michael@0: WEBVTT michael@0: michael@0: NOTE Validate on http://quuz.org/webvtt/ michael@0: NOTE http://developer.mozilla.org/en-US/docs/HTML/WebVTT/ michael@0: michael@0: denny01 michael@0: 00:00:22.750 --> 00:00:25.500 align:middle position:50% michael@0: Hi. I'm here to introduce Procom, michael@0: michael@0: denny02 michael@0: 00:00:25.500 --> 00:00:28.000 align:middle position:50% michael@0: the new protected communications platform. michael@0: michael@0: denny03 michael@0: 00:00:28.000 --> 00:00:32.500 align:middle position:50% michael@0: I'm a user myself, and with me is Cally Code the developer. michael@0: michael@0: denny04 michael@0: 00:00:32.500 --> 00:00:36.500 align:middle position:50% michael@0: First off, Procom is a project composed of several applications michael@0: michael@0: denny05 michael@0: 00:00:36.500 --> 00:00:39.500 align:middle position:50% michael@0: that share logic yielding protected communication. michael@0: michael@0: denny06 michael@0: 00:00:39.500 --> 00:00:42.000 align:middle position:50% michael@0: Let's consider the possibilities. michael@0: michael@0: boss01 michael@0: 00:00:42.000 --> 00:00:47.500 align:middle position:50% michael@0: Just what are the possibilities? What kind of use cases does Procom serve? michael@0: michael@0: denny07 michael@0: 00:00:47.500 --> 00:00:50.500 align:middle position:50% michael@0: Well, it includes sending instant messages, chatting... michael@0: michael@0: denny08 michael@0: 00:00:50.500 --> 00:00:54.000 align:middle position:50% michael@0: voice calls, video streaming, and more. michael@0: michael@0: secretary01 michael@0: 00:00:57.500 --> 00:00:59.000 align:middle position:50% michael@0: Oh my! I'm so bored... michael@0: michael@0: secretary02 michael@0: 00:00:59.000 --> 00:01:02.500 align:middle position:50% michael@0: Waiting for customers to call on this old fashioned phone. michael@0: michael@0: secretary03 michael@0: 00:01:02.500 --> 00:01:04.250 align:middle position:50% michael@0: They can't reach us over the Internet, michael@0: michael@0: secretary04 michael@0: 00:01:04.250 --> 00:01:08.000 align:middle position:50% michael@0: because smartphone apps don't support WebRTC yet. michael@0: michael@0: cally01 michael@0: 00:01:10.250 --> 00:01:14.500 align:middle position:50% michael@0: Sheesh, what's this guy blabbing about, I'm Cally Code the developer. michael@0: michael@0: cally02 michael@0: 00:01:14.500 --> 00:01:20.000 align:middle position:50% michael@0: and I'm here to engineer the Procom michael@0: platform and the first round of applications. michael@0: michael@0: cally03 michael@0: 00:01:20.000 --> 00:01:23.750 align:middle position:50% michael@0: I'll implement the platform while designing text, voice, michael@0: michael@0: cally04 michael@0: 00:01:23.750 --> 00:01:27.000 align:middle position:50% michael@0: and video based clients across several platforms. michael@0: michael@0: boss02 michael@0: 00:01:27.500 --> 00:01:30.000 align:middle position:50% michael@0: Wait a minute Cally, I'm the boss. michael@0: michael@0: boss03 michael@0: 00:01:30.000 --> 00:01:34.500 align:middle position:50% michael@0: How are you going to avoid the pitfalls of cross platform development, Cally? michael@0: michael@0: cally05 michael@0: 00:01:35.000 --> 00:01:39.000 align:middle position:50% michael@0: I'll start with a NodeJS project and Socket.IO. michael@0: michael@0: cally06 michael@0: 00:01:39.000 --> 00:01:42.000 align:middle position:50% michael@0: Then I'll write a RTCPeerConnection() backend... michael@0: michael@0: cally07a michael@0: 00:01:42.000 --> 00:01:45.000 align:middle position:50% michael@0: and have clients call getUserMedia(). michael@0: michael@0: cally07b michael@0: 00:01:45.000 --> 00:01:47.000 align:middle position:50% michael@0: Once I've created data channels michael@0: michael@0: cally08 michael@0: 00:01:47.000 --> 00:01:51.750 align:middle