Re: [AVTCORE] Benjamin Kaduk's Yes on draft-ietf-avtcore-cc-feedback-message-08: (with COMMENT)
Colin Perkins <csp@csperkins.org> Mon, 02 November 2020 13:26 UTC
Return-Path: <csp@csperkins.org>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 055473A0810; Mon, 2 Nov 2020 05:26:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=csperkins.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hH-PHR-VRh-L; Mon, 2 Nov 2020 05:26:37 -0800 (PST)
Received: from haggis.mythic-beasts.com (haggis.mythic-beasts.com [IPv6:2a00:1098:0:86:1000:0:2:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03F913A0FBD; Mon, 2 Nov 2020 05:26:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=csperkins.org; s=mythic-beasts-k1; h=To:Date:From:Subject; bh=2J/BKwPyjoUOWA7s7dqZVYVMyiKK9gDGYwFjlbrAikk=; b=sD3L6ifTU+oUPXC6ygFAFQ5gqR Mj/C8PnSmeQ/cnVHKufeExgarDetcpUInF6ThiSmSUe7MC+jLBq3ZihO/XdmZtpz782RbnVTf9ODd AdqyOBk8iyr1NnHNsO3CnlLYt78Cc233pq7tMS3eaByl2QMjzzWSdFS6u4TIbi+3QbxJafU+CFmjr yZc5hbQQNKZh/sjdtrMwZe63S42dwvrB7OeORPd2eNi7lpoYIhfwwLJrt+L2Pz4UiyXai3cNpW4f5 Z23Ql17cYKcdRsMQhH0eebviJWvspjfD9e6C+k1EGl1+dGERNv0eis687A6X9MUhly0sgESYlpJt2 7q4E5XWg==;
Received: from [81.187.2.149] (port=37599 helo=[192.168.0.67]) by haggis.mythic-beasts.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from <csp@csperkins.org>) id 1kZZr1-0000HJ-1e; Mon, 02 Nov 2020 13:26:35 +0000
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
From: Colin Perkins <csp@csperkins.org>
In-Reply-To: <160090353165.31814.11488206076041378547@ietfa.amsl.com>
Date: Mon, 02 Nov 2020 13:26:31 +0000
Cc: The IESG <iesg@ietf.org>, avtcore-chairs@ietf.org, avt@ietf.org, draft-ietf-avtcore-cc-feedback-message@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <65F6A6B2-6345-4FC6-B345-DB1F2D00F672@csperkins.org>
References: <160090353165.31814.11488206076041378547@ietfa.amsl.com>
To: Benjamin Kaduk <kaduk@mit.edu>
X-Mailer: Apple Mail (2.3445.104.17)
X-BlackCat-Spam-Score: 4
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/gF1yUbRhFaVu74imMR7wVWLueAk>
Subject: Re: [AVTCORE] Benjamin Kaduk's Yes on draft-ietf-avtcore-cc-feedback-message-08: (with COMMENT)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Nov 2020 13:26:40 -0000
> On 24 Sep 2020, at 00:25, Benjamin Kaduk via Datatracker <noreply@ietf.org> wrote: > > Benjamin Kaduk has entered the following ballot position for > draft-ietf-avtcore-cc-feedback-message-08: Yes > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-avtcore-cc-feedback-message/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Section 1 > > control designs are not interoperable. To enable algorithm evolution > as well as interoperability across designs (e.g., different rate > adaptation algorithms), it is highly desirable to have generic > congestion control feedback format. > > nit: singular/plural mismatch "format"/"to have generic". > > To help achieve interoperability for unicast RTP congestion control, > this memo proposes a common RTCP feedback packet format that can be > > (side note) is there work underway for non-unicast RTP congestion > control? Not that I know of. > