Re: [rtcweb] Resolving RTP/SDES question in Paris

["Richard L. Barnes" <rbarnes@bbn.com>]

On 3/29/12 8:18 AM, Roman Shpount wrote:
>
> On Fri, Mar 23, 2012 at 11:19 PM, Hadriel Kaplan <HKaplan@acmepacket.com
> <mailto:HKaplan@acmepacket.com>> wrote:
>
>     I'm not trying to be pedantic or difficult here, or trying to
>     dismiss the use-case.  I know there are many such "super-tight"
>     networks, but I just don't see how we can reasonably accommodate
>     their use-case in this WG.  And I'm pointing out that we really are
>     following their policies, inasmuch as WebRTC media will fail to
>     escape their network - I would be far more worried if we somehow
>     bypassed their policies instead.  At least this way it's similar
>     behavior they get for unknown/unauthorized applications, which is
>     arguably what going to random websites and running downloaded
>     javascript is equivalent to.
>
>
> Sorry for the late response, but enterprise policy does not have to be
> WebRTC on or off. It can be video is not allowed from the enterprise
> network but audio is ok. It can be that enterprise would only allow to
> communicate with SDP signed by some predefined list of identity
> providers. It can be that only certain amount of bandwidth can be used
> for WebRTC traffic. WebRTC media communications can only be allowed with
> certain IP networks. All of those policies are common with SIP and
> enterprise session border controllers. Right now there is no granular
> control similar to the control that you would get by running  SIP
> enabled firewall. I would consider this a serious regression comparing
> to current SIP based communications and would really like this addressed.


This sounds like an excellent use case for host-based controls, and an 
excellent example of the limitations of network-based controls.

--Richard