Re: [rtcweb] Requiring ICE for RTC calls

Hadriel Kaplan <> Fri, 30 September 2011 00:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CEEDB21F8D2F for <>; Thu, 29 Sep 2011 17:15:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.515
X-Spam-Status: No, score=-2.515 tagged_above=-999 required=5 tests=[AWL=0.084, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id h93+TUZudjQ0 for <>; Thu, 29 Sep 2011 17:15:21 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id DA9C421F8D29 for <>; Thu, 29 Sep 2011 17:15:20 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Thu, 29 Sep 2011 20:18:10 -0400
Received: from ([]) by ([]) with mapi id 14.01.0270.001; Thu, 29 Sep 2011 20:18:11 -0400
From: Hadriel Kaplan <>
To: Matthew Kaufman <>
Thread-Topic: [rtcweb] Requiring ICE for RTC calls
Thread-Index: AQHMfwZv3sQD2WlxHkGGIlcaHaSlxA==
Date: Fri, 30 Sep 2011 00:18:10 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAQAAAWE=
Cc: Randell Jesup <>, "<>" <>
Subject: Re: [rtcweb] Requiring ICE for RTC calls
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 30 Sep 2011 00:15:21 -0000

On Sep 29, 2011, at 6:25 PM, Matthew Kaufman wrote:

> Ridiculous. We're not talking something like one SHA-1 HMAC per packet received... this is one SHA-1 per connectivity test. That's one or two packets *per call*. No way that increases the cost/complexity of any possible device that might be terminating or transcoding media.

Not as far as I know; the SHA-1 hash is calculated on every single STUN request and response packet, because it covers the STUN header which includes the transaction-id, which is unique per request; and the request has different content than the response.  So per ICE-pair connectivity check, it could be two STUN requests and two responses (for the "normal" mode).  And since I'm assuming v4/v6 dual-stack, that's potentially double that number. 

And yes while 8 SHA-1's per call isn't a lot compared to transcoding or terminating media, I wasn't talking about this being done in the PSTN TDM-facing gateways themselves, but rather in the "media-plane gateway" interworking RTCWeb with the legacy SIP world. (ie, SBCs)  At least I assumed that's what people here meant by "media gateways" - it's not like real PSTN-TDM gateways are eager to do ICE... nor are MTAs, voicemail servers, announcement servers, conference servers, IVRs, etc.

And note that I was responding to the emails which made it sound like "all" the SBC has to do is ICE-Lite, and since it has the word "Lite" in it it must therefor be easy/free.  And my point was it's fewer calories, not zero calories. :)

p.s. I should note the arguments in MMUSIC are about this burden for SBCs and v4/v6 transition - not for plain IPv4 and PSTN gateways... not many people expect real PSTN gateways to be involved with ICE, afaict.