position:50% michael@0: and taken care of NAT traversal the WebRTC components are finished. michael@0: michael@0: denny09 michael@0: 00:01:52.000 --> 00:01:56.000 align:middle position:50% michael@0: Okay, it's clear that Procom is WebRTC-centric... michael@0: michael@0: denny10 michael@0: 00:01:56.000 --> 00:02:00.750 align:middle position:50% michael@0: but what about the leading mobile michael@0: platforms that lack a proper web runtime? michael@0: michael@0: denny11 michael@0: 00:02:00.750 --> 00:02:03.500 align:middle position:50% michael@0: How will you bootstrap web applications on those? michael@0: michael@0: cally09 michael@0: 00:02:04.000 --> 00:02:07.000 align:middle position:50% michael@0: We'll re-use the same logic across platforms michael@0: michael@0: cally10a michael@0: 00:02:07.000 --> 00:02:09.000 align:middle position:50% michael@0: even those lacking web runtimes michael@0: michael@0: cally10b michael@0: 00:02:09.000 --> 00:02:12.750 align:middle position:50% michael@0: by rendering a web view via Coordova or Phonegap. michael@0: michael@0: cally11a michael@0: 00:02:13.250 --> 00:02:16.000 align:middle position:50% michael@0: By leveraging the plug in nature of Coordova, michael@0: michael@0: cally11b michael@0: 00:02:16.000 --> 00:02:19.000 align:middle position:50% michael@0: we can abstract and provide features requiring... michael@0: michael@0: cally11c michael@0: 00:02:19.000 --> 00:02:23.000 align:middle position:50% michael@0: sensors like accelerometers and proximity sensors. michael@0: michael@0: boss04a michael@0: 00:02:23.000 --> 00:02:26.000 align:middle position:50% michael@0: That certainly helps. How will we test Procom michael@0: michael@0: boss04b michael@0: 00:02:26.000 --> 00:02:28.750 align:middle position:50% michael@0: to verify that it meets requirements? michael@0: michael@0: cally12a michael@0: 00:02:28.750 --> 00:02:33.000 align:middle position:50% michael@0: We'll employ the QUnit testing framework michael@0: and have a tiered support model... michael@0: michael@0: cally12b michael@0: 00:02:33.000 --> 00:02:37.500 align:middle position:50% michael@0: just like jQuery does in order michael@0: to target a dozen platforms. michael@0: michael@0: denny12 michael@0: 00:02:38.000 --> 00:02:43.000 align:middle position:50% michael@0: Wow, a dozen platforms. Ubiquity! Ubiquity, ubiquity! michael@0: michael@0: boss05 michael@0: 00:02:44.000 --> 00:02:48.500 align:middle position:50% michael@0: Cally, how will we package Procom for distribution on so many platforms? michael@0: michael@0: cally13a michael@0: 00:02:49.000 --> 00:02:54.000 align:middle position:50% michael@0: Boss, we think its best to deploy WGT web widgets. michael@0: michael@0: cally13b michael@0: 00:02:54.000 --> 00:02:59.500 align:middle position:50% michael@0: Some platforms can work with them directly and we'll michael@0: automate a repackaging system for the others. michael@0: michael@0: secretary05 michael@0: 00:03:00.500 --> 00:03:06.000 align:middle position:50% michael@0: It seems this would free us all from the vendor michael@0: lock-in that many providers so cynically enforce. michael@0: michael@0: denny13a michael@0: 00:03:06.500 --> 00:03:07.500 align:middle position:50% michael@0: Why yes! michael@0: michael@0: denny13b michael@0: 00:03:07.500 --> 00:03:10.500 align:middle position:50% michael@0: WGT widgets should fit our design nicely michael@0: michael@0: denny13c michael@0: 00:03:10.500 --> 00:03:12.750 align:middle position:50% michael@0: but do you think that we could extend deployment... michael@0: michael@0: denny13d michael@0: 00:03:12.750 --> 00:03:16.250 align:middle position:50% michael@0: to embed our packages in browsers and other web applications? michael@0: michael@0: cally14 michael@0: 00:03:17.000 --> 00:03:21.500 align:middle position:50% michael@0: Yes, that's one reason for sticking to web standards in the first