RTCWEB server and authenticate/authorize unknown users by 3rd party
> authentication. Like commenting on a blog using OpenID.

Ok, I looked at draft-beck-rtcweb-alt-ic.

One huge problem with it: it's based on an assumption that for most 
cases of federation and cross-service calls won't hold: that clients 
will use the same client JS app, and the services are just providing 
different realms/methods of authentication and user-lookup.

Also, your draft doesn't explain how A & B came to be talking to the 
same server in the first place.  The draft seems mostly focused on how a 
single provider can use a shared authentication scheme (and I would 
suggest that we try to find a provider-agnostic way to leverage id 
systems such as BrowserID and/or OpenID to provide end-user identification).

You should talk to ekr who's writing the security draft and see if you 
can merge some of these ideas into it.

I don't think it in any way helps our signalling/SDP/etc discussion, my 
apologies.


-- 
Randell Jesup
randell-ietf@jesup.org