Re: [rtcweb] Summary of ICE discussion

Matthew Kaufman <matthew.kaufman@skype.net> Wed, 05 October 2011 04:13 UTC

Return-Path: <matthew.kaufman@skype.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEEE521F8B1C for <rtcweb@ietfa.amsl.com>; Tue, 4 Oct 2011 21:13:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.776
X-Spam-Level:
X-Spam-Status: No, score=-5.776 tagged_above=-999 required=5 tests=[AWL=0.823, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6BUaPJvBz-40 for <rtcweb@ietfa.amsl.com>; Tue, 4 Oct 2011 21:13:28 -0700 (PDT)
Received: from mx.skype.net (mx.skype.net [78.141.177.88]) by ietfa.amsl.com (Postfix) with ESMTP id 8317421F87C2 for <rtcweb@ietf.org>; Tue, 4 Oct 2011 21:13:28 -0700 (PDT)
Received: from mx.skype.net (localhost [127.0.0.1]) by mx.skype.net (Postfix) with ESMTP id CD65516F6; Wed, 5 Oct 2011 06:16:34 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=skype.net; h=message-id :date:from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; s=mx; bh=oCgsnQBDgMmG+x NhV9QNX6+odkA=; b=Uh4j3dsaIk2NSGRMgbbUcwYZWqk/sXp/GV3NuikN6yCWul k0vzr4YzksiU6iJ45I13lt8+DGCoY0fO6FzLR+3DDT9Hq/aqHJ+kq1h85JQqpWUI 4n+4J9E+iJt7+NVsMnN9clUL70DPZuHW0wbbIoADgzRsDWXRzCtvaBVE7yIP4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=skype.net; h=message-id:date:from :mime-version:to:cc:subject:references:in-reply-to:content-type: content-transfer-encoding; q=dns; s=mx; b=i9X/VDYpn9E+K6T4J8RL5X 6C9Zetf2bAY8LA0pY6itbue/rMEtRCyv5VF6GBWZFz6eLy+10QhzF9Gt0mUJoahR V0Tjf1KPDJSmFmLKJa5G9k+E5H0NHP1Cd+jUexVs18UUra2OSOLKrMZ6V8BteNLI BRxN3D9m4RQJ28i1k59EU=
Received: from zimbra.skype.net (zimbra.skype.net [78.141.177.82]) by mx.skype.net (Postfix) with ESMTP id CBF267FC; Wed, 5 Oct 2011 06:16:34 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) by zimbra.skype.net (Postfix) with ESMTP id A5E85350708A; Wed, 5 Oct 2011 06:16:34 +0200 (CEST)
X-Virus-Scanned: amavisd-new at lu2-zimbra.skype.net
Received: from zimbra.skype.net ([127.0.0.1]) by localhost (zimbra.skype.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S6VxXDHfJ1Sg; Wed, 5 Oct 2011 06:16:34 +0200 (CEST)
Received: from [10.10.155.2] (unknown [198.202.199.254]) by zimbra.skype.net (Postfix) with ESMTPSA id B97293506EF4; Wed, 5 Oct 2011 06:16:33 +0200 (CEST)
Message-ID: <4E8BD9D7.6000203@skype.net>
Date: Tue, 04 Oct 2011 21:15:19 -0700
From: Matthew Kaufman <matthew.kaufman@skype.net>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1
MIME-Version: 1.0
To: Randell Jesup <randell-ietf@jesup.org>
References: <4E8B192E.80809@ericsson.com> <4E8B20BA.3080906@jesup.org> <7EE6A3A6-D628-4EF5-A1E2-FB78C9F8A498@acmepacket.com> <4E8BC675.6060907@skype.net> <4E8BCC2B.6080907@jesup.org>
In-Reply-To: <4E8BCC2B.6080907@jesup.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] Summary of ICE discussion
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Oct 2011 04:13:29 -0000

On 10/4/2011 8:16 PM, Randell Jesup wrote:
> On 10/4/2011 10:52 PM, Matthew Kaufman wrote:
>> On 10/4/2011 9:24 AM, Hadriel Kaplan wrote:
>>>   requiring a more stringent JS trust model seems worthwhile to me.
>>>
>>
>> Great idea. Already being discussed elsewhere. Out of scope for both 
>> of these groups except to note that *if* someone solves the JS trust 
>> issue, we might be able to relax the ICE requirement when running 
>> applications that are "trusted".
>
>
> Right; pretty much the "Installed WebApp" model.
>
>>
>> I wouldn't be adverse to even saying just that in the requirements 
>> document that explains why ICE is needed.
>
> I'll agree with this approach.
>
> (Just to verify: which of many possible places are you referring to it 
> being discussed?)
>

I believe there will be a document produced by this WG that requires ICE 
and explains what security aspects it is addressing. That document would 
be the right place.

Matthew Kaufman