Re: [rtcweb] Solutions sought for non-ICE RTC calls, not +1 (Re: Requiring ICE for RTC calls)
Roman Shpount <roman@telurix.com> Tue, 27 September 2011 22:47 UTC
Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7038121F8B30 for <rtcweb@ietfa.amsl.com>; Tue, 27 Sep 2011 15:47:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.59
X-Spam-Level:
X-Spam-Status: No, score=-1.59 tagged_above=-999 required=5 tests=[AWL=-0.574, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zzHMghw4YtRr for <rtcweb@ietfa.amsl.com>; Tue, 27 Sep 2011 15:47:36 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id C81CC21F8B2B for <rtcweb@ietf.org>; Tue, 27 Sep 2011 15:47:35 -0700 (PDT)
Received: by gyd12 with SMTP id 12so7058469gyd.31 for <rtcweb@ietf.org>; Tue, 27 Sep 2011 15:50:22 -0700 (PDT)
Received: by 10.150.69.26 with SMTP id r26mr5639263yba.322.1317163822184; Tue, 27 Sep 2011 15:50:22 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by mx.google.com with ESMTPS id 5sm1044259anu.23.2011.09.27.15.50.21 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 27 Sep 2011 15:50:21 -0700 (PDT)
Received: by gyd12 with SMTP id 12so7058432gyd.31 for <rtcweb@ietf.org>; Tue, 27 Sep 2011 15:50:20 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.36.232 with SMTP id t8mr40274156pbj.54.1317163820267; Tue, 27 Sep 2011 15:50:20 -0700 (PDT)
Received: by 10.68.55.39 with HTTP; Tue, 27 Sep 2011 15:50:20 -0700 (PDT)
In-Reply-To: <CABcZeBPoQSM=L0-Er3j-ak2M6YfCbJkThbYuR_+=xUmcsxQz9Q@mail.gmail.com>
References: <CAD5OKxtNjmWBz92bRuxka7e-BUpTPgVUvr3ahJGpmZ-U5nuPbQ@mail.gmail.com> <CAD6AjGSmz5T_F+SK2EoBQm6T-iRKp7dd4j8ZAF5JKdbbyomZQA@mail.gmail.com> <CALiegfmO54HC+g9L_DYn4jtXAAbLEvS++qxKa6TNrLDREs9SeA@mail.gmail.com> <4E80984A.903@skype.net> <CALiegfmyvTb57WVooKryS-ubfcg+w5gZ+zfO1zzBLn3609AzaA@mail.gmail.com> <4E809EE6.2050702@skype.net> <2E239D6FCD033C4BAF15F386A979BF510F1087@sonusinmail02.sonusnet.com> <BLU152-W62B7F2AC3F0D5B6E277CB993F00@phx.gbl> <CAD5OKxt=P3jg9N0weFUZLvUYQxyeXa+9YMtpc8wn7osuPQmTpg@mail.gmail.com> <CAD5OKxtVCgiFV_iAYd1w0uZZcS5+gsixOHJ0jGN=0CMdq++kdg@mail.gmail.com> <CAOJ7v-3PrnNyesL+x-mto9Q9djjiJ13QZHXCiGfY1mv3nubrqQ@mail.gmail.com> <CAD5OKxsKTHCuBQdUnGQtGfF7NmZZExLe9Q9B9cNR=483neuHPQ@mail.gmail.com> <CAOJ7v-1rzdmviAnGknVZmrU_TDNoC3NmWd1g6iyx0WzZ4xB3Pw@mail.gmail.com> <4E820825.9090101@skype.net> <CAD5OKxvmKi3Py0gNcTdREdfS07hA-=f6L+u8KKVgSWztMft9kQ@mail.gmail.com> <CALiegfmL4VSRE+kgs5kXzQc3mCHnKpU-EAbVPKO4QNEYLKje=A@mail.gmail.com> <4E821E47.4080205@alvestrand.no> <CALiegfndBhod6Hoq6h63795x8f=ew28rDys=Fx8ScwVpVJwp1Q@mail.gmail.com> <CABcZeBOoF6MNSpATG2+_e99iRq7Jf9OoWWNCa=qRGW_v+maoHA@mail.gmail.com> <CAD5OKxubnxLAqybCgnBXpKR9S0rBEsoDg9enCaverjVWYad7Ew@mail.gmail.com> <CABcZeBPoQSM=L0-Er3j-ak2M6YfCbJkThbYuR_+=xUmcsxQz9Q@mail.gmail.com>
Date: Tue, 27 Sep 2011 18:50:20 -0400
Message-ID: <CAD5OKxsVE+LwKEcpe+hf+=i87Ucga0_VpkUGJkH5=HixV5Xkmw@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: multipart/alternative; boundary="bcaec520e8179e38f804adf41982"
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Solutions sought for non-ICE RTC calls, not +1 (Re: Requiring ICE for RTC calls)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Sep 2011 22:47:36 -0000
On Tue, Sep 27, 2011 at 6:33 PM, Eric Rescorla <ekr@rtfm.com> wrote: > > It's really a mistake to conflate ICE and SRTP here. If the user opets not > to use SRTP, > he's primarily hurting himself. If he opts not to use ICE, he's potentially > allowing his > browser to be used as an attack platform. These are not the same thing. > > We are not disabling SRTP and ICE. We stop requiring them for the call and allow to process offers and answers without ICE or SAVP. Offer generated by RTC should still include "crypto" attributes and ICE candidates. But offers and answers without "crypto" and ICE candidates should be processed for an application distributed by this site. We can separate those two settings but this is primarily the function of use trusting the site vs. not trusting it. > As for what's convenient for developers... I'm a developer, and while it > might be useful > to allow a setting to disable ICE and/or SRTP, that doesn't mean I need to > expose that > setting to the user. I really don't understand the virtue of a user-visible > setting to > disable the ICE requirement. > > -Ekr > > Same reason we allow to add exception for an invalid SSL certificate. This will allow us to work with end points that are currently available vs just other RTC clients. BTW, mechanism similar to SSL certificate exceptions is probably the best way to implement this. First time an application from a web site gets an answer without ICE or SRTP, we can show the dialog box and ask user if this application should be stopped, allowed for current session or allowed always. _____________ Roman Shpount
- [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Cameron Byrne
