Re: [rtcweb] Use Case draft - Eavesdropping.

Randell Jesup <randell-ietf@jesup.org> Tue, 01 May 2012 16:23 UTC

Return-Path: <randell-ietf@jesup.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE52421E81FF for <rtcweb@ietfa.amsl.com>; Tue, 1 May 2012 09:23:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.314
X-Spam-Level:
X-Spam-Status: No, score=-2.314 tagged_above=-999 required=5 tests=[AWL=0.285, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gUBvVLILAkLo for <rtcweb@ietfa.amsl.com>; Tue, 1 May 2012 09:23:39 -0700 (PDT)
Received: from r2-chicago.webserversystems.com (r2-chicago.webserversystems.com [173.236.101.58]) by ietfa.amsl.com (Postfix) with ESMTP id E45F021E8152 for <rtcweb@ietf.org>; Tue, 1 May 2012 09:23:38 -0700 (PDT)
Received: from pool-108-16-41-249.phlapa.fios.verizon.net ([108.16.41.249] helo=[192.168.1.12]) by r2-chicago.webserversystems.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <randell-ietf@jesup.org>) id 1SPFrW-0005yc-Ju for rtcweb@ietf.org; Tue, 01 May 2012 11:23:38 -0500
Message-ID: <4FA00DD0.1030600@jesup.org>
Date: Tue, 01 May 2012 12:22:40 -0400
From: Randell Jesup <randell-ietf@jesup.org>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20120420 Thunderbird/12.0
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <CA+9kkMCYArLPRP3c00UdOja64WRT6ghN0PSy7XvM_wbxBBB+vA@mail.gmail.com> <101C6067BEC68246B0C3F6843BCCC1E312992828BD@MCHP058A.global-ad.net> <E36D1A4AE0B6AA4091F1728D584A6AD2174ECCB2@ORSMSX104.amr.corp.intel.com> <CAJNg7V+ty3ZmyLNJDBFKbuGaDq4OvtSUOzw5S_1EBJzKYFxWbg@mail.gmail.com>
In-Reply-To: <CAJNg7V+ty3ZmyLNJDBFKbuGaDq4OvtSUOzw5S_1EBJzKYFxWbg@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r2-chicago.webserversystems.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jesup.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: Re: [rtcweb] Use Case draft - Eavesdropping.
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 May 2012 16:23:39 -0000

On 5/1/2012 10:35 AM, Marshall Eubanks wrote:
> On Tue, May 1, 2012 at 10:14 AM, Cavigioli, Chris
> <chris.cavigioli@intel.com>  wrote:
>> Wording needs to be clarified.
>> - "Eavesdropping" has a negative connotation of someone inappropriately listening in to another communication.  This should not happen.
>> - "Lawful intercept" is something telecom service providers are required to provide to law enforcement with all appropriate safeguards in place http://en.wikipedia.org/wiki/Lawful_interception
>
> Lawful intercept is a legal term, which in my opinion the IETF should
> stay away from.  You will go into the weeds amazing fast otherwise.
>
> I prefer "monitoring," which can be done for many reasons (see the
> parallel discussion on enterprise call centers).

I'm fine with discussing call center monitoring, and believe the 
authentication should be to "Key Bank" or "Key Bank Customer Service", 
not to "station 27 Boise Key Bank Call Center", which implies the WebRTC 
connection would terminate at the call center 'PBX'-equivalent and then 
have media (etc) routed (even via a second WebRTC connection) to the 
agent.  This means monitoring (and for financial firms, legally-required 
logging, etc) can occur via the PBX-equivalent (aka WebRTC Proxy).

We have explicitly avoided discussion of "Lawful intercept", which would 
involve complex (changing) legal requirements from every major 
jurisdiction, and we should continue to avoid wrestling with that 
python.  :-)

-- 
Randell Jesup
randell-ietf@jesup.org