IETF Logo Mail Archive

Re: [Wish] Authentication for resource url

Matt Ward <mattward@mux.com> Thu, 16 September 2021 17:43 UTC

Return-Path: <mattward@mux.com>
X-Original-To: wish@ietfa.amsl.com
Delivered-To: wish@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DB253A30FA for <wish@ietfa.amsl.com>; Thu, 16 Sep 2021 10:43:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mux.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DAgz4ld4iFNx for <wish@ietfa.amsl.com>; Thu, 16 Sep 2021 10:43:17 -0700 (PDT)
Received: from mail-oi1-x229.google.com (mail-oi1-x229.google.com [IPv6:2607:f8b0:4864:20::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE6D13A30FC for <wish@ietf.org>; Thu, 16 Sep 2021 10:43:16 -0700 (PDT)
Received: by mail-oi1-x229.google.com with SMTP id v2so10099402oie.6 for <wish@ietf.org>; Thu, 16 Sep 2021 10:43:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mux.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=b+JV3kflGgW75tQlUjIMw0f1ECONQXsPkb/osm5KHUo=; b=jeqGs5qk6xlBJqd2g06X0/ANi6/D9tAJcf63bg9vAl/ni9HOKwLwyxYs3AO4Zo5uff AqgSZnq86JqhCTmeSXTTZw1vMlD9HJqcNK5aUOhPFqDxTBvi3skrOYQpHTC8BaaA43PN aQFsavU7iGXNQs27tQZZijDTlwE0PzdJOWBmA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=b+JV3kflGgW75tQlUjIMw0f1ECONQXsPkb/osm5KHUo=; b=DTn2gForyCDB+zMwuHpuFkwVDOhOMiZ7SdLYywGP92b+Xi3byoEt6atMqJPepN2RVH H6WVnSMr3cb58eNY5eBhnLWxHfdUUo93u4j6eIr4HzinGx3b2jrK5Q3qqn4RQI98uXZo r5w9wU0dl6DwJsIXHsaAeDNdekbTsGTz3XjaKuM7DXUeRVMcxO6aCPpmZdYEkA50emah ciO73m5ESaEjIlI8wiv8S/XyrZOcdNDdipv4Y1Jf5OD13sRh+GYOJAPq2ZWH0+ZNU8Ui lbkppzHkMMfki/+poWxW1/rmhoxX7hjUqGvOSvCncnQ4tR74SXAqn3jenm3nPBkaiuNN v1Pg==
X-Gm-Message-State: AOAM533i683CeDd0z1P6NZt49xYyfdM+Ess8jrhtutBm6MieyFYt6cUl nqXi4K0bM2AtAU1CaQ1YAKuiFnH6wi9sDb4vIpMUWy75IGnbog==
X-Google-Smtp-Source: ABdhPJw1YOKAu7XiYH3Khk9F7iPXiu2bIc/4oA0fClS+ZbZylZ2n94VcBaL9Ows3vv1XBJmErwZrV/NzAlgbkmrYf+I=
X-Received: by 2002:a05:6808:57a:: with SMTP id j26mr785976oig.13.1631814194951; Thu, 16 Sep 2021 10:43:14 -0700 (PDT)
MIME-Version: 1.0
References: <CA+ag07bjtS1Ucw1BZ5qQ_jJFfXbfQ3-hzDgxfkV1APhV1JZMnQ@mail.gmail.com> <CAABnt0M2Vg-9=SwX=O1mFbyYTS4b7ewmevW2qzMf17fsagoc2Q@mail.gmail.com> <CA+ag07aJKFy2s_UD0L-PaGHNwA9XH6Khz+0tReOMMcweJ0Q0hQ@mail.gmail.com> <CAABnt0MSUuxYK1CvOQUmC-a4b_U9m7YQ+vhXfjaaDxFZE+_JOQ@mail.gmail.com> <CA+ag07bb5WfoUJRkQt37nYtkmtEi=Kpp44ihVNGRd=OytakADg@mail.gmail.com> <CAABnt0PXKPejtywBDizx_Og0d0qPp6qa6cXXsCjBrbTQHN9pKg@mail.gmail.com> <CAMyc9bXUXR5nrxoQsQwDqE46sHWN_8vicG_c53ZruRbC0gfeMw@mail.gmail.com> <877dfk9fil.wl-jch@irif.fr> <CA+ag07ZxJF95xd7y_ToRRNJmbRboRR56t=mnW+nGYFqpAkH61g@mail.gmail.com> <8735q72yo4.wl-jch@irif.fr> <CA+ag07Z6_Nd2VvWG4HyuXK=E3u2xn8a2a_xVCEWk3_yyfQSp3A@mail.gmail.com> <87r1dr89mr.wl-jch@irif.fr> <a12adb1d-da65-8290-7d91-d911aa0aa6cc@nostrum.com> <87ee9qyyum.wl-jch@irif.fr> <87bl4uyxr4.wl-jch@irif.fr> <20210915121851.67088a25@lminiero> <HE1PR07MB4441791F1620CB6B6B9C5D8893DB9@HE1PR07MB4441.eurprd07.prod.outlook.com> <87y27xd6tl.wl-jch@irif.fr> <bd8bab3f-2bc9-1827-0184-2b5d1a5fb68e@nostrum.com>
In-Reply-To: <bd8bab3f-2bc9-1827-0184-2b5d1a5fb68e@nostrum.com>
From: Matt Ward <mattward@mux.com>
Date: Thu, 16 Sep 2021 10:43:04 -0700
Message-ID: <CAABnt0MKd-MH1L4V=hVuhYJHHHv-nco98-0pTDzVhS04Wk2o2w@mail.gmail.com>
To: Adam Roach <adam@nostrum.com>
Cc: WISH List <wish@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006e13dd05cc205964"
Archived-At: <https://mailarchive.ietf.org/arch/msg/wish/6S4OOy8hETpzQyYH1yGw9uT4lOc>
Subject: Re: [Wish] Authentication for resource url
X-BeenThere: wish@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: WebRTC Ingest Signaling over HTTPS <wish.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wish>, <mailto:wish-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wish/>
List-Post: <mailto:wish@ietf.org>
List-Help: <mailto:wish-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wish>, <mailto:wish-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Sep 2021 17:43:23 -0000

I would still reiterate that I strongly recommend that the spec does not
prohibit the lack of an Authentication header and therefore in some way
permits building an experience really close to that of RTMP such that we do
not have to retrain broadcasters. I think keeping things close to RTMP will
help this spec see better adoption in the ecosystem. I really do want this
spec to succeed and I do believe that keeping the requirements as minimal
as possible will help speed up adoption.

The question here I think should be, is WHIP as a spec actually incomplete
and not independently useful without a specification of authentication? Can
(and should) that be covered in optional extensions of the base spec
that makes no mention of authentication?

On Wed, Sep 15, 2021 at 12:11 PM Adam Roach <adam@nostrum.com> wrote:

> On 9/15/21 13:36, Juliusz Chroboczek wrote:
> > if we expect WHIP to run in cleartext
>
>
> We can't. Our charter doesn't let us define WHIP over HTTP. We're only
> allowed to define WHIP over HTTPS.
>
> /a
>
> --
> Wish mailing list
> Wish@ietf.org
> https://www.ietf.org/mailman/listinfo/wish
>

v2.8.7 | Report a Bug | By Email