Re: [rtcweb] Signalling, SDP, and the way we think about interconnecting RTCWEB applications

[Dzonatas Sol <dzonatas@gmail.com>]

On Mon, Oct 17, 2011 at 10:10 AM, Wolfgang Beck <
wolfgang.beck01@googlemail.com> wrote:

> On Mon, Oct 17, 2011 at 5:00 PM, Randell Jesup <randell-ietf@jesup.org>
> wrote:
>
> > Ok, I looked at draft-beck-rtcweb-alt-ic.
> >
> > One huge problem with it: it's based on an assumption that for most cases
> of
> > federation and cross-service calls won't hold: that clients will use the
> > same client JS app, and the services are just providing different
> > realms/methods of authentication and user-lookup.
> >
> > Also, your draft doesn't explain how A & B came to be talking to the same
> > server in the first place.  The draft seems mostly focused on how a
> single
> > provider can use a shared authentication scheme (and I would suggest that
> we
> > try to find a provider-agnostic way to leverage id systems such as
> BrowserID
> > and/or OpenID to provide end-user identification).
> >
> Ok, here's an example that works today. Let's assume you have a yahoo
> account and want to post a comment on stackexchange.com.
> You just point your browser to the stackexchange.com url [i.e. user
> location]. Now you log in using your yahoo account as OpenID. The
> browser loads the stackexchanges's JS client that enables you to post
> your text.  There is no comment-posting-protocol required between
> yahoo and
> stackexchange. They only have to agree on an 3rd party authentication
> protocol.
>
> If stackexchange extends its functionality, let's say with real-time
> chat (which they did), your browser will load the appropriate JS
> client
> the next time you load the page.  All parties in the chat will use the
> same JS client under stackexchange's control, regardless whether
> people have
> used google, yahoo, or facebook to log in. There is no need to
> standardize anything that crosses stackexchange's servers.
>
> Now you want to make a comment on some blog at blogspot.com. You point
> your browser at the blog's URL and log in using your Yahoo OpenID.
> The browser loads blogspot's JS client. The GUI looks quite different
> but you can post your comment as well.
>
> With the current RTCWEB thinking, we would have to specify an intra
> server protocol that covered stackexchange's discussion and chat
> systems as well as blogspot comments. Such a protocol would soon get
> very complex.
>


Such protocol is not possible across domains unless the host is the same.

Only when the host is the same does intra- faces makes sense.