Since I've been part of almost every single one of the removals that
Cullen refers to, it's no surprise that my perspective differs.
The push towards apps is, to my mind, mostly pushing towards *mobile*
apps - they try to push users into the Android/IOS ecosystems because
that's where most of the users are, and therefore most of the money is.
On the desktop, the single vendor focusing near-exclusively on an app
solution is Zoom.
Once you have a mobile-focused codebase, it is easy to come to depend on
features (like, obviously, sending IP packets directly to your peer or
other entities without going through WebRTC's protocol stack) that would
be a security disaster if introduced into the Web ecosystem. (One can
argue that they are a security disaster in the mobile-app ecosystem as
well, but that's a different story.)
FWIW, the W3C has half a dozen extension documents to the WebRTC API.
That's where things are put while we try to make sure the core specs are
in a state one can refer to as "stable" - which includes
implementations, and yes, includes removing stuff that nobody's been
able to show can be implemented in a browser. This is part of what the
IETF process is supposed to do between "proposed standard" and
"standard" (but rarely does).
The process of feature removal in no way blocks the implementation of
new features. But the lack of a stable base specification is hampering
(not blocking) the work of defining extensions.
Cluster 238 is eagerly awaited.
Harald
On 4/2/20 10:30 PM, Cullen Jennings wrote:
Many of the things you need to do this were identified in developing WebRTC and put in specs. Many of them had the API in W3C specs that you need. But then the W3C marked them at risk because browser vendors did not implement them and removed them. Now if you write a patch to browser them implements them, they will not accept the patch because it is not in the spec.
The net effect is what is possible in the browsers experience is just worse than what is possible with non browser clients (it did not need to be like this but it is). Because of this you see all the major meeting systems heavily push users towards using a downloaded client instead of the browser experience.
The basic problem AFAIC is that at W3C, the browser have a defacto veto on anything so the API is not a negotiation between the the apps need and the browsers provide, it is more of a fait acompli of what Chrome is willing to provide. Anything chrome does not want to do, will effectively get removed from the spec because it will not have enough implementations. Once the app vendors realized that, most of them moved their focus outside of the browsers which is really unfortunate as the browsers protect the users from many security problems you are seeing today.
On Apr 1, 2020, at 5:53 AM, Carsten Bormann <cabo@xxxxxxx> wrote:
In the university, a lot of WebRTC is using Jitsi as a tool.
This works mostly well, with occasional surprises.
What we could use now is a better way to diagnose these surprises.
This requires WebRTC knowledge that our IT people don’t have.
A WebRTC troubleshooting guide that I could point them to would be most helpful.
(Debugging and fixing Jitsi so it works reliably with both Firefox and Chrome would also help.)
Grüße, Carsten
On 2020-03-22, at 06:45, Carsten Bormann <cabo@xxxxxxx> wrote:
On 2020-03-21, at 16:54, Livingood, Jason <Jason_Livingood@xxxxxxxxxxx> wrote:
what can this community (and similar/adjacent ones) do productively together to help
The one thing that would be most useful for me right now would be a document with operational considerations for keeping WebRTC running (e.g., How not to mess it up with your firewall).
Grüße, Carsten
