Re: [rtcweb] Requiring ICE for RTC calls

Cullen Jennings <> Wed, 28 September 2011 14:39 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 427E621F8BAB for <>; Wed, 28 Sep 2011 07:39:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -103.073
X-Spam-Status: No, score=-103.073 tagged_above=-999 required=5 tests=[AWL=-0.474, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LmNgwb9sQK+r for <>; Wed, 28 Sep 2011 07:39:21 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id B74D521F84BC for <>; Wed, 28 Sep 2011 07:39:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=2607; q=dns/txt; s=iport; t=1317220930; x=1318430530; h=subject:mime-version:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=qxw8WiP3YJP8nqocK2A+OHmOPqZECs4ko0x84dQgOTs=; b=YwAeLak0JZOmB69M6NCKH1PaH1OzXS7Lc8iM20fLE4/ubUgBrnV4l8TS qhCYNU9KpKu7HdhP/SWee8PcrKofTWnn3O5HqyX+yh+KpcoXiguiKYotx 90VnPBe7cnQ/SdJEGPLB0VFxLb7n7XHVhLEMkVZE/nrdR7UOyHJ/qnst9 Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av4EACAxg06rRDoJ/2dsb2JhbABBqAl4gVMBAQEBAgEBAQEPASc0CwULCw4KLicwBhMih1YGmgoBniEDhithBIdyi2OFIotoSg
X-IronPort-AV: E=Sophos;i="4.68,456,1312156800"; d="scan'208";a="4780209"
Received: from ([]) by with ESMTP; 28 Sep 2011 14:42:10 +0000
Received: from [] ( []) by (8.14.3/8.14.3) with ESMTP id p8SEfO1l027876; Wed, 28 Sep 2011 14:42:09 GMT
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Cullen Jennings <>
In-Reply-To: <>
Date: Wed, 28 Sep 2011 08:42:09 -0600
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <> <> <> <> <>
To: Justin Uberti <>
X-Mailer: Apple Mail (2.1084)
Cc: Randell Jesup <>,
Subject: Re: [rtcweb] Requiring ICE for RTC calls
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 28 Sep 2011 14:39:22 -0000

On Sep 26, 2011, at 11:36 PM, Justin Uberti wrote:

> Yes, most PSTN providers don't support ICE. They also often don't support SRTP, RTCP, RTP over TCP, or even jitter buffers.

uh, that's probably not right for most of the vendors but not sure it changes your point ....

> To run a robust telephony service, you will need to frontend that traffic with a media gateway of some sort, and that gateway can easily support ICE.

Many service providers front end their services with an SBC for a wide variety of reasons - and that is the place they would likely run ICE Lite (note it's not even full ICE they need). 

> On Tue, Sep 27, 2011 at 12:49 AM, Tim Panton <> wrote:
> On 26 Sep 2011, at 09:26, Roman Shpount wrote:
>> On Mon, Sep 26, 2011 at 11:48 AM, Matthew Kaufman <> wrote:
>> And "interoperability with SIP-PSTN providers" is only relevant if you are trying to turn the browser into another phone. We have enough phones. What we don't have are new real-time communication experiences that can only be created within this environment.
>> Are we deliberately creating an island? To be honest, I actually wanted to put RTC in the phone, instead of SIP. I think it would be a great idea to have desktop phone which runs a webkit browser with RTC and serves as an advanced display phone for a PBX. If RTC would not support no-ICE non-RTP calls, my only option would be to ignore the standard. So, in a sense we do not have enough phones.
> I am confused. Which phones today connect directly to a SIP to PSTN gateway ? I'd guess none. 
> Almost all of them go through some registrar and/or proxy.  
>> I think you point in a lot of ways is similar to the argument that we should disable HTTP and leave only HTTPS since it is the only secure way to communicate and everything else would be an attack vector.
> No, HTTP today does not let me probe the innards of your network ( inside your firewall) just by sending 
> a legal but evil payload. If you permit webRTC without ICE, then the browser can be told to fake up UDP packets
> and send them to anywhere on your inner LAN. DOS-city.
> Tim. 
> _______________________________________________
> rtcweb mailing list
> _______________________________________________
> rtcweb mailing list