Re: [rtcweb] Let's define the purpose of WebRTC

Iñaki Baz Castillo <ibc@aliax.net> Wed, 09 November 2011 09:35 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B22021F8B5B for <rtcweb@ietfa.amsl.com>; Wed, 9 Nov 2011 01:35:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.637
X-Spam-Level:
X-Spam-Status: No, score=-2.637 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k3qO3HCFfaz3 for <rtcweb@ietfa.amsl.com>; Wed, 9 Nov 2011 01:35:02 -0800 (PST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id D43A421F8B52 for <rtcweb@ietf.org>; Wed, 9 Nov 2011 01:35:01 -0800 (PST)
Received: by vws5 with SMTP id 5so1484234vws.31 for <rtcweb@ietf.org>; Wed, 09 Nov 2011 01:35:00 -0800 (PST)
Received: by 10.52.187.68 with SMTP id fq4mr3142718vdc.32.1320831300037; Wed, 09 Nov 2011 01:35:00 -0800 (PST)
MIME-Version: 1.0
Received: by 10.220.107.206 with HTTP; Wed, 9 Nov 2011 01:34:39 -0800 (PST)
In-Reply-To: <1F2A2C70609D9E41844A2126145FC09804691DA2@HKGMBOXPRD22.polycom.com>
References: <CALiegfkVNVAs_MyU_-4koA4zRwSn1-FwLjY9g_oZVkhi9rSK5Q@mail.gmail.com> <8A61D801-D14D-408B-9875-63C37D0CC166@acmepacket.com> <CABw3bnPE=OY_h5bM7GA6wgrXiOBL8P4J0kw1jLv-GSpHAbg=Cg@mail.gmail.com> <CABcZeBNqdkh8u=gwOvKfDCQA7rXdAyQkfaM1r2Sx10787btP6A@mail.gmail.com> <B10FEFF6-0ADC-4DB1-83BB-50A11C65EC35@acmepacket.com> <CABcZeBNSXtim_VqzqAd8Z-u4zWSjaYmsVZPN=7sDYkJsgtRAHA@mail.gmail.com> <4EB7E6A5.70209@alvestrand.no> <F8003BA9-BCD8-4F02-B514-8B883FF90F91@acmepacket.com> <387F9047F55E8C42850AD6B3A7A03C6C01349D81@inba-mail01.sonusnet.com> <845C03B2-1975-4145-8F52-8CEC9E360AF3@edvina.net> <5454E693-5C34-4C77-BA07-2A9EE9EE4AFD@cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C01349FFE@inba-mail01.sonusnet.com> <1D062974A4845E4D8A343C653804920206D3B7FD@XMB-BGL-414.cisco.com> <387F9047F55E8C42850AD6B3A7A03C6C0134A105@inba-mail01.sonusnet.com> <1F2A2C70609D9E41844A2126145FC09804691DA2@HKGMBOXPRD22.polycom.com>
From: =?UTF-8?Q?I=C3=B1aki_Baz_Castillo?= <ibc@aliax.net>
Date: Wed, 9 Nov 2011 10:34:39 +0100
Message-ID: <CALiegfmf59jb4asUu9LA6YY_aMtKEnM1Wy34KbuLEn3_h1xBXA@mail.gmail.com>
To: "Avasarala, Ranjit" <Ranjit.Avasarala@polycom.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Let's define the purpose of WebRTC
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Nov 2011 09:35:02 -0000

2011/11/9 Avasarala, Ranjit <Ranjit.Avasarala@polycom.com>om>:
> I feel including all kinds of security mechanisms like SRTP, TLS, etc in browser would make the browser very bulky.

Including TLS in a browser makes it bulky? Then we must discourage
HTTPS usage, right?
In the other side, have you really measured how much expensive SRTP
is? it's not at all.


> It would be better to provide a mechanism in the signaling protocol that browser supports to negotiate the desired security mechanism (depending on application requirement) and then use that mechanism (which is part of the system).

The "application" is untrusted by nature, and we don't want to make
the end-user to decide whether to trust it or not. Explained many
times in this maillist.

-- 
Iñaki Baz Castillo
<ibc@aliax.net>