Re: [rtcweb] SIP MUST NOT be used in browser?[was RE: Remoterecording - RTC-Web client acting as SIPREC session recordingclient]

Roman Shpount <roman@telurix.com> Wed, 07 September 2011 16:46 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC23F21F8B4F for <rtcweb@ietfa.amsl.com>; Wed, 7 Sep 2011 09:46:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.976
X-Spam-Level:
X-Spam-Status: No, score=-2.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tg+zoLrOhfAA for <rtcweb@ietfa.amsl.com>; Wed, 7 Sep 2011 09:46:46 -0700 (PDT)
Received: from mail-gw0-f42.google.com (mail-gw0-f42.google.com [74.125.83.42]) by ietfa.amsl.com (Postfix) with ESMTP id 7E19421F8B4E for <rtcweb@ietf.org>; Wed, 7 Sep 2011 09:46:46 -0700 (PDT)
Received: by gwb17 with SMTP id 17so4638518gwb.15 for <rtcweb@ietf.org>; Wed, 07 Sep 2011 09:48:36 -0700 (PDT)
Received: by 10.150.177.8 with SMTP id z8mr815836ybe.342.1315414115887; Wed, 07 Sep 2011 09:48:35 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by mx.google.com with ESMTPS id f5sm591709ybf.16.2011.09.07.09.48.31 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 07 Sep 2011 09:48:32 -0700 (PDT)
Received: by ywe9 with SMTP id 9so391982ywe.31 for <rtcweb@ietf.org>; Wed, 07 Sep 2011 09:48:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.51.132 with SMTP id k4mr2496057pbo.456.1315414111207; Wed, 07 Sep 2011 09:48:31 -0700 (PDT)
Received: by 10.68.43.136 with HTTP; Wed, 7 Sep 2011 09:48:31 -0700 (PDT)
In-Reply-To: <E4EC1B17-0CC4-4F79-96DD-84E589FCC4F0@edvina.net>
References: <A444A0F8084434499206E78C106220CA0B00FDB08B@MCHP058A.global-ad.net> <89177AB2-F721-47E4-8471-2180EDA10615@voxeo.com> <A444A0F8084434499206E78C106220CA0B00FDB34D@MCHP058A.global-ad.net> <496EE152-41F2-49AB-A136-05735FE5A9F9@voxeo.com> <101C6067BEC68246B0C3F6843BCCC1E31018BF6BE2@MCHP058A.global-ad.net> <4E540FE2.7020605@alcatel-lucent.com> <2E239D6FCD033C4BAF15F386A979BF5106423F@sonusinmail02.sonusnet.com> <4E6595E7.7060503@skype.net> <4E661C83.5000103@alcatel-lucent.com> <2E239D6FCD033C4BAF15F386A979BF510F086B@sonusinmail02.sonusnet.com> <4E666926.8050705@skype.net> <43A0D702-1D1F-4B4E-B8E6-C9F1A06E3F8A@edvina.net> <033458F56EC2A64E8D2D7B759FA3E7E7020E64DC@sonusmail04.sonusnet.com> <E4EC1B17-0CC4-4F79-96DD-84E589FCC4F0@edvina.net>
Date: Wed, 7 Sep 2011 12:48:31 -0400
Message-ID: <CAD5OKxvu2qzP8k1viC+1TOdane2YptoXBOwEyuf8fzN=E9FE0Q@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: rtcweb@ietf.org
Content-Type: multipart/alternative; boundary=bcaec51a7700d4bffe04ac5cb6de
Subject: Re: [rtcweb] SIP MUST NOT be used in browser?[was RE: Remoterecording - RTC-Web client acting as SIPREC session recordingclient]
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2011 16:46:47 -0000

Just to adding my two cents on why SIP must not be used: SIP was designed
for a very different use case then rtcWeb. SIP was designed to run over UDP
on a network with no NAT. It was intended as a light weight protocol to
implement IP phones on the corporate networks. It was designed for devices
with limited resources and limited and fixed functionality. There was a
significant amount of effort to add support for SIP over NAT, but this is
far from being complete. Getting SIP over TCP to work from NAT environments
is still a challenge. Unfortunately you do need SIP over TCP to support ICE
due to the increased offer size. In fact, I am not aware of any system that
implements SIP over TCP over NAT (RFC 5626) in combination with ICE.

