[AVTCORE] AD review: draft-ietf-avtcore-feedback-suppression-rtp-13
Robert Sparks <rjsparks@nostrum.com> Thu, 01 March 2012 22:27 UTC
Return-Path: <rjsparks@nostrum.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 072AE21E8396 for <avt@ietfa.amsl.com>; Thu, 1 Mar 2012 14:27:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.536
X-Spam-Level:
X-Spam-Status: No, score=-102.536 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, SPF_PASS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tzY+aChNZQWG for <avt@ietfa.amsl.com>; Thu, 1 Mar 2012 14:27:17 -0800 (PST)
Received: from nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:267::2]) by ietfa.amsl.com (Postfix) with ESMTP id 59E6A21E8357 for <avt@ietf.org>; Thu, 1 Mar 2012 14:27:17 -0800 (PST)
Received: from unexplicable.local (pool-71-170-125-181.dllstx.fios.verizon.net [71.170.125.181]) (authenticated bits=0) by nostrum.com (8.14.3/8.14.3) with ESMTP id q21MRDG3047052 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Thu, 1 Mar 2012 16:27:14 -0600 (CST) (envelope-from rjsparks@nostrum.com)
Message-ID: <4F4FF7C1.6040501@nostrum.com>
Date: Thu, 01 Mar 2012 16:27:13 -0600
From: Robert Sparks <rjsparks@nostrum.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: avt@ietf.org, avtcore-chairs@tools.ietf.org, draft-ietf-avtcore-feedback-suppression-rtp@tools.ietf.org, Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Received-SPF: pass (nostrum.com: 71.170.125.181 is authenticated by a trusted mechanism)
Subject: [AVTCORE] AD review: draft-ietf-avtcore-feedback-suppression-rtp-13
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Mar 2012 22:27:18 -0000
Summary: There are some clarifications needed (and some questions to discuss) before forwarding this to IETF LC. 1) Section 3, paragraph 3, says a receiver MUST follow the rules for NACK suppression on receipt of a third partly loss report. Section 4 says receivers MAY ignore third party lost reports, and then confusingly says the SHOULD not ignore them. The security considerations section says that receivers would be "well advised to ignore" (effectively SHOULD ignore) third party reports unless they are authenticated. This needs to be reconciled. Are you trying to say the following? *) MUST follow the suppression rules if packets are authenticated *) SHOULD NOT follow the suppression rules if the packets are not authenticated Or something else? Either way, please make the document internally consistent. 2) Why aren't RFC3711 and RFC5124 normative references? They're the only offered tools for authenticating these messages in the document. Even if other mechanisms might exist, there needs to be discussion somewhere of what's required of this authentication, and the security consideration sections of those documents would suffice. 3) The first part of the IANA considerations section is not clear. Is this trying to create a new registry with two initial values, or add two values to an existing registry. If it's creating a new one, please provide a registry name, and suggest where it should appear. 4) The security considerations section speaks about attacks based on spurious reports, but doesn't really discuss more directed attacks. In particular, if a receiver accepts unauthenticated feedback suppression messages, an attacker could cause packetloss disrupting an important part of a session, preemptively sending feedback suppression. An attacker that is also a receiver has enough information to suppress _all_ feedback from any other listeners that don't unauthenticated packets. Please make it clearer that these risks exist. 5) At the end of section 3, the document says messages SHOULD be suppressed "for a period of time". Can that be made more precise? Editorial suggestions: Please expand acronyms on first use (There are a _lot_ of acronyms, many of which need references to where they are defined. Consider adding a glossary so you can get that out of the way without interrupting the flow of the text). The protocol definition part of this document (section 4) is a bit of a puzzle for a new reader. It would help to guide the reader through the definition more directly. Here's a suggested modification - feel free to ignore it: Before section 4.1 say "The following two sections each define a third party loss report message. Both messages are feedback messages as defined in section 6.1 of RFC4585, and use the header format defined there. Each section defines how to populate the PT, FMT, length, SSRC or packet sender, SSRC of media source, and FCI fields in that header." That will make it more obvious to the reader that they need to go look at the referenced section in 4585 right away, and makes it possible to simplify the text in 4.1 and 4.2. 4.1 can state clearly and early that it is defining the TLLEI, etc. Whether you choose to act on this suggestion or not, please change the TBDs to TBD1 and TBD2, and say "length field in the" instead of "length of" when talking about setting the length field in each message. Nits sent directly to editors.
- [AVTCORE] AD review: draft-ietf-avtcore-feedback-… Robert Sparks
- Re: [AVTCORE] AD review: draft-ietf-avtcore-feedb… Qin Wu
- Re: [AVTCORE] AD review: draft-ietf-avtcore-feedb… Van Caenegem, Tom (Tom)
- [AVTCORE] 答复: AD review: draft-ietf-avtcore-feedb… Qin Wu
- Re: [AVTCORE] AD review: draft-ietf-avtcore-feedb… Van Caenegem, Tom (Tom)
- Re: [AVTCORE] AD review: draft-ietf-avtcore-feedb… Magnus Westerlund
- [AVTCORE] draft-ietf-avtcore-feedback-supression-… Robert Sparks
- Re: [AVTCORE] draft-ietf-avtcore-feedback-supress… Robert Sparks
- Re: [AVTCORE] draft-ietf-avtcore-feedback-supress… Roni Even
- Re: [AVTCORE] draft-ietf-avtcore-feedback-supress… Robert Sparks
- Re: [AVTCORE] AD review:draft-ietf-avtcore-feedba… Qin Wu
- Re: [AVTCORE] draft-ietf-avtcore-feedback-supress… Qin Wu
- Re: [AVTCORE] draft-ietf-avtcore-feedback-supress… Qin Wu