[guardian-dev] WebRTC

[Daniel Pocock]

On 31/07/13 16:11, Timur Mehrvarz wrote:
> WebRTC can go direct browser-to-browser and usually does so over UDP.
> WebSockets (+relay) are only needed to help establish the WebRTC link.

If users are behind the same NAT, or if they are behind "friendly" NATs,
the ICE protocol will help them discover each other and talk without relay

If not, ICE will figure out that they need a relay and it will send them
to a TURN server

Clients can demand to use the relay on every call if they want to (e.g.
for hiding their location)


> It usually only takes a split second before the Websocket link is again
> disconnected. Quick animation: http://mehrvarz.github.io/img/2e0cu.gif
>
> On 07/30/2013 03:29 PM, Tim Prepscius wrote:
>> Is it actually browser -> browser or is it browser -> web-socket-relay
>> -> browser?
>>
>> -tim
>>
>> On 7/30/13, Timur Mehrvarz <timur.mehrvarz at riseup.net> wrote:
>>> On 21.05.2013 22:17, Nathan of Guardian wrote:
>>>> On 05/18/2013 06:34 PM, David Oliver wrote:
>>>>
>>>>> Also, what about WebRTC?  That's a Google-championed effort.
>>>> There were a few WebRTC sessions at IO. I think it is still considered
>>>> experimental.
>>>>
>>> I've played around with WebRTC in Firefox and Chrome. I've written a
>>> small but selfcontained RTC rendezvous ("signaling" in Google lingo)
>>> service. Pure data (text based chat) currently works work best in
>>> Firefox (22+ on the desktop; nightly 25+ on Android). Functionality is
>>> stable and usability is great: all you need is the browser.
>>>
>>> Because WebRTC is about direct browser-to-browser communication,
>>> anonymity is not what it provides. But I would like to find out what you
>>> think about the security being provided. WebRTC is making use of
>>> DTLS-SRTP keying (http://tools.ietf.org/html/rfc5764). I was a little
>>> surprised to see that TCPdump is showing a constant data stream on the
>>> UDP port, even when no user data is being transfered.
>>>
>>> As someone else asked in the Tox.im thread: is this secure and safe to use?
>>>
>>> -Timur
>>>
>>> _______________________________________________
>>> Guardian-dev mailing list
>>>
>>> Post: Guardian-dev at lists.mayfirst.org
>>> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>>>
>>> To Unsubscribe
>>>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>>>         Or visit:
>>> https://lists.mayfirst.org/mailman/options/guardian-dev/timprepscius%40gmail.com
>>>
>>> You are subscribed as: timprepscius at gmail.com
>>>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>         Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/daniel%40pocock.com.au
>
> You are subscribed as: daniel at pocock.com.au