Re: [rtcweb] SIP MUST NOT be used in browser?[was RE: Remoterecording - RTC-Web client acting as SIPREC session recordingclient]

"Olle E. Johansson" <> Wed, 07 September 2011 07:06 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C85B911E8073 for <>; Wed, 7 Sep 2011 00:06:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, HELO_EQ_SE=0.35]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id iBCjn0sCRTuk for <>; Wed, 7 Sep 2011 00:06:03 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id DDAE521F8C0D for <>; Wed, 7 Sep 2011 00:06:02 -0700 (PDT)
Received: from [] ( []) by (Postfix) with ESMTPA id D8486754BCE4; Wed, 7 Sep 2011 07:07:40 +0000 (UTC)
Mime-Version: 1.0 (Apple Message framework v1244.3)
Content-Type: text/plain; charset=iso-8859-1
From: "Olle E. Johansson" <>
In-Reply-To: <>
Date: Wed, 7 Sep 2011 09:07:40 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <><> <> <> <> <> <> <> <> <>
To: "Asveren, Tolga" <>
X-Mailer: Apple Mail (2.1244.3)
Subject: Re: [rtcweb] SIP MUST NOT be used in browser?[was RE: Remoterecording - RTC-Web client acting as SIPREC session recordingclient]
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 07 Sep 2011 07:06:03 -0000

6 sep 2011 kl. 21:24 skrev Asveren, Tolga:

> What about semantics (adding just a X-header won't help there) or how much SIP would be left anyhow if all semantical control is exposed through the API?
> I think bridged line appearance is a good test to run against different models.
Well, I tried to stay neutral but examples likes this makes me not want SIP in the browser. DTMF, Early Media, bridge line apperances and other PSTN legacy will make the implementation too focused on classical telephony and we'll spend too much time implementing features that are application specific and we can implement in controlling applications, client or server-side. 

Cullen tried to make a draft with "limited" SIP (maybe "SIP Lite") but it will be hard to protect that from the myriad of extensions that add PSTN functionality that's not really needed to set up multimedia calls between two browser users. It may be needed for gatewaying to legacy systems, but if we don't "stop Olle in the gate" - verbatim translation of a Swedish saying that propably doesn't mean much to most people on the list - I think we will never be done.

Of course, being a SIP developer, I started off with thinking that SIP in the browser was the default route. I am beginning to understand that the browser is the user interface part we all need, the media handler. We all have different requirements on how to control that media GUI and to get anywhere I am beginning to think the logic for signalling to set up rendevouz points and manage sessions has to move "somewhere else" where we can implement SIP, XMPP or some other protocol that fulfills the need of our respective application.

To fearlessly  jump into another can of worms, I still think we should have confidentiality - SRTP - by default. We know that these applications will run on a myriad of devices on a myriad of networks and it will not work to let users have to decided whether or not they want confidentiality. If Skype did not have confidentiality by default, there would be articles every summer and xmas in the evening taboloids about how easy it is to listen in to your neighbours calls and that would have hurted Skype badly. 


> Thanks,
> Tolga
> -----Original Message-----
> From: on behalf of Olle E. Johansson
> Sent: Tue 9/6/2011 2:47 PM
> To: Matthew Kaufman
> Cc:
> Subject: Re: [rtcweb] SIP MUST NOT be used in browser?[was RE: Remoterecording - RTC-Web client acting as	SIPREC	session recordingclient]
> 6 sep 2011 kl. 20:40 skrev Matthew Kaufman:
>> On 9/6/11 11:36 AM, Ravindran Parthasarathi wrote:
>>> Matthew,
>>> Even in case of SIP, there is no need of standardization in case it is within single webserver(skype). SIP supports x-header or proprietary header to extend the way you want it for providing innovative functionality.
>> Not if SIP is baked in to the browser it doesn't. If the browser implements a SIP phone in native code, I have no way of adding "x-header" or anything else. I live with the functionality provided by the browser.
> That's an implementation detail. One can easily add an API call to add headers on the outbound INVITE.
>> If on the other hand, you want SIP implemented in Javascript then sure, if a developer wants to use it, great. If they want to extend it, that's fine too. And if they'd rather use another model, they are free to do that. Just as you would expect from a *platform*.
>>> There is no extension barrier from SIP perspective but it ensure that basic call works across web servers. For example, skype browser user will able to talk to gmail real-time user even though all skype functionality are not supported.
>> See above.
>>> In case you have the points why HTTP allows innovation but SIP will not, let us discuss in detail.
>> See above. I want you to be free to use SIP, but not *required* to use SIP.
>> And there's some security reasons that I'd rather you tunnel it over HTTP rather than opening up your ability to send UDP packets to port 5060.
> SIP runs on TCP and TLS ports too.
> I am not arguing for either side, just correcting some details...
> /O
> _______________________________________________
> rtcweb mailing list

* Olle E Johansson -
* Cell phone +46 70 593 68 51, Office +46 8 96 40 20, Sweden