Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism (Re: Summary of ICE discussion)
<sebastien.cubaud@orange.com> Tue, 11 October 2011 07:51 UTC
Return-Path: <sebastien.cubaud@orange.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F5C221F8B37 for <rtcweb@ietfa.amsl.com>; Tue, 11 Oct 2011 00:51:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.664
X-Spam-Level:
X-Spam-Status: No, score=-0.664 tagged_above=-999 required=5 tests=[AWL=1.585, BAYES_00=-2.599, HELO_EQ_FR=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kIR26-zFjhOR for <rtcweb@ietfa.amsl.com>; Tue, 11 Oct 2011 00:51:07 -0700 (PDT)
Received: from r-mail1.rd.francetelecom.com (r-mail1.rd.francetelecom.com [217.108.152.41]) by ietfa.amsl.com (Postfix) with ESMTP id B075021F8B31 for <rtcweb@ietf.org>; Tue, 11 Oct 2011 00:51:06 -0700 (PDT)
Received: from r-mail1.rd.francetelecom.com (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id B6D9E8B808D; Tue, 11 Oct 2011 09:52:26 +0200 (CEST)
Received: from ftrdsmtp2.rd.francetelecom.fr (unknown [10.192.128.47]) by r-mail1.rd.francetelecom.com (Postfix) with ESMTP id AAC408B8091; Tue, 11 Oct 2011 09:52:26 +0200 (CEST)
Received: from ftrdmel0.rd.francetelecom.fr ([10.192.128.56]) by ftrdsmtp2.rd.francetelecom.fr with Microsoft SMTPSVC(6.0.3790.4675); Tue, 11 Oct 2011 09:48:27 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 11 Oct 2011 09:48:26 +0200
Message-ID: <E6AA070839B987489960B202AD80E18D01A178B3@ftrdmel0.rd.francetelecom.fr>
In-Reply-To: <4E93B43C.3060106@jdrosen.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [rtcweb] Sebastien Cubaud's non-ICE mechanism (Re: Summary of ICE discussion)
Thread-Index: AcyHw7KHZmQN1dUbTQqm+QcGaRqUxgAJRXww
References: <4E8B192E.80809@ericsson.com><E6AA070839B987489960B202AD80E18D019D9119@ftrdmel0.rd.francetelecom.fr><4E935A8B.8020700@alvestrand.no><CABcZeBNd0wnAv3KHkzCa4g6tFmGJhADOQDCz-7G=DYwp1yOGzA@mail.gmail.com><4E9389C0.5050607@jesup.org> <4E93B43C.3060106@jdrosen.net>
From: sebastien.cubaud@orange.com
To: jdrosen@jdrosen.net, rtcweb@ietf.org
X-OriginalArrivalTime: 11 Oct 2011 07:48:27.0850 (UTC) FILETIME=[29B18AA0:01CC87EA]
Subject: Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism (Re: Summary of ICE discussion)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Oct 2011 07:51:08 -0000
Hi Jonathan, The use of the SSRC - prior to being accessible via JS for mux/demux purposes- could be an alternative to using the sequence number and/or the timestamp (as suggested by Randell). SIP endpoints interfacing with RTC-Web browsers would then only be required to implement RFC 5576 (which may be less costly than STUN implementation, the SHA-1 computation + CRC compute for the fingerprint).. Cheers Sebastien -----Message d'origine----- De : rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] De la part de Jonathan Rosenberg Envoyé : mardi 11 octobre 2011 05:13 À : rtcweb@ietf.org Objet : Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism (Re: Summary of ICE discussion) Security issues aside, the proposed solution does not work with existing SIP/RTP implementations. The main drawback of the ICE solution is that it won't work with deployed equipment. I see little benefit in specifying another solution which does not fix the main limitation we have with ICE. -Jonathan R. On 10/10/2011 8:11 PM, Randell Jesup wrote: > On 10/10/2011 7:04 PM, Eric Rescorla wrote: >> On Mon, Oct 10, 2011 at 1:50 PM, Harald >> Alvestrand<harald@alvestrand.no> wrote: >>> Changing the subject to keep threads separate.... >>> >>> On 10/09/2011 12:00 PM, sebastien.cubaud@orange.com wrote: >>>> Here are the steps I foresee before allowing the establishment of a >>>> media >>>> session: >>>> >>>> - Let's consider A (a RTC-Web compliant browser) connected to server >>>> S and >>>> wishing to share real-time media with destination B (potentially a SIP >>>> endpoint or a browser) >>>> - A& B learn via the signalling channel the triple @IP, transport proto >>>> and associated listening port of the remote media >>>> - A sends a few RTP packets to B (3 as in RFC 2833/4733 or more?).