/
index.html
699 lines (692 loc) · 26.9 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta name="generator" content="HTML Tidy for HTML5 for Linux/x86 version 5.3.9">
<meta charset="utf-8">
<link href="webrtc.css" rel="stylesheet">
<title>WebRTC Next Version Use Cases</title>
<script class="remove" src="https://www.w3.org/Tools/respec/respec-w3c-common" type="text/javascript"></script>
<script src="respec-config.js" class="remove"></script>
</head>
<body>
<section id="abstract">
<p>This document describes a set of use cases motivating the development of
WebRTC Next Version (WebRTC-NV), as well as the requirements derived from
those use cases.</p>
</section>
<section id="sotd"></section>
<section id="overview*">
<h2>Scope and Motivation</h2>
<p>To motivate the development of WebRTC 1.0, the IETF RTCWEB WG developed [[RFC7478]].
This document describes use cases motivating the development of
"WebRTC Next Version" (WebRTC-NV), and the requirements deriving from those use cases.
The use cases fall into one of two categories:
enhancements to use cases already covered in [[RFC7478]], and
new use cases which are not supported in WebRTC 1.0 [[WEBRTC]] without extensions.</p>
<section id="conformance">
</section>
</section>
<section id="existingusecases*">
<h2>Existing Use Cases</h2>
<p>The uses cases in this section improve upon use cases described in [[RFC7478]].</p>
<section id="multipartygame*">
<h3>Multiparty online game with voice communications</h3>
<p>[[RFC7478]] Section 2.3.12 describes a use case involving a multiparty online game
with voice communications. In these scenarios, reducing time to join the game and
receive media is important. To minimize this, ICE enhancements are desirable, such as
the ability to control candidate gathering and pruning. Also, allowing a participant
to broadcast a configuration to a “room” abstraction (maintained on a server), with
other room participants responding back directly, avoiding a separate discovery step,
minimizes conference establishment time. Also, managing audio quality and latency in
a fair manner between multiple connections prevents queue buildup. Supporting this
enhancement adds the following requirements:</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N01">
<td>N01</td>
<td>The user agent can control candidate gathering
and pruning, limiting the networks on which candidates
are gathered, the types of candidates, etc.</td>
</tr>
<tr id="N02">
<td>N02</td>
<td>The user agent must be capable of establishing multiple
connections to peers without generating a separate
configuration ("offer") for each connection prior to
establishment.</td>
</tr>
<tr id="N03">
<td>N03</td>
<td>Congestion control must be able to manage audio
quality and latency in a fair manner between multiple
connections.</td>
</tr>
</tbody>
</table>
<p>Experience: This use case has been implemented by a gaming service utilizing [[ORTC]].</p>
References:
<ol>
<li><a href="https://github.com/w3c/ortc/issues/54">ORTC Issue 54</a></li>
<li><a href="https://github.com/w3c/ortc/issues/603">ORTC Issue 603</a></li>
</ol>
</section>
<section id="mobility*">
<h3>Mobility</h3>
<p>[[RFC7478]] Section 2.3.6 describes a simple communications service where the user changes access network
during the session. This use case is enhanced by being able to re-route media over an alternate path
(potentially taking network cost into account) without need for signaling.</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N04">
<td>N04</td>
<td>The ICE agent must be able to maintain multiple
candidate pairs and move traffic between them.</td>
</tr>
<tr id="N05">
<td>N05</td>
<td>The ICE agent must be able to take the network
cost into account when considering re-routing.</td>
</tr>
</tbody>
</table>
<p>References:</p>
<ol>
<li><a href="https://lists.w3.org/Archives/Public/public-webrtc/2018May/0079.html">Mailing list proposal</a></li>
<li><a href="https://lists.w3.org/Archives/Public/public-webrtc/2018May/0019.html">Mailing list proposal</a></li>
<li><a href="https://github.com/w3c/ortc/issues/583">ORTC Issue 583</a></li>
</ol>
</section>
<section id="videoconferencing*">
<h3>Video Conferencing with a Central Server</h3>
<p>[[RFC7478]] Section 2.4.3.1 describes a use case involving Multiparty Video Communications with
a central conferencing server. In such a use case, clients with disparate capabilities such as
differing bandwidth availability,
screen size and maximum displayable frame rate may participate in the same conference.
