Le mardi 13 janvier 2009 à 22:44 +0100, michel memeteau a écrit : > On Tue, Jan 13, 2009 at 9:00 PM, Ed <ek...@0x1b.com> wrote: > >> > > http://wiki.ekiga.org/index.php/Ekiga_behind_a_NAT_router#Using_Ekiga_through_a_http_proxy > > > > It's binary only and it's proprietary (patent pending)... > > > > > and therefore useless AFAIAC > > does an advert belong in that location on the Wiki? > > The correct venue to acquire the gift from our government of > privileges for your intangible asset is the Copyright system - > patents > are inappropriate for semantic works of any kind. > link sent to: > http://endsoftpatents.org/ > http://dotank.nyls.edu/communitypatent/ > > whoua. calm down. I never said realtunnel was open source, everyBody > knows that , advertise for a "standard" proprietary solution to > tunnel SIp traffic so people can use Ekiga is a far better solution > for me than saying " ask your admin to change the router .... " > > In the same Manner we advert on the wiki for proprietary SIP software > in order to improve interop....
Ouch, it seems the guiltiness falls on my shoulders; as I'm the one who wrote the page about interop in the wiki. Still, I could drop the hot potato to someone else, deeper involved in the project. I wont. And I hope everybody will understand why this is the wrong way to do so. Let's clarify some points, and I speak here on my own, still all relevant people involved in Ekiga are listening ;) * I wish the world is perfect, i.e. no useless struggles between people. It's clearly not the case. There is struggle everywhere. Whatever you do, you get involve in it, and worst, it judges you because you have to take side. You cannot say you're like Robinson in its island only dealing with your pal Friday. What concerns me, is people urging you take side between some principles (and I agree they're good) and some people. Principles Versus people is wrong. This is a mistake to take some principle from a theory and turn them into a Dogma. Why? Because reality, from the point of view of humanity, is mostly a creation. Even the time where we could say Mother Nature was out of reach and we could take some principles out of it is gone. We can play with nature, transform it at the DNA level, change so many things in it etc. We are the species which can transform the world, while other species mostly just adapt themselves or die. Any Dogma is against evolution, just like if we reached perfection. This is something to consider, at any level, including the software field. Why did RMS created the LGPL? As a tool in the struggle, because there is part of the software field where we are strong enough to lead, and there is part where we are weak; there is part where we can be offensive-directly stand up in front of the enemy, and there is part where we have to be defensive-indirectly trying to influence the move of the enemy. Struggle is a kind of game where the goal is to influence the enemy to make him move in the direction best for you. You can either do it by the mean of destruction, e.g. using the GPL, where you destroy the enemy force by replacing it with your own force, either by the mean of reinforcement of your own position to push the enemy in a position you consider best for you; using its own force to make him fall. A Dogma will most probably fail in struggle because it implies the enemy's move is all taking care by the Dogma, like if all enemy's moves can be pre-calculate without any mistake, any surprise. Principles cannot be more that just guidelines for the warriors. Struggle is more an art, than science. * As supporters of free softwares, we stand up for freedom. We use to say free as in free speech, thus we consider any human worth enough to give him all necessary knowledge/tools to get involve in our struggle to free people, while proprietary software will try to make people dependant. The proprietary software RealTunnel(tm) from Paradial is patented and binary only. But the technologies it relies on to do the job is either a standard (in the sens of IETF: STUN, TURN, ICE, VPN, etc.) or HTTP tunneling which is non-standard but is already found in e.g. wengophone. This implies Paradial position is rather weak, and IMHO explains why this software is free as in free beer. Paradial is not leading, still they try to explain they are. Let's see how. The main argument of Paradial, except the connectivity, is security. See: http://www.paradial.com/storage/Elements/Paradial-FW-NAT-Whitepaper.pdf Of course, they do not explain how can a binary only software be trustworthy. Leading encryption software are released in the form of source code for code auditing/review by peers, e.g. PGP. This is something people taking side for free software say most of the time. Free software are more secure because design and implementation are know. Paradial's security argument is their software can be used without any change of the NAT network (which is the technical issue to get connectivity). They claim actual NATs, Firewalls and routers are mostly used for security reason and as their software can work with them as they are, their software is part of the security policy. Thus it is not only good for connectivity, it is safer than other solutions. We _must_ break this argument down. Why? 1- It is true actual NATs, Firewall and routers are often designed with security in mind. We might even consider worst NAT for VoIP (symmetric NATs), which totally breaks VoIP connectivity are the most secure. The issue here is those equipments where not designed with security _and_ VoIP in mind. This is the result of a misery at the level of internet standards. There is still no standards for the internet to get VoIP standards like SIP and Nats/router/firewall to work together. As a result of this situation, NATs designers are free to design security as they want and it is just a mess for VoIP. While Paradial is claiming they are the solution, standards of the internet are fortunately improving and work is going to define a standard for NAT and VoIP interoperability. see: http://www.ietf.org/html.charters/behave-charter.html The explicit purpose of this IETF working group is to define a set of standard to have interoperability between NATs and VoIP at the internet level. If one compare the job of this IETF working group and the job of Paradial, one should agree the right solution for connectivity in the VoIP fiel is defining standards, not taking the actual broken internet for granted like Paradial claims. And as Paradial does use so many standards from the IETF, it is almost impossible to consider this company is not aware of this work in progress. Paradial is just taking advantage of the actual broken internet, just like Skype is doing. If Paradial can get their softwares and SDK widely used, they will hold back the spread of the new standards for NATs and VoIP interoperability. Their actual defensive position -giving for free (as in free beer) their software and providing a SDK to implement in VoIP clients- is quite clever. They reinforce their position in the hope of moving main VoIP actors in dependency. 