[AVTCORE] Fwd: [MMUSIC] zrtp: draft-ietf-mmusic-sdp-mux-attributes vs draft-ietf-avtcore-rfc5764-mux-fixes

"Gonzalo Salgueiro (gsalguei)" <gsalguei@cisco.com> Tue, 05 July 2016 16:33 UTC

Return-Path: <gsalguei@cisco.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A862112D5CA for <avt@ietfa.amsl.com>; Tue, 5 Jul 2016 09:33:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.947
X-Spam-Level:
X-Spam-Status: No, score=-15.947 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YmE0UHV0C3Sj for <avt@ietfa.amsl.com>; Tue, 5 Jul 2016 09:33:44 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F16D612D0C1 for <avt@ietf.org>; Tue, 5 Jul 2016 09:33:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=16648; q=dns/txt; s=iport; t=1467736424; x=1468946024; h=from:to:subject:date:message-id:references:content-id: content-transfer-encoding:mime-version; bh=zv+Qv8s0KjqnQGeFkPOoMbrUrwea+cj3zizXj81zTOk=; b=fsVfrVxx2bpTisAJdWAmzwkDUdNuJAii5EQSoBgWoL+8AdoWGzFp8Ux6 zzx8FMnDE6nYwy+pvnAtUm35KArU1Q6pYxxHsoVYOLjlUl2cisrneYJ/0 YN/yALdH4KEX/S6YxcLHwhqz+6SMVrCViBYeAExUzT8g3wqDLhFjL95oj Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B5AgAe4XtX/5NdJa1cgz5WfAatMIwQg?= =?us-ascii?q?XcihSxKAhyBGDgUAQEBAQEBAWUcC4RMAQEEAQEBIQQNOhALAgEZAwECAQICEQ4?= =?us-ascii?q?HAgICHwYLFQYCCAIEExSIAgMPCA6rQYstDYQlAQEBAQEBAQEBAQEBAQEBAQEBA?= =?us-ascii?q?R6BAYUmgXgIgk2CQ4FECxEBDyQogkIrgi8FiBqQRTQBhgiGLoIQgWpOhAiDLoU?= =?us-ascii?q?8hleBQIdyAR42ggcBHBeBNW4BhxENFx9/AQEB?=
X-IronPort-AV: E=Sophos;i="5.26,580,1459814400"; d="scan'208";a="292361415"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Jul 2016 16:33:37 +0000
Received: from XCH-ALN-008.cisco.com (xch-aln-008.cisco.com [173.36.7.18]) by rcdn-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id u65GXbkI016974 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <avt@ietf.org>; Tue, 5 Jul 2016 16:33:37 GMT
Received: from xch-aln-009.cisco.com (173.36.7.19) by XCH-ALN-008.cisco.com (173.36.7.18) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 5 Jul 2016 11:33:37 -0500
Received: from xch-aln-009.cisco.com ([173.36.7.19]) by XCH-ALN-009.cisco.com ([173.36.7.19]) with mapi id 15.00.1210.000; Tue, 5 Jul 2016 11:33:36 -0500
From: "Gonzalo Salgueiro (gsalguei)" <gsalguei@cisco.com>
To: "avt@ietf.org" <avt@ietf.org>
Thread-Topic: [MMUSIC] [AVTCORE] zrtp: draft-ietf-mmusic-sdp-mux-attributes vs draft-ietf-avtcore-rfc5764-mux-fixes
Thread-Index: AQHRthL8VuJ5x/fyEE6AYexF7eizHQ==
Date: Tue, 5 Jul 2016 16:33:36 +0000
Message-ID: <FC123D09-FDA5-49CC-8553-7A5575962CCE@cisco.com>
References: <3BC24A44-1B97-4EE7-B710-971331D83606@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.82.217.68]
Content-Type: text/plain; charset="utf-8"
Content-ID: <124427C1FE739447A2754055B0736119@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/54lmNoqiJfc1e01eIDPVnGyzyhc>
Subject: [AVTCORE] Fwd: [MMUSIC] zrtp: draft-ietf-mmusic-sdp-mux-attributes vs draft-ietf-avtcore-rfc5764-mux-fixes
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jul 2016 16:33:47 -0000

As per Marc’s response to Magnus’ LC comments, below is the reference discussion with the AD regarding normative vs. informative reference to ZRTP for mux-fix draft.

