Re: [rtcweb] Making progress on the signaling discussion (NB: Action items enclosed!)

Randell Jesup <randell-ietf@jesup.org> Thu, 13 October 2011 05:08 UTC

Return-Path: <randell-ietf@jesup.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F335721F8AFF for <rtcweb@ietfa.amsl.com>; Wed, 12 Oct 2011 22:08:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.256
X-Spam-Level:
X-Spam-Status: No, score=-2.256 tagged_above=-999 required=5 tests=[AWL=-0.257, BAYES_00=-2.599, J_CHICKENPOX_24=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cYhPJoSvWceX for <rtcweb@ietfa.amsl.com>; Wed, 12 Oct 2011 22:08:01 -0700 (PDT)
Received: from r2-chicago.webserversystems.com (r2-chicago.webserversystems.com [173.236.101.58]) by ietfa.amsl.com (Postfix) with ESMTP id 7821C21F8AD1 for <rtcweb@ietf.org>; Wed, 12 Oct 2011 22:08:01 -0700 (PDT)
Received: from pool-173-49-141-165.phlapa.fios.verizon.net ([173.49.141.165] helo=[192.168.1.12]) by r2-chicago.webserversystems.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <randell-ietf@jesup.org>) id 1REDWS-0000do-K5 for rtcweb@ietf.org; Thu, 13 Oct 2011 00:08:00 -0500
Message-ID: <4E96712C.7020706@jesup.org>
Date: Thu, 13 Oct 2011 01:03:40 -0400
From: Randell Jesup <randell-ietf@jesup.org>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:6.0.1) Gecko/20110830 Thunderbird/6.0.1
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <CA+9kkMBi9BzDu=WOq3RG-o5nbfnUTftDg3LRBU3DFh=Kc4W5ZQ@mail.gmail.com> <4E8D6507.8000707@ericsson.com> <CALiegf=VyViX2arp0gr0dK4WN_jv=bjwP0LUAxRf=quTxrYrUQ@mail.gmail.com> <CALiegfn15szv-2yXeWptWjsQC2CwVODg_X90gD4odZkCR0LzvA@mail.gmail.com> <4E955775.10206@alvestrand.no> <CABRok6n6UA_nFfLzQ4K+H0+idspEsymW29OZH0J5q1ewF3PpRw@mail.gmail.com> <4E956526.2090604@alvestrand.no> <380E325E-A7EF-489A-AA24-0270224FC87A@phonefromhere.com> <4E957C55.9020706@alvestrand.no> <13C2526B-E7B1-408C-BD1D-EC5E8C8F6472@phonefromhere.com> <4E95871F.9010605@alvestrand.no> <E21755ED-205F-4D80-BB97-CF32E989EB3F@phonefromhere.com> <4E959D48.3090401@mozilla.com> <9E790044-DE19-46DD-89D8-C4F2973F8D65@phonefromhere.com> <CAD5OKxvORBxJk=5oAeWjUdMgq9pr7eePOnKana4VtwVEHFNGNg@mail.gmail.com> <4E9612D3.2040207@jesup.org> <CAD5OKxu_dL_K1N-H=Cz2Lcyvv8426SXACp1GvCeOLyFpdiyOHw@mail.gmail.com> <4E966928.1020100@jesup.org> <CAD5OKxvUEXOepL4OyDDy+bS1GPxwK=cy=UbVSUD6=0JiZrkzuA@mail.gmail.com>
In-Reply-To: <CAD5OKxvUEXOepL4OyDDy+bS1GPxwK=cy=UbVSUD6=0JiZrkzuA@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r2-chicago.webserversystems.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jesup.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: Re: [rtcweb] Making progress on the signaling discussion (NB: Action items enclosed!)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Oct 2011 05:08:02 -0000

On 10/13/2011 12:48 AM, Roman Shpount wrote:
>
> On Thu, Oct 13, 2011 at 12:29 AM, Randell Jesup <randell-ietf@jesup.org
> <mailto:randell-ietf@jesup.org>> wrote:
>
>     It did cover that case - it was up to the app what to do when the
>     first ACCEPT was processed.  I didn't go into the JS-level
>     mechanisms used.
>
>
> I guess I might be missing something, but how, using ACCEPT, RTC can
> generate a single offer, get two answers back, and create two media
> streams? Creating a second media stream does not mean that this is a
> last answer for this stream (corresponds to new SIP dialog created by
> provisional response) and accepting a stream does not mean it cannot be
> cloned (corresponds to new SIP dialog created by new final response). So
> essentially we need four operations: create offer, create media stream
> based on an answer, update existing stream based on a new answer for the
> same dialog, and finalize the media stream. Or alternatively we can
> achieve the same with create offer and stream together, process answer,
> accept (finalize the stream) and clone the stream. Either way we need
> four methods and we achieve the same functionality.

I'm not sure we're actually disagreeing here - I'll dig out my original 
message.

>     Do not assume that remote IP == source - this is easily provably
>     false, though if you used remote IP+port AND local IP+port I think
>     it would be ok.  However, for each remote connection we should have
>     a DTLS connection instance, so that's probably simplest.
>
>
> Yes, I do agree we should disambiguate on local/remote IP+port pair. I
> did not realize we are requiring DTLS/SRTP in RTC. I don't think I've
> seen a single implementation of this in the wild, and I do not see any
> harm in supporting SRTP and (with user confirmation) of plain RTP.

Yes, allowing any non-encrypted connection is controversial currently. 
DTLS for the PeerConnection and any data channels, and DTLS-SRTP for the 
media channels.  See ekr's security spec.  As for implementations, that 
should not be a problem.  Plain SRTP with SDES I consider more 
problematic, since it inherently exposes the keys to the un-trusted app 
and server.


-- 
Randell Jesup
randell-ietf@jesup.org