Re: [rtcweb] [MMUSIC] Draft new: draft-wang-mmusic-encrypted-ice-candidates

Iñaki Baz Castillo <> Tue, 12 November 2019 16:10 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 361D5120108 for <>; Tue, 12 Nov 2019 08:10:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id CxKKYsizfRHV for <>; Tue, 12 Nov 2019 08:10:10 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::a33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5C6F012006E for <>; Tue, 12 Nov 2019 08:10:10 -0800 (PST)
Received: by with SMTP id o82so4568317vka.5 for <>; Tue, 12 Nov 2019 08:10:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=JPXEr/lFCD5EV199rQ0vo9MiJC/OE1FvtmhLFz9x+IQ=; b=ds4JCYQT4bBQUTbCGuw050CoLFV6c2Pog+V0DYI/0+F8rPseqvR//blmYumhJYu+Ir Ic+IMDRioJpnQHPxK28oZMf6Ft1yQLDzpGACmif4VVDL6pK+snxnH6EE+I4c6lUoMVkd 3a+jGTH8no/KTmAulJVx1TO45OGctvl2HZmkfcQit+flsfIdiQvjsNmKog+/bUCgFfYD ySeNlDrn+uSMTQ8Qq2R4Nt+qIbIxpE7w0CdBU2vaLjqiGNb8fV9rZvJ2LPt9ZRlwB6eb L7cBV/MD58mzmarqXFsHWeVsNHpGiU5xnzG+0A5reE4qAapkpmEAKbUjqCOHC7jXgS2a cbVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=JPXEr/lFCD5EV199rQ0vo9MiJC/OE1FvtmhLFz9x+IQ=; b=UXYDLgWPeqyKNREXo09ClY2sSlIzWQOLkWMmOGA3iyklrYJ8MYAm9X9dzPjckhQ+lp 94X3/Kh61HmZxJDqHalEg4gC5p3HUBGhpvA9fEXA15TrcYPEOIuiLcGK0V8RD7NdA+sQ 4bJMS0AKIoSfgoYSO8tBzXiKnDA8ZP8oJ76Z2s+ddFr+jBInRg5KYksvMDY9Q4TuX+Wv bzuztbqeaGLBrAaNBqeypY6iXSzvCbu9nZKJvRayj6PbWV9TSvVk4wQ0ikTj3nTw3Dtw OY9D2iIoB9mbEO1vb5vN5UQzya75Ug/YAAC/ULajoQbZqldeKTiLb14gKEqE+Y1RjTMD kFzg==
X-Gm-Message-State: APjAAAW4rSg11KlFKlU7GviN+JMUKIhEI1WgAmXG7uxJw4aGnDW0U2YE V1JkLXEhXMfPf6HP3B7Vbfjcm7THoyBaMX9jY5OTJw==
X-Google-Smtp-Source: APXvYqzcIqeP4tDAI9eZH7FDBcxMg07BIYsvHVxsdn6HbqilVj7iyxJHhiLfqnt46kKsvgdRiurua0jsN1mxwFFOzZQ=
X-Received: by 2002:a1f:14d4:: with SMTP id 203mr21371719vku.40.1573575008982; Tue, 12 Nov 2019 08:10:08 -0800 (PST)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: =?UTF-8?Q?I=C3=B1aki_Baz_Castillo?= <>
Date: Tue, 12 Nov 2019 17:09:57 +0100
Message-ID: <>
To: Sean DuBois <>
Cc: Qingsi Wang <>, Alex Drake <>, RTCWeb IETF <>,
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [rtcweb] [MMUSIC] Draft new: draft-wang-mmusic-encrypted-ice-candidates
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 Nov 2019 16:10:13 -0000

On Mon, 11 Nov 2019 at 10:04, Sean DuBois <> wrote:

> Have you thought about/explored encrypting the entire SessionDescription?

We can already use TLS (HTTPS or WSS) to exchange SDPs (or
"parameters" that the receiver will use to build a "remote SDP"). We
don't need yet another encryption layer to transmit a "blob" /
"string" between endpoints.

> There might be some issues I am not aware of, but it would give us some
> other nice things!
> * No more SDP munging (or at least make it harder)
>    - People shoot themselves in the foot constantly by editing things

We don't do it for fun.

>    - Will push people to communicate API needs more, instead of more hacks

Breaking the existing ability (even if hacky) to set stereo, inband
FEC, DTX, etc. for OPUS transmission by making it impossible does not
seem a good idea. Yes, a better and real API is needed, but that does
not justify breaking the only way we have to do it nowadays.

Iñaki Baz Castillo