Cheers,

Gonzalo

> Begin forwarded message:
> 
> From: "Gonzalo Salgueiro (gsalguei)" <gsalguei@cisco.com>
> Subject: Re: [MMUSIC] [AVTCORE] zrtp: draft-ietf-mmusic-sdp-mux-attributes vs draft-ietf-avtcore-rfc5764-mux-fixes
> Date: June 17, 2016 at 5:04:11 PM EDT
> To: Ben Campbell <ben@nostrum.com>
> Cc: "Gonzalo Salgueiro (gsalguei)" <gsalguei@cisco.com>om>, Marc Petit-Huguenin <marc@petit-huguenin.org>
> 
> Hi Ben - 
> 
> We gave this a good bit of thought.  The fact that ZRTP is informational was simply a factor in our decision, but not the main impetus.  Our rationale was more around the fact that an implementer of the demux logic presented in the mux-fix draft doesn’t need to read the ZRTP spec.  The necessity of reading the ZRTP seemed more of an academic exercise for those curious about ZRTP operation since the explanation for why it is being explicitly carved out in the demux scheme seemed to be wholly explained in the mux-fix draft.  Now, I *do* think that when Alan does get around to ZRTPbis then I think that document should absolutely make a normative reference to this one because there will necessarily need to be text about why certain bits in the header are being set to fixed values.
> 
> At any rate, we understand that this is a bit of a judgement call and if we are asked to make it a normative reference, then we are perfectly fine with that.
> 
> Cheers,
> 
> Gonzalo
> 
> 
>> On Jun 17, 2016, at 4:56 PM, Ben Campbell <ben@nostrum.com> wrote:
>> 
>> Please consider whether the zrtp reference should be normative. That is, do you need to read that to understand this draft. (Personally, I think this is a borderline case.)
>> 
>> I recognize that zRTP is informational, but that doesn't prevent a normative reference if there is good reason. But it does create a few minor process hoops.
>> 
>> Thanks!
>> 
>> Ben.
>> 
>> On 15 Jun 2016, at 14:15, Gonzalo Salgueiro (gsalguei) wrote:
>> 
>>> We have posted the new version that takes ZRTP into account. Have a look and see if everything is OK.
>>> 
>>> -G
>>> 
>>> 
>>>> On Jun 14, 2016, at 4:29 AM, Ben Campbell <ben@nostrum.com> wrote:
>>>> 
>>>> Hi Gonzalo,
>>>> 
>>>> It's hard to give a definitive answer without seeing the changed text in context--but I think you can structure this as a reference to the old 6198. If 6198bis obsoletes 6198, then the reference effectively gets "upgraded". Now, if you depend on 6198bis changes, you might at least mention that, at the time of this writing, there are discussions about the changes in progress.
>>>> 
>>>> As far as normative vs informational--I lean towards normative. 6198 is informational, but we can make an exception for the downref if we do it for good reason and mention it in the IETF last call. But again, this sort of depends on the changed text.
>>>> 
>>>> Thanks!
>>>> 
>>>> Ben.
>>>> 
>>>> 
>>>> On 14 Jun 2016, at 6:44, Gonzalo Salgueiro (gsalguei) wrote:
>>>> 
>>>>> Hi Ben -
>>>>> 
>>>>> 
>>>>> Marc (on Cc) and I plan to make the proposed changes to the mux-fix draft on Wednesday.  In planning for that we were thinking through some things where we’d appreciate your advice.  As discussed, the proposed change will require changes to mux-fix draft and a new version of RFC 6189.  Does this mean we need a reference to RFC6189bis?  (BTW - There is a RFC6189bis available (http://zfone.com/docs/ietf/rfc6189bis.dif.html) but it seems to be an abandoned version from 2012.) Would it have to be normative?  If so, that would mean we are potentially waiting years to publish mux-fix, which is far from the intent. Or can we make it informative? Or can we simply put a reference to the old RFC 6189 and then let 6189bis be responsible for explaining what was done in mux-fix?
>>>>> 
>>>>> Any advice is truly appreciated…
>>>>> 
>>>>> -G
>>>>> 
>>>>> 
>>>>> 
>>>>>> On Jun 7, 2016, at 10:53 PM, Ben Campbell <ben@nostrum.com> wrote:
>>>>>> 
>>>>>> Excellent, thanks!