place. michael@0: michael@0: boss06 michael@0: 00:03:22.500 --> 00:03:26.000 align:middle position:50% michael@0: What about cryptography? Do standard web interfaces exist for that? michael@0: michael@0: cally15a michael@0: 00:03:27.000 --> 00:03:28.000 align:middle position:50% michael@0: Well Boss. michael@0: michael@0: cally15b michael@0: 00:03:28.000 --> 00:03:32.000 align:middle position:50% michael@0: The W3C has produced the Web Cryptography API standard... michael@0: michael@0: cally15c michael@0: 00:03:32.000 --> 00:03:34.000 align:middle position:50% michael@0: ...but it's not stable yet. michael@0: michael@0: cally15d michael@0: 00:03:34.000 --> 00:03:36.500 align:middle position:50% michael@0: Until it matures we have good alternatives michael@0: michael@0: cally15e michael@0: 00:03:36.500 --> 00:03:39.500 align:middle position:50% michael@0: like the Stanford JavaScript crypto library. michael@0: michael@0: cally15f michael@0: 00:03:39.500 --> 00:03:44.750 align:middle position:50% michael@0: Or implement selectively using native michael@0: interfaces and plug in via Cordova. michael@0: michael@0: denny14 michael@0: 00:03:45.250 --> 00:03:51.500 align:middle position:50% michael@0: Oh good! The latter would allow us to optionally tap michael@0: into hardware crypto processors if they prove secure. michael@0: michael@0: cally16 michael@0: 00:03:52.000 --> 00:03:57.750 align:middle position:50% michael@0: That's right. Like the Intel and AMD implementations, namely AES-NI. michael@0: michael@0: boss07a michael@0: 00:03:58.500 --> 00:04:00.500 align:middle position:50% michael@0: Cally, how about the server components? michael@0: michael@0: boss07b michael@0: 00:04:01.000 --> 00:04:05.500 align:middle position:50% michael@0: Won't they suffer from typical security problems once put in the cloud? michael@0: michael@0: cally17a michael@0: 00:04:06.000 --> 00:04:10.000 align:middle position:50% michael@0: Well we'll learned from the mistakes of so many service providers. michael@0: michael@0: cally17b michael@0: 00:04:10.250 --> 00:04:21.750 align:middle position:50% michael@0: Procom will not store keys, anonymize user identities with Tor, michael@0: and will encrypt all channels via TLS and SRTP, or DTLS and ZRTP. michael@0: michael@0: cally17c michael@0: 00:04:22.000 --> 00:04:26.750 align:middle position:50% michael@0: The Procom seed service will even employ a dead man's switch by default. michael@0: michael@0: boss08a michael@0: 00:04:27.250 --> 00:04:28.750 align:middle position:50% michael@0: Wow, that's a handful. michael@0: michael@0: boss08b michael@0: 00:04:29.250 --> 00:04:34.250 align:middle position:50% michael@0: I guess another factor is the open nature of the michael@0: design and freedom to self host the platform. michael@0: michael@0: denny15a michael@0: 00:04:37.750 --> 00:04:39.000 align:middle position:50% michael@0: I've lost track. michael@0: michael@0: denny15b michael@0: 00:04:39.250 --> 00:04:47.500 align:middle position:50% michael@0: How does Procom's focus on web interfaces, open source, standards, michael@0: and data encryption relate to the future of communication? michael@0: michael@0: cally18a michael@0: 00:04:48.250 --> 00:04:54.750 align:middle position:50% michael@0: These aspects help Procom benefit users with michael@0: ubiquity, freedom, and security all at once. michael@0: michael@0: cally18b michael@0: 00:04:55.000 --> 00:04:58.500 align:middle position:50% michael@0: That's what makes Procom unique among rivals. michael@0: michael@0: boss09a michael@0: 00:04:59.250 --> 00:05:00.250 align:middle position:50% michael@0: Sounds great! michael@0: michael@0: boss09b michael@0: 00:05:00.500 --> 00:05:03.750 align:middle position:50% michael@0: Get to work you two while I spread the word about Procom. michael@0: michael@0: crowd01 michael@0: 00:05:04.500 --> 00:05:10.500 align:middle position:50% michael@0: Cheer!