On the other hand, rtcWeb is designed for large number of clients running
behind NAT. We do not have the same limitations on the end user device
performance. There is no real reason to use UDP as primary signaling
protocol. Unlike on IP phones, HTTP client and JavaScript are already
available and will not create an additional implementation burden. Thus, I
think we should keep the offer/answer and use HTTP and JavaScript to
implement the signaling.
_____________
Roman Shpount


On Wed, Sep 7, 2011 at 3:07 AM, Olle E. Johansson <oej@edvina.net>; wrote:

>
> 6 sep 2011 kl. 21:24 skrev Asveren, Tolga:
>
> > What about semantics (adding just a X-header won't help there) or how
> much SIP would be left anyhow if all semantical control is exposed through
> the API?
> >
> > I think bridged line appearance is a good test to run against different
> models.
> >
> Well, I tried to stay neutral but examples likes this makes me not want SIP
> in the browser. DTMF, Early Media, bridge line apperances and other PSTN
> legacy will make the implementation too focused on classical telephony and
> we'll spend too much time implementing features that are application
> specific and we can implement in controlling applications, client or
> server-side.
>
> Cullen tried to make a draft with "limited" SIP (maybe "SIP Lite") but it
> will be hard to protect that from the myriad of extensions that add PSTN
> functionality that's not really needed to set up multimedia calls between
> two browser users. It may be needed for gatewaying to legacy systems, but if
> we don't "stop Olle in the gate" - verbatim translation of a Swedish saying
> that propably doesn't mean much to most people on the list - I think we will
> never be done.
>
> Of course, being a SIP developer, I started off with thinking that SIP in
> the browser was the default route. I am beginning to understand that the
> browser is the user interface part we all need, the media handler. We all
> have different requirements on how to control that media GUI and to get
> anywhere I am beginning to think the logic for signalling to set up
> rendevouz points and manage sessions has to move "somewhere else" where we
> can implement SIP, XMPP or some other protocol that fulfills the need of our
> respective application.
>
> To fearlessly  jump into another can of worms, I still think we should have
> confidentiality - SRTP - by default. We know that these applications will
> run on a myriad of devices on a myriad of networks and it will not work to
> let users have to decided whether or not they want confidentiality. If Skype
> did not have confidentiality by default, there would be articles every
> summer and xmas in the evening taboloids about how easy it is to listen in
> to your neighbours calls and that would have hurted Skype badly.
>
> /O
>
>
> > Thanks,
> > Tolga
> >
> >
> > -----Original Message-----
> > From: rtcweb-bounces@ietf.org on behalf of Olle E. Johansson
> > Sent: Tue 9/6/2011 2:47 PM
> > To: Matthew Kaufman
> > Cc: rtcweb@ietf.org
> > Subject: Re: [rtcweb] SIP MUST NOT be used in browser?[was RE:
> Remoterecording - RTC-Web client acting as     SIPREC  session
> recordingclient]
> >
> >
> > 6 sep 2011 kl. 20:40 skrev Matthew Kaufman:
> >
> >> On 9/6/11 11:36 AM, Ravindran Parthasarathi wrote:
> >>> Matthew,
> >>>
> >>> Even in case of SIP, there is no need of standardization in case it is
> within single webserver(skype). SIP supports x-header or proprietary header
> to extend the way you want it for providing innovative functionality.
> >>
> >> Not if SIP is baked in to the browser it doesn't. If the browser
> implements a SIP phone in native code, I have no way of adding "x-header" or
> anything else. I live with the functionality provided by the browser.
> > That's an implementation detail. One can easily add an API call to add
> headers on the outbound INVITE.
> >
> >>
> >> If on the other hand, you want SIP implemented in Javascript then sure,
> if a developer wants to use it, great. If they want to extend it, that's
> fine too. And if they'd rather use another model, they are free to do that.
> Just as you would expect from a *platform*.
> >>
> >>> There is no extension barrier from SIP perspective but it ensure that
> basic call works across web servers. For example, skype browser user will
> able to talk to gmail real-time user even though all skype functionality are
> not supported.
> >> See above.
> >>>
> >>> In case you have the points why HTTP allows innovation but SIP will
> not, let us discuss in detail.
> >>
> >> See above. I want you to be free to use SIP, but not *required* to use
> SIP.
> >>
> >> And there's some security reasons that I'd rather you tunnel it over
> HTTP rather than opening up your ability to send UDP packets to port 5060.
> > SIP runs on TCP and TLS ports too.
> >
> > I am not arguing for either side, just correcting some details...
> >
> > /O
> >
> > _______________________________________________
> > rtcweb mailing list
> > rtcweb@ietf.org
> > https://www.ietf.org/mailman/listinfo/rtcweb
>
> ---
> * Olle E Johansson - oej@edvina.net
> * Cell phone +46 70 593 68 51, Office +46 8 96 40 20, Sweden
>
>
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>