Re: [rtcweb] Fwd: New Version Notification for draft-thomson-rtcweb-alpn-00.txt

Paul Kyzivat <> Wed, 09 April 2014 19:13 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 675111A0205 for <>; Wed, 9 Apr 2014 12:13:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_SOFTFAIL=0.665] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2xAlvVsit2DK for <>; Wed, 9 Apr 2014 12:13:00 -0700 (PDT)
Received: from ( [IPv6:2001:558:fe14:43:76:96:62:40]) by (Postfix) with ESMTP id 579191A02F5 for <>; Wed, 9 Apr 2014 12:13:00 -0700 (PDT)
Received: from ([]) by with comcast id ntqN1n0050vyq2s54vCzCm; Wed, 09 Apr 2014 19:12:59 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([]) by with comcast id nvCz1n00M3ZTu2S3RvCz6N; Wed, 09 Apr 2014 19:12:59 +0000
Message-ID: <>
Date: Wed, 09 Apr 2014 15:12:59 -0400
From: Paul Kyzivat <>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=q20140121; t=1397070779; bh=DtgiS47sOBc5PY+ZyXvTLoawA8+UU57JTVFeI/v5PcE=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=gbyHBIWEbBT7u+roWLQSXMcwVzVeSW970K96zoJRtiPP0Twjt67jynF/eysND8aXw 2w6r2uo9sx/zb0YZWO7rjbRAQ/tD3NqNMmFcURFMMKoCrxuKnSr7tHoiYj6PnF3hwG GvnzpANprh3K5q0AqAEwJP21NR4Rwccv09oFUE3iXUw1WSXAqMBQ/koqgH6NxlZXaK VNR1txcMmg2KGBXAYSRX5122mxkI3Enx7kN49fnCktLsKs/R08Hwwf98QZoGuOa0ca l6R+w4dv2kSH70xeGWV5i0i4ySa/WFvBUfjMvkO9xUMxngqbXB/UUSnhWYfgKG2try z2GaBNlbTqC0Q==
Subject: Re: [rtcweb] Fwd: New Version Notification for draft-thomson-rtcweb-alpn-00.txt
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 09 Apr 2014 19:13:01 -0000

If you propose to use ALPN for this, then "webrtc" and "c-webrtc" must 
be Application Level Protocols - presumably *different* protocols.

But what is the *protocol*? I don't see that mentioned in the draft at all.

IIUC it must be the multiplexing of STUN, SRTP, and SCTP over DTLS. 
(Maybe not STUN - maybe that is *below* or *beside* DTLS.) I see how it 
could make sense to use ALPN to verify that this is the intended use of 
the DTLS session. But that isn't even mentioned in the draft.

And, from a protocol perspective, what is the difference between webrtc 
and c-webrtc? AFAICT this is just two different usages of the same 
"protocol", not two different protocols.


On 4/9/14 2:09 PM, Martin Thomson wrote:
> The intent of this draft is to address the isolation issue.
> Unlike a TLS extension, this doesn't require that the TLS WG provide
> an official blessing.  Though I'll note that this is the advice that
> at least two participants in that working group suggested for
> addressing this problem.
> In short: negotiate "webrtc" if you are doing the usual, insecure
> thing; negotiate "c-webrtc" if you would like media confidentiality.
> A new version of I-D, draft-thomson-rtcweb-alpn-00.txt
> has been successfully submitted by Martin Thomson and posted to the
> IETF repository.
> Name:           draft-thomson-rtcweb-alpn
> Revision:       00
> Title:          Application Layer Protocol Negotiation for Web
> Real-Time Communications (WebRTC)
> Document date:  2014-04-09
> Group:          Individual Submission
> Pages:          6
> URL:
> Status:
> Htmlized:
> Abstract:
>     Application Layer Protocol Negotiation (ALPN) labels are defined for
>     use in identifying Web Real-Time Communications (WebRTC) usages of
>     Datagram Transport Layer Security (DTLS).  Labels are provided for
>     identifying a session that uses a combination of WebRTC compatible
>     media and data, and for identifying a session requiring
>     confidentiality protection.
> _______________________________________________
> rtcweb mailing list