Re: [rtcweb] Same location media

Bernard Aboba <> Thu, 20 October 2011 16:41 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A6EDF21F8C13 for <>; Thu, 20 Oct 2011 09:41:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.397
X-Spam-Status: No, score=-102.397 tagged_above=-999 required=5 tests=[AWL=0.201, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id l20p4S5LrNdx for <>; Thu, 20 Oct 2011 09:41:48 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 070E921F8BBB for <>; Thu, 20 Oct 2011 09:41:47 -0700 (PDT)
Received: from BLU152-W27 ([]) by with Microsoft SMTPSVC(6.0.3790.4675); Thu, 20 Oct 2011 09:41:47 -0700
Message-ID: <BLU152-W274DC7DC92EF49307BC57D93EB0@phx.gbl>
Content-Type: multipart/alternative; boundary="_a99b29c0-3f9e-4b58-8f2d-2e8b78c0ca8c_"
X-Originating-IP: []
From: Bernard Aboba <>
Date: Thu, 20 Oct 2011 09:41:47 -0700
Importance: Normal
In-Reply-To: <>
References: <>
MIME-Version: 1.0
X-OriginalArrivalTime: 20 Oct 2011 16:41:47.0818 (UTC) FILETIME=[28E0E8A0:01CC8F47]
Subject: Re: [rtcweb] Same location media
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 20 Oct 2011 16:41:48 -0000

Roman said: 

"Few additional points related to this:

1. This is what Flash is doing now for streaming media. It does not need consent to send media to the same server that sent the flash app.

2. I am not sure we standardized that only IP addresses are allowed in media description. DNS names might still be allowed then this issue will become the issue of doing a literal match.

3. There is still a security issue with ICE: we validate that STUN request can be processed, but not that the media actually should be accepted from this application. In some sense, current Flash cross domain polices are stricter, since they not only validate that media is acceptable at this IP but that it is acceptable from the app served from particular server.

In general, I think this is a good thing if I can get readily available hardware components and connect RTC clients to my existing infrastructure (I do have an JavaScript/HTTP to SIP proxy solution already). If we are not breaking anything by doing this, there might be some benefit for allowing this. But on the other hand, I already got ICE/SRTP to non-ICE/RTP media proxy as well, so if this is not supported I will not suffer much :)."

[BA]  Good points.  

One of the requirements in the use case document is the ability to work across firewalls that do not permit UDP.  In practice, this constraint is encountered surprisingly often (as much as 15-25% of the time, in enterprise scenarios).   The implication is that ICE will require a fallback, such as sending media over HTTP.   In a fallback situation, requiring ICE would be silly, since it has typically failed in order for fallback to be considered.