IETF Logo Mail Archive

Re: [rtcweb] Use case change request: Identity in multiuser calls

Harald Alvestrand <harald@alvestrand.no> Thu, 11 August 2011 11:46 UTC

Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DA6221F8678 for <rtcweb@ietfa.amsl.com>; Thu, 11 Aug 2011 04:46:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.449
X-Spam-Level:
X-Spam-Status: No, score=-102.449 tagged_above=-999 required=5 tests=[AWL=-0.150, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h2SD48vYSK1n for <rtcweb@ietfa.amsl.com>; Thu, 11 Aug 2011 04:46:46 -0700 (PDT)
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no [158.38.152.233]) by ietfa.amsl.com (Postfix) with ESMTP id D3A9321F865F for <rtcweb@ietf.org>; Thu, 11 Aug 2011 04:46:45 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id 5922C39E072; Thu, 11 Aug 2011 13:46:07 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at eikenes.alvestrand.no
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kWbykF9GK5I9; Thu, 11 Aug 2011 13:46:06 +0200 (CEST)
Received: from hta-dell.lul.corp.google.com (62-20-124-50.customer.telia.com [62.20.124.50]) by eikenes.alvestrand.no (Postfix) with ESMTPS id 8B74439E0BC; Thu, 11 Aug 2011 13:46:06 +0200 (CEST)
Message-ID: <4E43C144.1020102@alvestrand.no>
Date: Thu, 11 Aug 2011 13:47:16 +0200
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110617 Thunderbird/3.1.11
MIME-Version: 1.0
To: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
References: <4E4292B2.8000904@alvestrand.no> <BBF498F2D030E84AB1179E24D1AC41D616C389F1E1@ESESSCMS0362.eemea.ericsson.se>
In-Reply-To: <BBF498F2D030E84AB1179E24D1AC41D616C389F1E1@ESESSCMS0362.eemea.ericsson.se>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Use case change request: Identity in multiuser calls
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2011 11:46:46 -0000

On 08/11/11 13:33, Stefan Håkansson LK wrote:
> Harald Alvestrand wrote:
>> In draft-ietf-rtcweb-use-cases-and-requirements, I would like to extend
>> one part of the scenario "4.3.3 Video conferencing system with central
>> server".
>>
>> I would like to add one more paragraph:
>>
>> "All participant are authenticated by the central server, and authorized
>> to connect to the central server. The participants are identified to
>> each other by the central server, and the participants do not have
>> access to each others' credentials such as e-mail addresses or login IDs".
> I think this paragraph makes a lot of sense, and would be happy to add it. However, I’m not 100% convinced that it would add requirements that are in scope for webrtc or rtcweb.
>
> When writing up this use case, the architecture in mind was centred around a web server that carries out the functionality of serving the web app, handling users, authenticating them, authorising them, allowing them to communicate and so on. That web server would control the central (media) server, which in turn is responsible only for establishing connections for RTC with browsers, mixing audio and selecting video between the users (browsers) selected by the web server, etc.
>
> This would mean that user management, including determining what user identity is revealed to others, is controlled by the web server. I guess this is done already today for many services. What we will add is the possibility to communicate using audio and video without plug-ins.
>
> Does this make sense or not?
This makes sense. I just want it to be explicit.
It's relevant for the discussion EKR brought up about "who do I 
authorize when I say OK to using a camera" - if it's the far end of the 
connection or the service I'm connecting to.

In the centralized server case, with the added text, it's definitely the 
service, and I'd like to keep it that way. So this is text added in 
order to make sure we don't generate a requirement....

v2.23.0 | Report a Bug | By Email