In such a situation it is advantageous to support Scalable Video Coding (SVC).
Encoding with temporal scalability is supported by several browsers today and is utilized by most
centralized conferencing services.</p>
<p>It is expected that spatial scalability (supported by VP9 and AV1) will become more popular with time.
In this use case, if the desired video codec is known beforehand and participants are muted by default
(as in a very large meeting), it is desirable to allow new participants to start receiving immediately,
without negotiation. Supporting this enhancement adds the following requirements:</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N06">
<td>N06</td>
<td>The user agent must be able to encode and decode
video utilizing temporal scalability and (if supported
by the chosen codec) spatial scalability.</td>
</tr>
<tr id="N07">
<td>N07</td>
<td>A user agent can receive audio/video without requiring
construction of a corresponding sender object.</td>
</tr>
<tr id="N08">
<td>N08</td>
<td>It is possible to select the sending and/or
receiving codec as well as rtcp parameters and
header extensions without negotiation.</td>
</tr>
<tr id="N09">
<td>N09</td>
<td>The user agent must be able to control
robustness (RTX, RED, FEC) applied to individual
simulcast and SVC layers.</td>
</tr>
<tr id="N24">
<td>N24</td>
<td>CSP support for WebRTC.</td>
</tr>
</tbody>
</table>
<p>This use case has been implemented by conferencing services utilizing [[ORTC]],
as well as proprietary additions to [[WEBRTC]].</p>
</section>
</section>
<section id="newusecases*">
<h2>New Use Cases</h2>
<p>Several new uses cases relate to scenarios that cannot be supported in [[WEBRTC]] without extensions.</p>
<section id="filesharing*">
<h3>File Sharing</h3>
<p>Participants in a mesh exchange large files without disruption to audio/video sessions.
It is also possible for a participant to send a large file to a user who is not currently online.
Supporting this use case adds the following requirements:</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N10">
<td>N10</td>
<td>It must be possible for the user agent to initiate
transfer of a large file with a single API operation.</td>
</tr>
<tr id="N11">
<td>N11</td>
<td>The application must be able to signal backpressure
(flow control) when receiving data. It must also
receive a backpressure signal when sending data.</td>
</tr>
<tr id="N12">
<td>N12</td>
<td>It must be possible for the user agent to transfer
data utilizing a congestion control algorithm
that does not compete aggressively with
audio/video communications.</td>
</tr>
<tr id="N13">
<td>N13</td>
<td>It must be possible to support data exchange
in a worker.</td>
</tr>
<tr id="N24">
<td>N24</td>
<td>CSP support for WebRTC.</td>
</tr>
</tbody>
</table>
<p>References:</p>
<ol>
<li><a href="https://lists.w3.org/Archives/Public/public-webrtc/2018May/0079.html">Mailing list discussion</a></li>
<li><a href="https://lists.w3.org/Archives/Public/public-webrtc/2018May/0082.html">Mailing list discussion</a></li>
</ol>
</section>
<section id="iot*">
<h3>Internet of Things</h3>
<p>An IoT sensor maintains a long-term connection and seeks to minimize power consumption.
Some of the sensor’s data may need to be sent reliable and ordered while other sensors may
provide data that can be sent unreliable and unordered or in a partially reliable manner.