>>>>>> 
>>>>>> On 7 Jun 2016, at 21:40, Gonzalo Salgueiro (gsalguei) wrote:
>>>>>> 
>>>>>> Hi Ben -
>>>>>> 
>>>>>> Sent the email to AVT & MMUSIC again indicating the ‘speak now or forever hold your peace’ sentiment. We’ll produce an updated draft over the next few days.
>>>>>> 
>>>>>> Thanks,
>>>>>> 
>>>>>> Gonzalo
>>>>>> 
>>>>>> On Jun 7, 2016, at 6:31 PM, Ben Campbell ben@nostrum.com wrote:
>>>>>> 
>>>>>> I suspect that this whole thing is enough of an edge case that people won't care much one way or another, and would be willing to move it forward as is. (It's been on the list, afterall, and I think the people who care have spoken up.)
>>>>>> 
>>>>>> But if you want to be sure, you could re-summarize the proposed actions to the lists, along with an explicit statement that if people don't object really soon now, the proposal will take effect.
>>>>>> 
>>>>>> Thanks!
>>>>>> 
>>>>>> Ben.
>>>>>> 
>>>>>> On 3 Jun 2016, at 1:55, Gonzalo Salgueiro (gsalguei) wrote:
>>>>>> 
>>>>>> Hi Ben -
>>>>>> 
>>>>>> Never heard from anyone else on this besides from Alan (6189 author) and us (mux-fix authors). So not sure what consensus is and how to get this moving forward.
>>>>>> 
>>>>>> Any advice?
>>>>>> 
>>>>>> Gonzalo
>>>>>> 
>>>>>> On May 25, 2016, at 11:05 PM, Gonzalo Salgueiro (gsalguei) gsalguei@cisco.com wrote:
>>>>>> 
>>>>>> OK, cool Thanks, Alan. Once we get consensus from the WG(s) that this is the best way forward we will make this change to draft-ietf-avtcore-rfc5764-mux-fixes.
>>>>>> 
>>>>>> Cheers,
>>>>>> 
>>>>>> Gonzalo
>>>>>> 
>>>>>> On May 25, 2016, at 8:01 PM, Alan Johnston alan.b.johnston@gmail.com wrote:
>>>>>> 
>>>>>> Hi Gonzalo,
>>>>>> 
>>>>>> Thanks for the clarification - I had it backwards in my head. Existing ZRTP implementations will be compliant to the proposal, and we can constrain those bits to 0 in the 6189bis draft to lock it down.
>>>>>> 
>>>>>> So I am OK with this proposal.
>>>>>> 
>>>>>> • Alan -
>>>>>> 
>>>>>> On Wed, May 25, 2016 at 1:56 PM, Gonzalo Salgueiro (gsalguei) gsalguei@cisco.com wrote:
>>>>>> Hi Alan -
>>>>>> 
>>>>>> One of the reasons we made the suggestion was because (in our estimation) it did not have a major impact to the ZRTP packet format. Currently the packet format is:
>>>>>> 
>>>>>> 0 1 2 3
>>>>>> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
>>>>>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>>>> |0 0 0 1|Not Used (set to zero) | Sequence Number |
>>>>>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>>>> | Magic Cookie 'ZRTP' (0x5a525450) |
>>>>>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>>>> | Source Identifier |
>>>>>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>>>> | |
>>>>>> | ZRTP Message (length depends on Message Type) |
>>>>>> | . . . |
>>>>>> | |
>>>>>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>>>> | CRC (1 word) |
>>>>>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>>>> 
>>>>>> Our proposal was to set bits 4 and 5 to zero, which is currently what the protocol calls for and should implicitly make all existing implementations compliant. All we are proposing is is to take bits 4 and 5 out of the “Not Used” range and leave them fixed to the value that current implementations use. Does this make sense?
>>>>>> 
>>>>>> In any case, I’d like to try and understand what impact this has to the current rfc5764-mux-fix text. Is it as simple as explicitly reserving values 16 - 19 for ZRTP? Or did you have something else in mind? If you can make specific text suggestions that will simplify things.
>>>>>> 
>>>>>> Thanks,
>>>>>> 
>>>>>> Gonzalo
>>>>>> 
>>>>>> On May 25, 2016, at 1:35 PM, Alan Johnston alan.b.johnston@gmail.com wrote:
>>>>>> 
>>>>>> Hi Marc,
>>>>>> 
>>>>>> Changing the packet format for ZRTP is a pretty major change to the protocol...
