Re: [rtcweb] Asking TLS for help with media isolation

Paul Kyzivat <pkyzivat@alum.mit.edu> Thu, 10 April 2014 14:51 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5C961A0073 for <rtcweb@ietfa.amsl.com>; Thu, 10 Apr 2014 07:51:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id acIjww83B_zj for <rtcweb@ietfa.amsl.com>; Thu, 10 Apr 2014 07:51:50 -0700 (PDT)
Received: from qmta13.westchester.pa.mail.comcast.net (qmta13.westchester.pa.mail.comcast.net [IPv6:2001:558:fe14:44:76:96:59:243]) by ietfa.amsl.com (Postfix) with ESMTP id 551391A01AD for <rtcweb@ietf.org>; Thu, 10 Apr 2014 07:51:44 -0700 (PDT)
Received: from omta03.westchester.pa.mail.comcast.net ([76.96.62.27]) by qmta13.westchester.pa.mail.comcast.net with comcast id oCH11n0020bG4ec5DErjFB; Thu, 10 Apr 2014 14:51:43 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([50.138.229.164]) by omta03.westchester.pa.mail.comcast.net with comcast id oErj1n0083ZTu2S3PErjNt; Thu, 10 Apr 2014 14:51:43 +0000
Message-ID: <5346AFFF.4070803@alum.mit.edu>
Date: Thu, 10 Apr 2014 10:51:43 -0400
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <CABkgnnWWuU63Vd=gw+wrh2ADgVYtQzhoRzRE1sv5azJE=MhWDg@mail.gmail.com> <533F191D.8050109@alum.mit.edu> <CABkgnnVht5EmJ7a2LDh50ivjUdoTpJ8GannQKReBSJbVGQGmgA@mail.gmail.com> <53419ED4.8020102@alum.mit.edu> <CABkgnnVjZ51bt5WQ1uvHHUz-4xFzpXQGhuMqxeMpOqJ1d+hQiA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D2B26CB@ESESSMB209.ericsson.se> <CAOW+2dsZrgQrOwJDu+bFE0U-dSUj5D--s_Dx1Nu9Ac60yuYCrA@mail.gmail.com> <CABkgnnUgiW7K7C9rTXGU6nAw2mO_5DPZU9ra64nRK=EVCENUzQ@mail.gmail.com> <53465CA2.4010607@alvestrand.no>
In-Reply-To: <53465CA2.4010607@alvestrand.no>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1397141503; bh=pn4laG8rI9ZpAqM4Ut1DRmk3642OFaIFzWlegxX7iaA=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=Qoh+mZ5w33O1gJaNZFtrmHfxVxxx4IxbKG8ZMaWXRy6l6VgtLgZMoJrVmRZ2qwLBE yZXqT8WbP7xroO/1mEWMJVas2veug91HoHYDs8rrVh4SdTdhkrFJ6tHkSWkJ9l1+e3 4VqbYudY8TW0HdRcnxh1W5+q0iju8H0NQkD9G5Q/o/Aawp8AyBqzjkuAqLcyD8a4NC 3aWBxSBkGpTe8ftmgofXTQqzsrIn7Ue2JGuYnbrtCDu9dJizcS55WrrLXCi6mx+WYQ tRvq7O9AITQLhg6ZOLXQ4mWFgY4uwWEJF3MxZAZBDHC8AZAoBaiYkRMQFlrEK5hDcd IknPHPh9tkAkA==
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/XlVHCyNkUjVRTusqM6lZNZjQmac
Subject: Re: [rtcweb] Asking TLS for help with media isolation
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Apr 2014 14:51:51 -0000

On 4/10/14 4:56 AM, Harald Alvestrand wrote:
> On 04/08/2014 08:24 PM, Martin Thomson wrote:
>> On 8 April 2014 09:50, Bernard Aboba <bernard.aboba@gmail.com> wrote:
>>> [BA] I'm not sure that the concept of "isolation" makes sense for those
>>> intermediaries (or to voicemail or an audio/video conference, for that
>>> matter).   While in a point-to-point call it might be useful, in a
>>> conference the whole point is to have audio/video sent to multiple
>>> parties,
>>> and recording is commonplace.  The problem is that from a protocol
>>> point of
>>> view the cases are not easily distinguishable -- and so if the browser
>>> insists on "isolation" then one wonders what will happen if the
>>> conference
>>> bridge/video MCU/voicemail system refuses to negotiate it.   Refusing to
>>> send media would not be a desirable outcome.
>> I think that for this, it's perfectly reasonable to use identity, but
>> not stream isolation.  With isolation, if the peer does not agree to
>> comply, then the session fails to complete.
> Actually I'd say it's "if the peer does not *agree to* comply".
> The protocol has no defense against liars, but that's a common issue.
>>
>> The authenticated party here is an MCU (or bridge, or voicemail,
>> etc...).  Rather than sending to "anindividual@example.org".org", media is
>> sent to "mcu@example.com".com".  Is it reasonable for that MCU to forward
>> media to other, unspecified entities?  Clearly it can, but should it?
>>
>> (Not having thought it through completely, a voicemail box could
>> conceivably work.  I think that I'd want to use a different identity
>> for it though.)
>
> I can see an use for a recording spec that said "you can record this,
> but only if you do it in such a way that it's only accessible to the
> stated identity".
>
> Would be weird to try to enforce that.... but I agree; MCU and isolation
> have a hard time mixing.
> Let's just not.

So what does this mean for screen sharing with a conference?

	Thanks,
	Paul