This use case adds the following requirements:</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N14">
<td>N14</td>
<td>The application must be able to minimize ICE
connectivity checks.</td>
</tr>
<tr id="N15">
<td>N15</td>
<td>The application must be able to control aspects
of the data transport (e.g. set the SCTP
heartbeat interval or turn it off), RTO values,
etc.</td>
</tr>
<tr id="N16">
<td>N16</td>
<td>It must be possible to send arbitrary data
reliable, unreliable or partially reliable with
a specific maximum number of retransmissions
or a specific maximum timeout.</td>
</tr>
<tr id="N17">
<td>N17</td>
<td>It must be possible to send arbitrary data
ordered or unordered.</td>
</tr>
<tr id="N24">
<td>N24</td>
<td>CSP support for WebRTC.</td>
</tr>
</tbody>
</table>
<p>Reference</p>
<a href="https://lists.w3.org/Archives/Public/public-webrtc/2018May/0079.html">Mailing list discussion</a>
</section>
<section id="funnyhats*">
<h3>Funny Hats</h3>
<p>A communications service that manipulates captured media prior to encoding and after
decoding to provide effects including:</p>
<ol>
<li>Captioning</li>
<li>Transcription</li>
<li>Language translation</li>
<li>Funny hats</li>
<li>Background removal or blurring</li>
<li>In-browser compositing</li>
<li>Voice effects</li>
<li>Stress detection</li>
</ol>
<p>This use case requires manipulation of raw media from both local and remote sources. Since
media processing can be CPU intensive, enabling it to occur off the main thread is important,
as is enabling the processing to take advantage of the GPU. This use case adds the following
requirements:</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N18">
<td>N18</td>
<td>The application must be able to obtain raw media
from the capture device in desired formats.</td>
</tr>
<tr id="N19">
<td>N19</td>
<td>The application must be able to insert processed
frames into the outgoing media path.</td>
</tr>
<tr id="N20">
<td>N20</td>
<td>The application must be able to obtain decoded
media from the remote party.</td>
</tr>
<tr id="N21">
<td>N21</td>
<td>It must be possible to efficiently share media
between the main thread and worker threads.</td>
</tr>
<tr id="N22">
<td>N22</td>
<td>It must be possible to do efficient media
manipulation in worker threads by utilizing the GPU.</td>
</tr>
<tr id="N24">
<td>N24</td>
<td>CSP support for WebRTC.</td>
</tr>
</tbody>
</table>
<p>References:</p>
<ol>
<li><a href="https://lists.w3.org/Archives/Public/public-webrtc/2018May/0037.html">Mailing list discussion</a></li>
<li><a href="https://lists.w3.org/Archives/Public/public-webrtc/2018Jun/0006.html">Mailing list discussion</a></li>
<li><a href="https://ai.googleblog.com/2016/11/enhance-raisr-sharp-images-with-machine.html">Sharper Image Research</a></li>
</ol>
</section>
<section id="machinelearning*">
<h3>Machine Learning</h3>
<p>In a web game called “NameTheBird.com” participants use their devices to provide audio and video observations of
birds to the service along with identifications for training purposes, allowing the service to identify birds from
the provided audio and video and returning this information to the users in real-time.</p>
<p>The web application has a site specific federated learning-based classifier for contextual object detection,
user intent prediction and media manipulation, allowing it to augment the streams it receives and inject identifying
or other supplemental information into the streams sent or received.</p>
<p>The shared classification models are trained on the birds found by the participants and are based on the feedback
of the participants. Each device client updates of the model are up-streamed to a shared model server that pushes
updates of the global model to the clients.</p>
<p>Implementation outline:</p>
<ol>
<li>Originating media (raw) streams are cloned for inference and training purposes, denoted “inference stream” and
“training stream”, with the inference stream also being the media stream shared with peer(s). The cloning can occur
any time during a session.</li>
<li>Inference stream: A web site specific classifier acts on the raw inference stream, with the result used to
guide a custom encoder in the sender device and send metadata to the server and peer devices outside the media stream.
The encoder adds proper augmentation, e.g. sign with “name this bird” hovering over the enlarged bird in case of video
enrichment, or enhanced bird song if audio.</li>
<li>Training stream: Model in training classifies the raw data and evaluate the classification using user feedback,
said feedback loop being web site specific. The evaluation may be “online” or “offline”, offline meaning the training
is done at a later stage on the recorded encoded media set.</li>
<li>Both inference stream and training streams may use payload protection depending on trust model on compute
resources for optional intermedia server side of app.</li>
<li>Both inference stream and training streams use transport object for communicating with peers or servers,
the communication in some cases can be a site specific QUIC based transport solution, in others RTP based.</li>
</ol>
<p>This use case adds the following requirements:</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N18">
<td>N18</td>
<td>The application must be able to obtain raw media
from the capture device in desired formats.</td>
</tr>
<tr id="N19">
<td>N19</td>
<td>The application must be able to insert processed
frames into the outgoing media path.</td>
</tr>
<tr id="N20">
<td>N20</td>
<td>The application must be able to obtain decoded
media from the remote party.</td>
</tr>
<tr id="N21">
<td>N21</td>
<td>It must be possible to efficiently share media
between the main thread and worker threads.</td>
</tr>
<tr id="N22">
<td>N22</td>
<td>It must be possible to do efficient media
manipulation in worker threads by utilizing the GPU.</td>
</tr>
<tr id="N24">
<td>N24</td>
<td>CSP support for WebRTC.</td>
</tr>
</tbody>
</table>
</section>
<section id="vr*">
<h3>Virtual Reality Gaming</h3>
<p>A virtual reality gaming service utilizing a centralized conferencing server wants
to synchronize data with media, using an existing Selective Forwarding Unit (SFU)
to distribute the data. This use case adds the following requirements:</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N23">
<td>N23</td>
<td>The user agent must be able to send data synchronized
with audio and video.</td>
</tr>
<tr id="N24">
<td>N24</td>
<td>CSP support for WebRTC.</td>
</tr>
</tbody>
</table>
<p>References:</p>
<a href="https://lists.w3.org/Archives/Public/public-webrtc/2018May/0063.html">Mailing list discussion</a>
</section>
<section id="no-trust-webex">
<h3>Don't Pown My Video Conferencing </h3>
<p>
Cloud video conferencing systems have no need to be able to access
the cleartext media and text flowing through their servers.