- >>>> This >>>> would allow the mechanism to resist against packet loss -. The >>>> format of such >>>> packets are to be discussed >>>> - Assuming B receives these packets, it then sends via the signalling >>>> channel an information from the media path unknown from S (i.e. not >>>> accessible via >>>> JS). >>>> I propose to use the min of the sequence number of the RTP packets >>>> received (which is random per RFC 3550) >>> >>> The sequence number is a 16-bit number, so there are 16 bits of >>> randomness >>> to play with here. >>> An attack based on just returning a random number will succeed 1 out of >>> 65.536 times; if any of the 3 packets' sequence numbers are >>> acceptable, it >>> will succeed 1 out of 21.845 times. > > If you use the sequence number and the timestamp, you have 48 bits of > entropy... > > -- Jonathan D. Rosenberg, Ph.D. SkypeID: jdrosen Skype Chief Technology Strategist jdrosen@skype.net http://www.skype.com jdrosen@jdrosen.net http://www.jdrosen.net _______________________________________________ rtcweb mailing list rtcweb@ietf.org https://www.ietf.org/mailman/listinfo/rtcweb
- Re: [rtcweb] Summary of ICE discussion Randell Jesup
- [rtcweb] Summary of ICE discussion Magnus Westerlund
- Re: [rtcweb] Summary of ICE discussion Iñaki Baz Castillo
- Re: [rtcweb] Summary of ICE discussion Randell Jesup
- Re: [rtcweb] Summary of ICE discussion Olle E. Johansson
- Re: [rtcweb] Summary of ICE discussion Eric Rescorla
- Re: [rtcweb] Summary of ICE discussion Cary Bran (cbran)
- Re: [rtcweb] Summary of ICE discussion Hadriel Kaplan
- Re: [rtcweb] Summary of ICE discussion Bernard Aboba
- Re: [rtcweb] Summary of ICE discussion Bernard Aboba
- Re: [rtcweb] Summary of ICE discussion Cullen Jennings
- Re: [rtcweb] Summary of ICE discussion Cullen Jennings
- Re: [rtcweb] Summary of ICE discussion Matthew Kaufman
- Re: [rtcweb] Summary of ICE discussion Matthew Kaufman
- Re: [rtcweb] Summary of ICE discussion Matthew Kaufman
- Re: [rtcweb] Summary of ICE discussion Bernard Aboba
- Re: [rtcweb] Summary of ICE discussion Matthew Kaufman
- Re: [rtcweb] Summary of ICE discussion Ravindran Parthasarathi
- Re: [rtcweb] Summary of ICE discussion Roman Shpount
- Re: [rtcweb] Summary of ICE discussion Magnus Westerlund
- Re: [rtcweb] Summary of ICE discussion Magnus Westerlund
- Re: [rtcweb] Summary of ICE discussion Harald Alvestrand
- Re: [rtcweb] Summary of ICE discussion Harald Alvestrand
- Re: [rtcweb] Summary of ICE discussion Jonathan Lennox
- Re: [rtcweb] Summary of ICE discussion Ravindran Parthasarathi
- Re: [rtcweb] Summary of ICE discussion Bernard Aboba
- Re: [rtcweb] Summary of ICE discussion Harald Alvestrand
- Re: [rtcweb] Summary of ICE discussion Cullen Jennings
- Re: [rtcweb] Summary of ICE discussion Paul Hoffman
- Re: [rtcweb] Summary of ICE discussion sebastien.cubaud
- Re: [rtcweb] Summary of ICE discussion Iñaki Baz Castillo
- [rtcweb] Sebastien Cubaud's non-ICE mechanism (Re… Harald Alvestrand
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… sebastien.cubaud
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Eric Rescorla
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Iñaki Baz Castillo
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Randell Jesup
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Jonathan Rosenberg
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Randell Jesup
- Re: [rtcweb] Summary of ICE discussion sebastien.cubaud
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Iñaki Baz Castillo
- Re: [rtcweb] Summary of ICE discussion Iñaki Baz Castillo
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Tim Panton
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… sebastien.cubaud
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] Sebastien Cubaud's non-ICE mechanism… sebastien.cubaud
- Re: [rtcweb] Summary of ICE discussion sebastien.cubaud