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Cameron Byrne
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Matthew Kaufman
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Matthew Kaufman
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Ravindran Parthasarathi
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Bernard Aboba
- Re: [rtcweb] Requiring ICE for RTC calls Tim Panton
- Re: [rtcweb] Requiring ICE for RTC calls Justin Uberti
- Re: [rtcweb] Requiring ICE for RTC calls Saúl Ibarra Corretgé
- [rtcweb] RFC 5245 interpretation (Re: Requiring I… Harald Alvestrand
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Justin Uberti
- Re: [rtcweb] RFC 5245 interpretation (Re: Requiri… Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Matthew Kaufman
- Re: [rtcweb] RFC 5245 interpretation (Re: Requiri… Christer Holmberg
- Re: [rtcweb] Requiring ICE for RTC calls Bernard Aboba
- Re: [rtcweb] Requiring ICE for RTC calls Tim Panton
- Re: [rtcweb] Requiring ICE for RTC calls Tim Panton
- Re: [rtcweb] Requiring ICE for RTC calls Dzonatas Sol
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Bernard Aboba
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Justin Uberti
- Re: [rtcweb] Requiring ICE for RTC calls Matthew Kaufman
- Re: [rtcweb] Requiring ICE for RTC calls Matthew Kaufman
- Re: [rtcweb] RFC 5245 interpretation (Re: Requiri… Ravindran Parthasarathi
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Ravindran Parthasarathi
- Re: [rtcweb] Requiring ICE for RTC calls Eric Rescorla
- [rtcweb] Solutions sought for non-ICE RTC calls, … Harald Alvestrand
- Re: [rtcweb] Requiring ICE for RTC calls Olle E. Johansson
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Olle E. Johansson
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Tim Panton
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Eric Rescorla
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Roman Shpount
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Eric Rescorla
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Roman Shpount
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Eric Rescorla
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Roman Shpount
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Eric Rescorla
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Matthew Kaufman
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Matthew Kaufman
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Roman Shpount
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Matthew Kaufman
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Randell Jesup
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Igor Faynberg
- [rtcweb] ICE deployment experience (Re: Solutions… Harald Alvestrand
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Cullen Jennings
- Re: [rtcweb] Requiring ICE for RTC calls Cullen Jennings
- Re: [rtcweb] Requiring ICE for RTC calls Cullen Jennings
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Cullen Jennings
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Cameron Byrne
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Eric Rescorla
- Re: [rtcweb] Requiring ICE for RTC calls Harald Alvestrand
- Re: [rtcweb] Requiring ICE for RTC calls Iñaki Baz Castillo
- Re: [rtcweb] Requiring ICE for RTC calls Cullen Jennings
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Olle E. Johansson
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Olle E. Johansson
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Roman Shpount
- Re: [rtcweb] Requiring ICE for RTC calls Cullen Jennings
- Re: [rtcweb] Requiring ICE for RTC calls Hadriel Kaplan
- Re: [rtcweb] Requiring ICE for RTC calls Hadriel Kaplan
- Re: [rtcweb] Requiring ICE for RTC calls Matthew Kaufman
- Re: [rtcweb] Requiring ICE for RTC calls Richard Shockey
- Re: [rtcweb] Requiring ICE for RTC calls Hadriel Kaplan
- Re: [rtcweb] Requiring ICE for RTC calls Hadriel Kaplan
- Re: [rtcweb] Requiring ICE for RTC calls Richard Shockey
- Re: [rtcweb] Requiring ICE for RTC calls Eric Rescorla
- Re: [rtcweb] Requiring ICE for RTC calls Hadriel Kaplan
- Re: [rtcweb] Requiring ICE for RTC calls Martin J. Dürst
- Re: [rtcweb] Requiring ICE for RTC calls Harald Alvestrand
- Re: [rtcweb] SBC hardware and SHA1 Olle E. Johansson
- Re: [rtcweb] Requiring ICE for RTC calls Tim Panton
- Re: [rtcweb] SBC hardware and SHA1 Hadriel Kaplan
- Re: [rtcweb] SBC hardware and SHA1 Cameron Byrne
- Re: [rtcweb] SBC hardware and SHA1 Olle E. Johansson
- Re: [rtcweb] SBC hardware and SHA1 Olle E. Johansson
- Re: [rtcweb] SBC hardware and SHA1 Eric Rescorla
- Re: [rtcweb] SBC hardware and SHA1 Dzonatas Sol
- Re: [rtcweb] SBC hardware and SHA1 Ravindran Parthasarathi
- Re: [rtcweb] Solutions sought for non-ICE RTC cal… Saúl Ibarra Corretgé
- Re: [rtcweb] Requiring ICE for RTC calls Cullen Jennings