Some of these conferencing services desire to be able to promote trust
by explicitly showing they do not have access to contents of their
users' calls. They are trusted to connect the right people to the
conference and to route the packets but they are not trusted to access
the audio and video media or text in the call.
</p>
<p>Solutions to this problem fall into two major categories: one where
the JavaScript comes from a source trusted to see the media contents,
and one where it does not.
</p>
<section id="untrusted*">
<h4>Untrusted JavaScript Cloud Conferencing</h4>
<p>
There are many cases where a system such as WebEx is trusted to
connect the members of a conference but has no need to access the
contents of the conference. This is true of the majority of
conferencing systems on the web today. Just to highlight the
scope of this requirement, there are more minutes of WebRTC
that are used in conferences where the servers have no need
to access the contents (e.g. where audio is forwarded rather than
mixed) than any other use of WebRTC audio by orders of magnitude.
This is one of the primary use case for WebRTC audio and accounts
for billions of minutes per month of potential use of WebRTC.
</p>
<p>
In this use case, the JavaScript comes from the operator of the
conference bridge. The isolated media features of WebRTC can
prevent the JavaScript from accessing the media and the identity
features are used to provide a user interface that allows the
user to know it connected to the correct conference. The goal is
for the end users to be able to see the contents, but the web
service that provides the JS and the media switching bridges
and Selective Forwarding Units (SFUs) cannot access the contents
(audio, video, text). The browser may choose to reveal some
metadata, such as the audio power level, to the media server,
in order to support functions like speaker switching.
</p>
<p>
A possible solution this problem is the browser to negotiate
end-to-end encryption keys which are not revealed to the
JavaScript.
</p>
<p>
Security requirements relating to this use case are discussed
in [[MLS-ARCH]], and include the following:
</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N25">
<td>N25</td>
<td>Only current group members can receive media or
text sent to the group.</td>
</tr>
<tr id="N26">
<td>N26</td>
<td>A group member cannot send media or text that
appears to be from another group member.</td>
</tr>
<tr id="N27">
<td>N27</td>
<td>The conference server must not have access to
cleartext media or text or to the identity of
group members.</td>
</tr>
<tr id="N28">
<td>N28</td>
<td>Perfect Forward Secrecy (FCS): access to encrypted
traffic as well as all current keying material does
not compromise the secrecy of media or text older
than the oldest key of a compromised client.</td>
</tr>
<tr id="N29">
<td>N29</td>
<td>Post Compromise Security (PCS). Protection against
past or future device compromise.</td>
</tr>
</tbody>
</table>
</section>
</section>
</section>
<section id="requirements*">
<h3>Requirements Summary</h3>
<p>This section summarizes the requirements arising from
the use-cases included in this document.</p>
<table class="simple">
<thead>
<tr>
<th>Requirement ID</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="N01">
<td>N01</td>
<td>The user agent can control candidate gathering
and pruning, limiting the networks on which candidates
are gathered, the types of candidates, etc.</td>
</tr>
<tr id="N02">
<td>N02</td>
<td>The user agent must be capable of establishing multiple
connections to peers without generating a separate
configuration ("offer") for each connection prior to
establishment.</td>
</tr>
<tr id="N03">
<td>N03</td>
<td>Congestion control must be able to manage audio
quality and latency in a fair manner between multiple
connections.</td>
