[rtcweb] Consent alternative

Martin Thomson <martin.thomson@gmail.com> Fri, 22 November 2013 17:55 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D3891ADF7C for <rtcweb@ietfa.amsl.com>; Fri, 22 Nov 2013 09:55:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8TIhu0jVN8aU for <rtcweb@ietfa.amsl.com>; Fri, 22 Nov 2013 09:55:16 -0800 (PST)
Received: from mail-we0-x22d.google.com (mail-we0-x22d.google.com [IPv6:2a00:1450:400c:c03::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 8B66D1AC7F0 for <rtcweb@ietf.org>; Fri, 22 Nov 2013 09:55:16 -0800 (PST)
Received: by mail-we0-f173.google.com with SMTP id t61so1474730wes.18 for <rtcweb@ietf.org>; Fri, 22 Nov 2013 09:55:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=KW4uDieBtu9u7L9+JaZMIjvxsCmtwoxtPRP9ecJILgM=; b=EXb2fuCR17ya67jQxydoWNy7rWZCJNkK21fCyUAP97Bt66STyD2DahqT/2jgd3P7k6 mhpD/XaAisPA5mFE9pSW8nw+QBerTHa0CLVyGBL0TJNI3ZMbaOiQwOOufJuqyJsGQxYK P4xGToihWj85fta2zjyUlw0UoizJs5BHXy03++0X5lIbDoSwxGKsigSeC2BXw5rkrD5l Dgdh3Ac01br5k6IERghS28XTMlICrm9HNhBlZcCKFf6bP4fq4LEmsSmg9ZjSiqaPd3Pn BeEwabkZRYab0ODZ0d2FVlyPK5uN+KADGWg3u4twX68QdCXGZuATLfeINQt6kU4Bvhe4 1Jdw==
MIME-Version: 1.0
X-Received: by 10.180.20.102 with SMTP id m6mr3675527wie.22.1385142909069; Fri, 22 Nov 2013 09:55:09 -0800 (PST)
Received: by 10.227.134.195 with HTTP; Fri, 22 Nov 2013 09:55:09 -0800 (PST)
Date: Fri, 22 Nov 2013 09:55:09 -0800
Message-ID: <CABkgnnVNnT8uoWM8T=TqbTmy11CGTeHLP=_7z5KSMSpAsp9SyQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "rtcweb@ietf.org" <rtcweb@ietf.org>
Content-Type: text/plain; charset=UTF-8
Cc: Cullen Jennings <fluffy@cisco.com>
Subject: [rtcweb] Consent alternative
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Nov 2013 17:55:18 -0000

I know that I've been a fan of consent via ICE, but with the decision
in Berlin to move to DTLS only, several of us have observed that
perhaps RFC 6520 might be a better alternative.

We've put together an exploration of the idea here:

http://tools.ietf.org/html/draft-thomson-rtcweb-consent-00

The best part of this is that it changes the dynamics (for the better,
I think).  You don't need to send extra packets if you are actively
using the flow.  That means that 1:1 sessions won't need to spend
extra cycles or bytes on keeping the session live.

There are some gotchas for multiparty sessions, but I believe those to
be manageable.