IETF Logo Mail Archive

[AVTCORE] AD review: draft-ietf-avtcore-feedback-suppression-rtp-13

Robert Sparks <rjsparks@nostrum.com> Thu, 01 March 2012 22:27 UTC

Return-Path: <rjsparks@nostrum.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 072AE21E8396 for <avt@ietfa.amsl.com>; Thu, 1 Mar 2012 14:27:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.536
X-Spam-Level:
X-Spam-Status: No, score=-102.536 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, SPF_PASS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tzY+aChNZQWG for <avt@ietfa.amsl.com>; Thu, 1 Mar 2012 14:27:17 -0800 (PST)
Received: from nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:267::2]) by ietfa.amsl.com (Postfix) with ESMTP id 59E6A21E8357 for <avt@ietf.org>; Thu, 1 Mar 2012 14:27:17 -0800 (PST)
Received: from unexplicable.local (pool-71-170-125-181.dllstx.fios.verizon.net [71.170.125.181]) (authenticated bits=0) by nostrum.com (8.14.3/8.14.3) with ESMTP id q21MRDG3047052 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Thu, 1 Mar 2012 16:27:14 -0600 (CST) (envelope-from rjsparks@nostrum.com)
Message-ID: <4F4FF7C1.6040501@nostrum.com>
Date: Thu, 01 Mar 2012 16:27:13 -0600
From: Robert Sparks <rjsparks@nostrum.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: avt@ietf.org, avtcore-chairs@tools.ietf.org, draft-ietf-avtcore-feedback-suppression-rtp@tools.ietf.org, Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Received-SPF: pass (nostrum.com: 71.170.125.181 is authenticated by a trusted mechanism)
Subject: [AVTCORE] AD review: draft-ietf-avtcore-feedback-suppression-rtp-13
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Mar 2012 22:27:18 -0000

Summary: There are some clarifications needed (and some questions to 
discuss) before forwarding this to IETF LC.

1) Section 3, paragraph 3, says a receiver MUST follow the rules for 
NACK suppression on receipt of a third partly loss report. Section 4 
says receivers MAY ignore third party lost reports, and then confusingly 
says the SHOULD not ignore them. The security considerations section 
says that receivers would be "well advised to ignore" (effectively 
SHOULD ignore) third party reports unless they are authenticated. This 
needs to be reconciled.

Are you trying to say the following?

    *) MUST follow the suppression rules if packets are authenticated
    *) SHOULD NOT follow the suppression rules if the packets are not 
authenticated

Or something else? Either way, please make the document internally 
consistent.

2) Why aren't RFC3711 and RFC5124 normative references? They're the only 
offered tools for authenticating these messages in the document. Even if 
other mechanisms might exist, there needs to be discussion somewhere of 
what's required of this authentication, and the security consideration 
sections of those documents would suffice.

3) The first part of the IANA considerations section is not clear. Is 
this trying to create a new registry with two initial values, or add two 
values to an existing registry. If it's creating a new one, please 
provide a registry name, and suggest where it should appear.

4) The security considerations section speaks about attacks based on 
spurious reports, but doesn't really discuss more directed attacks. In 
particular, if a receiver accepts unauthenticated feedback suppression 
messages, an attacker could cause packetloss disrupting an important 
part of a session, preemptively sending feedback suppression. An 
attacker that is also a receiver has enough information to suppress 
_all_ feedback from any other listeners that don't unauthenticated 
packets. Please make it clearer that these risks exist.

5) At the end of section 3, the document says messages SHOULD be 
suppressed "for a period of time". Can that be made more precise?

Editorial suggestions:

Please expand acronyms on first use (There are a _lot_ of acronyms, many 
of which need references to where they are defined. Consider adding a 
glossary so you can get that out of the way without interrupting the 
flow of the text).

The protocol definition part of this document (section 4) is a bit of a 
puzzle for a new reader. It would help to guide the reader through the 
definition more directly. Here's a suggested modification - feel free to 
ignore it:

Before section 4.1 say "The following two sections each define a third 
party loss report message. Both messages are feedback messages as 
defined in section 6.1 of RFC4585, and use the header format defined 
there. Each section defines how to populate the PT, FMT, length, SSRC or 
packet sender, SSRC of media source, and FCI fields in that header."

That will make it more obvious to the reader that they need to go look 
at the referenced section in 4585 right away, and makes it possible to 
simplify the text in 4.1 and 4.2. 4.1 can state clearly and early that 
it is defining the TLLEI, etc.

Whether you choose to act on this suggestion or not, please change the 
TBDs to TBD1 and TBD2, and say "length field in the" instead of "length 
of" when talking about setting the length field in each message.

Nits sent directly to editors.

v2.23.0 | Report a Bug | By Email