</tr>
<tr id="N04">
<td>N04</td>
<td>The ICE agent must be able to maintain multiple
candidate pairs and move traffic between them.</td>
</tr>
<tr id="N05">
<td>N05</td>
<td>The ICE agent must be able to take the network
cost into account when considering re-routing.</td>
</tr>
<tr id="N06">
<td>N06</td>
<td>The user agent must be able to encode and decode
video utilizing temporal scalability and (if supported
by the chosen codec) spatial scalability.</td>
</tr>
<tr id="N07">
<td>N07</td>
<td>A user agent can receive audio/video without requiring
construction of a corresponding sender object.</td>
</tr>
<tr id="N08">
<td>N08</td>
<td>It is possible to select the sending and/or
receiving codec as well as rtcp parameters and
header extensions without negotiation.</td>
</tr>
<tr id="N09">
<td>N09</td>
<td>The user agent must be able to control
robustness (RTX, RED, FEC) applied to individual
simulcast and SVC layers.</td>
</tr>
<tr id="N10">
<td>N10</td>
<td>It must be possible for the user agent to initiate
transfer of a large file with a single API operation.</td>
</tr>
<tr id="N11">
<td>N11</td>
<td>The application must be able to signal backpressure
(flow control) when receiving data. It must also
receive a backpressure signal when sending data.</td>
</tr>
<tr id="N12">
<td>N12</td>
<td>It must be possible for the user agent to transfer
data utilizing a congestion control algorithm
that does not compete aggressively with
audio/video communications.</td>
</tr>
<tr id="N13">
<td>N13</td>
<td>It must be possible to support data exchange
in a worker.</td>
</tr>
<tr id="N14">
<td>N14</td>
<td>The application must be able to minimize ICE
connectivity checks.</td>
</tr>
<tr id="N15">
<td>N15</td>
<td>The application must be able to control aspects
of the data transport (e.g. set the SCTP
heartbeat interval or turn it off), RTO values,
etc.</td>
</tr>
<tr id="N16">
<td>N16</td>
<td>It must be possible to send arbitrary data
reliable, unreliable or partially reliable with
a specific maximum number of retransmissions
or a specific maximum timeout.</td>
</tr>
<tr id="N17">
<td>N17</td>
<td>It must be possible to send arbitrary data
ordered or unordered.</td>
</tr>
<tr id="N18">
<td>N18</td>
<td>The application must be able to obtain raw media
from the capture device in desired formats.</td>
</tr>
<tr id="N19">
<td>N19</td>
<td>The application must be able to insert processed
frames into the outgoing media path.</td>
</tr>
<tr id="N20">
<td>N20</td>
<td>The application must be able to obtain decoded
media from the remote party.</td>
</tr>
<tr id="N21">
<td>N21</td>
<td>It must be possible to efficiently share media
between the main thread and worker threads.</td>
</tr>
<tr id="N22">
<td>N22</td>
<td>It must be possible to do efficient media
manipulation in worker threads by utilizing the GPU.</td>
</tr>
<tr id="N23">
<td>N23</td>
<td>The user agent must be able to send data synchronized
with audio and video.</td>
</tr>
<tr id="N24">
<td>N24</td>
<td>CSP support for WebRTC.</td>
</tr>
<tr id="N25">
<td>N25</td>
<td>Only current group members can receive media or
text sent to the group.</td>
</tr>
<tr id="N26">
<td>N26</td>
<td>A group member cannot send media or text that
appears to be from another group member.</td>
</tr>
<tr id="N27">
<td>N27</td>
<td>The conference server must not have access to
cleartext media or text or to the identity of
group members.</td>
</tr>
<tr id="N28">
<td>N28</td>
<td>Perfect Forward Secrecy (FCS): access to encrypted
traffic as well as all current keying material does
not compromise the secrecy of media or text older
than the oldest key of a compromised client.</td>
</tr>
<tr id="N29">
<td>N29</td>
<td>Post Compromise Security (PCS). Protection against
past or future device compromise.</td>
</tr>
</tbody>
</table>
</section>
</body>
</html>