Re: Clarification: Call for adoption - use case for "Trusted application, untrusted intermediary" from Bernard Aboba on 2018-11-29 (public-webrtc@w3.org from November 2018)

From: Bernard Aboba <Bernard.Aboba@microsoft.com>
Date: Thu, 29 Nov 2018 20:08:18 +0000
To: Silvia Pfeiffer <silviapfeiffer1@gmail.com>, Harald Alvestrand <harald@alvestrand.no>
CC: public-webrtc <public-webrtc@w3.org>
Message-ID: <MW2PR00MB033287B9490464569E50DFD2ECD20@MW2PR00MB0332.namprd00.prod.outlook.com>

Silvia said:

"If this is for using something like a third party SFU, video server or MCU? So is the goal to avoid terminating the encryption at these third party servers? "

[BA] That is a frequently discussed use case, but not necessarily the only one.  The document probably needs to be clear on exactly what is desired and how it differs from what the Web platform already supports.  Browsers already support content protection (e.g. via EME and MSE) and applications can already gain access to media for the purpose of encryption/decryption.  One could read the use case as just a request for a performance enhancement for existing functionality, but perhaps that isn't what is desired.
________________________________
From: Silvia Pfeiffer <silviapfeiffer1@gmail.com>
Sent: Thursday, November 29, 2018 10:29 AM
To: Harald Alvestrand
Cc: public-webrtc
Subject: Re: Clarification: Call for adoption - use case for "Trusted application, untrusted intermediary"

If this is for using something like a third party SFU, video server or MCU? So is the goal to avoid terminating the encryption at these third party servers?

Cheers,
Silvia.

On Fri., 30 Nov. 2018, 12:00 am Harald Alvestrand <harald@alvestrand.no<mailto:harald@alvestrand.no> wrote:
In this call for adoption, I have counted 11 particiants, but only been
able to match three clearly to a position (1 yes and 2 no).

If anyone wishes to state a position on adoption of this use case,
please do so ASAP.

NOTE: The most relevant comment was probably "The requirements as
written are hopelessly vague"; I hope we have a volunteer to propose a
better requirements statement (hopefully as a PR against "scenarios").

We might end up with multiple use cases from that exercise.

Den 20.11.2018 09:59, skrev Harald Alvestrand:
> **
>
> *From the Lyon summary of actions:“The WG adopts the E2E use case where
> we trust the application, but not the relay. (to be verified on the list)”*
>
> *
>
> The question is whether we should include in our “NV Scenarios” document
> the scenario currently described in
> https://w3c.github.io/webrtc-nv-use-cases/#securecommunications*-<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebrtc-nv-use-cases%2F%23securecommunications*-&data=02%7C01%7CBernard.Aboba%40microsoft.com%7Ca5b3aae04e844f81c1fe08d6562fb944%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C1%7C636791160303723256&sdata=NNI0KI6li9owYuEqmbs0SydLyEwVsap80qQB8%2BCerGA%3D&reserved=0> where
> the application (Web page) is fully trusted, but uses a relay service
> that should not be able to decode the transmitted media.
>
>
> The consensus in the meeting in Lyon was that this use case should be
> included; this call serves to verify that consensus on the list.
>
> Unless objections are raised and verified to be widely held in the
> discussion, the chairs will assume that the WG has consensus to include
> this use case.
>
> If you object to this document being adopted, please say so to the list
> before or on Wednesday, November 28.
>
> *Harald, for the chairs*
>
> *
>

Received on Thursday, 29 November 2018 20:08:42 UTC