>>>>>> 
>>>>>> I think the only case where this is an issue would be if both ZRTP and DTLS-SRTP are offered opportunistically (OSRTP), and either ZRTP or DTLS-SRTP arrives before the answer is received. During this window of time, a slightly more complicated algorithm could be used to distinguish ZRTP from DTLS-SRTP, such as checking the 32-bit magic cookie that is present in every ZRTP message. Otherwise, only one of these protocols will be used at a time, so it is not the same as distinguishing either from STUN and RTP, which happens throughout a session.
>>>>>> 
>>>>>> We could put this guidance in a RFC6189bis draft, and the other documents could just defer to that guidance if they support ZRTP in addition to DTLS-SRTP opportunistically.
>>>>>> 
>>>>>> • Alan -
>>>>>> 
>>>>>> On Wed, May 25, 2016 at 10:56 AM, Ben Campbell ben@nostrum.com wrote:
>>>>>> Hi Marc,
>>>>>> 
>>>>>> That's along the lines that I expected, if the working group chooses this path. What do others think?
>>>>>> 
>>>>>> Thanks!
>>>>>> 
>>>>>> Ben.
>>>>>> 
>>>>>> On 25 May 2016, at 12:37, Marc Petit-Huguenin wrote:
>>>>>> 
>>>>>> As you mention, there are several ways to handle this issue. We leave it to the community to decide whether to include zrtp in bundle or not. If we were to update the 5764-mux-fix draft, we felt that the cleanest way to handle it is in two steps.
>>>>>> 
>>>>>> One thing to note is that there is no clash/overlap with STUN, so using magic cookie to distinguish from STUN is a moot point. The overlap with the DTLS range is what we need to avoid. The right thing to do seems to be to work on a rfc6189bis draft that would set bit 4 and 5 of the first byte of the zrtp message to 0. This way zrtp cannot clash with DTLS.
>>>>>> 
>>>>>> On the rfc5764-mux-fixes draft, we just change the algorithm to:
>>>>>> 
>>>>>> +----------------+
>>>>>> |        [0..3] -+--> forward to STUN
>>>>>> |                |
>>>>>> |      [16..19] -+--> forward to ZRTP
>>>>>> |                |
>>>>>> 
>>>>>> packet --> | [20..63] -+--> forward to DTLS
>>>>>> | |
>>>>>> | [64..79] -+--> forward to TURN Channel
>>>>>> | |
>>>>>> | [128..191] -+--> forward to RTP/RTCP
>>>>>> +----------------+
>>>>>> 
>>>>>> Does this seem like a reasonable approach?
>>>>>> 
>>>>>> On 05/24/2016 04:21 PM, Ben Campbell wrote:
>>>>>> Hi,
>>>>>> 
>>>>>> There appears to be a discrepancy between draft-ietf-mmusic-sdp-mux-attributes and draft-ietf-avtcore-rfc5764-mux-fixes concerning whether zrtp can be used with bundle.
>>>>>> 
>>>>>> mux-attributes puts the zrtp-hash attribute [RFC6189] in the "transport" category, meaning, among other things, that it can be used in a bundle group. However, as the demux rules are currently defined 5764-mux-fixes, zrtp messages cannot actually be demuxed. (If I read things correctly, the first byte of a zrtp message will be 16, which is not in any of the "known ranges" described in 5765 or 5764-mux-fixes, and therefore the message MUST be dropped.
>>>>>> 
>>>>>> That seems to leave the choice of adding zrtp messages to the demux rules in 5764-mux-fixes, or removing the implication that zrtp can be bundled from mux-attributes.
>>>>>> 
>>>>>> Adding rules for demuxing zrtp to 5765-mux-fixes would probably not be hard, but would be non-trivial. RFC 6189 calls for using the magic cookie to distinguish zrtp messages from stun messages.
>>>>>> 
>>>>>> Do people have opinions how to move forward with this? Am I interpreting the conflict correctly?Keep in mind that ZRTP is not a standards-track spec. But at the same time, I'm not sure we want to exclude it from the bundle mechanism.
>>>>>> 
>>>>>> Thanks!
>>>>>> 
>>>>>> Ben.
>>>>>> 
>>>>>> Audio/Video Transport Core Maintenance
>>>>>> avt@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/avt
>>>>>> 
>>>>>> mmusic mailing list
>>>>>> mmusic@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/mmusic
>>>>>> 
>