IETF Logo Mail Archive

Re: [rtcweb] Requiring ICE for RTC calls

Hadriel Kaplan <HKaplan@acmepacket.com> Fri, 30 September 2011 00:15 UTC

Return-Path: <HKaplan@acmepacket.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEEDB21F8D2F for <rtcweb@ietfa.amsl.com>; Thu, 29 Sep 2011 17:15:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.515
X-Spam-Level:
X-Spam-Status: No, score=-2.515 tagged_above=-999 required=5 tests=[AWL=0.084, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h93+TUZudjQ0 for <rtcweb@ietfa.amsl.com>; Thu, 29 Sep 2011 17:15:21 -0700 (PDT)
Received: from etmail.acmepacket.com (etmail.acmepacket.com [216.41.24.6]) by ietfa.amsl.com (Postfix) with ESMTP id DA9C421F8D29 for <rtcweb@ietf.org>; Thu, 29 Sep 2011 17:15:20 -0700 (PDT)
Received: from MAIL2.acmepacket.com (10.0.0.22) by etmail.acmepacket.com (216.41.24.6) with Microsoft SMTP Server (TLS) id 8.2.254.0; Thu, 29 Sep 2011 20:18:10 -0400
Received: from MAIL1.acmepacket.com ([169.254.1.230]) by Mail2.acmepacket.com ([169.254.2.157]) with mapi id 14.01.0270.001; Thu, 29 Sep 2011 20:18:11 -0400
From: Hadriel Kaplan <HKaplan@acmepacket.com>
To: Matthew Kaufman <matthew.kaufman@skype.net>
Thread-Topic: [rtcweb] Requiring ICE for RTC calls
Thread-Index: AQHMfwZv3sQD2WlxHkGGIlcaHaSlxA==
Date: Fri, 30 Sep 2011 00:18:10 +0000
Message-ID: <2C381E05-59C5-4678-A431-CFDAC1098050@acmepacket.com>
References: <CAD5OKxtNjmWBz92bRuxka7e-BUpTPgVUvr3ahJGpmZ-U5nuPbQ@mail.gmail.com> <CAD6AjGSmz5T_F+SK2EoBQm6T-iRKp7dd4j8ZAF5JKdbbyomZQA@mail.gmail.com> <CALiegfmO54HC+g9L_DYn4jtXAAbLEvS++qxKa6TNrLDREs9SeA@mail.gmail.com> <4E80984A.903@skype.net> <CALiegfmyvTb57WVooKryS-ubfcg+w5gZ+zfO1zzBLn3609AzaA@mail.gmail.com> <4E809EE6.2050702@skype.net> <CAD5OKxvUOadaU0dnB7-Ho9cZ92VY+4Owuhj7oKPCx9Jy1iwT1Q@mail.gmail.com> <C2DF2C51-B3F7-443D-A047-7E6FB03E6D20@phonefromhere.com> <CAOJ7v-3AJJcdrCKcH4AJmv_016sZtcOPOo8yCv3Va65eJogAkQ@mail.gmail.com> <53C72381-DC23-4A6A-944C-B418791876B0@cisco.com> <CALiegf=nG+KXto9CXfn64CQSp3P5Lfm+S8c0xnA187Fhz=fcrQ@mail.gmail.com> <05B54E0C-B867-4D7F-825D-2E008E69B07F@acmepacket.com> <4E84F06B.7020705@skype.net>
In-Reply-To: <4E84F06B.7020705@skype.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.0.0.30]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <A7B2FF3543AEEE448138EC9DF8666520@acmepacket.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAQAAAWE=
Cc: Randell Jesup <randell-ietf@jesup.org>, "<rtcweb@ietf.org>" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Requiring ICE for RTC calls
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Sep 2011 00:15:21 -0000

On Sep 29, 2011, at 6:25 PM, Matthew Kaufman wrote:

> Ridiculous. We're not talking something like one SHA-1 HMAC per packet received... this is one SHA-1 per connectivity test. That's one or two packets *per call*. No way that increases the cost/complexity of any possible device that might be terminating or transcoding media.

Not as far as I know; the SHA-1 hash is calculated on every single STUN request and response packet, because it covers the STUN header which includes the transaction-id, which is unique per request; and the request has different content than the response.  So per ICE-pair connectivity check, it could be two STUN requests and two responses (for the "normal" mode).  And since I'm assuming v4/v6 dual-stack, that's potentially double that number. 

And yes while 8 SHA-1's per call isn't a lot compared to transcoding or terminating media, I wasn't talking about this being done in the PSTN TDM-facing gateways themselves, but rather in the "media-plane gateway" interworking RTCWeb with the legacy SIP world. (ie, SBCs)  At least I assumed that's what people here meant by "media gateways" - it's not like real PSTN-TDM gateways are eager to do ICE... nor are MTAs, voicemail servers, announcement servers, conference servers, IVRs, etc.

And note that I was responding to the emails which made it sound like "all" the SBC has to do is ICE-Lite, and since it has the word "Lite" in it it must therefor be easy/free.  And my point was it's fewer calories, not zero calories. :)

-hadriel
p.s. I should note the arguments in MMUSIC are about this burden for SBCs and v4/v6 transition - not for plain IPv4 and PSTN gateways... not many people expect real PSTN gateways to be involved with ICE, afaict.

v2.23.0 | Report a Bug | By Email