2- In one hand, the very high level of complexity to bypass actual NATs, as proven by the 9 (!) different techniques Paradial use, implies the effort to secure the network is more prone to failure. More, as many NATs are not designed to support VoIP through an established standard and as Paradial software is designed to still bypass the policy security, it can be considered as a hole in the policy security, just like Skype can be considered too. In the other hand, the IETF is working to simplify this level of complexity by making clear for NATs designers how to integrate VoIP communications in their equipments. A good security policy is established when all components are working hand to hand. Paradial strategically takes for granted in their marketing communication this will not happen. Free software supporters always ask for specifications, for knowledge on how does thing works, and we are not satisfy until we have control over all components, especially to make them working great all together. This improve security and open fields for innovation. 3- Paradial agree some of the techniques they use for the worst case scenarii do have a cost on the VoIP communication quality. This is especially true for the HTTP tunneling. While the idea to provide a SIP proxy/TURN server in the private LAN is quite clever in some scenarii, this require a quite high level expertise to install, thus is not the target of user in our wiki when we advertise for this solution. We can agree, most people using Paradial software will use the HTTP tunneling, thus they will not get Ekiga's capabilities at its best. It is not quite clear to me if the client they provide can play the role of an HTTP server, but even if it is the case, you most probably need the Paradial client both side, as Ekiga wont understand the HTTP stream on the other side. Thus if we want this to really improve connectivity for all our users, we probably should ask all of them to install the Paradial client, just in case someone will try to contact them using the HTTP tunnel. If someone will just use Ekiga to contact only a few people they can just all install the Paradial client, still this is something to clarify in the wiki. Thus people in need of this solution will get worst communications and lower security both side as explained above. Most of the efforts put in the wiki page are to help people configure their network to get the best quality. Still, I do agree some people can't change their network settings. If one consider the implication of advertising for Paradial client to really get connectivity in all scenarii, this quite the same as asking for partnership with this company, and will show _we_ failed doing good connectivity on our own, while the issue is at a higher level: at the internet level as explained above. But why should we loose the battle, when there is people doing good job on our side? * Most of the job done by Paradial was to use internet standards (STUN, TURN, ICE, VPN, etc.) and adding their own hack in the HTTP tunneling form, and pack it all together with a GUI. (Plus the ability to have their VoIP proxy on front of the LAN). We do have people coding free software for all those technologies, we haven have some code for HTTP tunneling in the wengosoftphone (well, we probably lack the server part). We can take advantage of that. This means some work to find how good existing solution from free software are, how to integrate, etc. We might lack enough ressources to properly do the job, still there is ressources. * Paradial, like Skype, shows there is a conflict between improving the internet for VoIP and holding it back for profit and expertise on badly hacking internet. As Ekiga had always stand for standards, promoting solutions like Paradial client without explaining why connectivity fails, means shooting us in the foot. At least, we should explain why solution like Paradial client, or Skype does exist, and why this is just a matter of time before they fall in oblivion. We can play a role to make this fall happen sooner, either by promoting/helping free software solution using standards, either by giving people the knowledge why actual times are bad for VoIP connectivity. e.g. I will not buy a router which is VoIP unfriendly, if my corporate environnement is not VoIP friendly, I will ask the admin to change the policy etc. > > My question was more : does it work for you ? if it doesn't I won't > advertise, but I've heard it was. To summarise, my point is not to find out if Paradial client does work or fail, my point it to show the world even if Paradial client does a good job for connectivity, it is historically determined. History is going forward, the sooner the need of solutions like Paradial client or Skype will fall, the better for freedom. I hope we all agree on this. Deciding if we should advertise for the Paradial solution in the wiki is just a matter of strategy. This is something we should all discuss. And not using Dogma. Please. Fact is we are weak in the field of connectivity if compared with e.g. Skype. This is a well know fact. Even if it concerns a few people, it directly impact our reputation. Why improving the connectivity now? Should we wait standards? Is the cost worth it? Best regards, Yannick _______________________________________________ ekiga-list mailing list ekiga-list@gnome.org http://mail.gnome.org/mailman/listinfo/ekiga-list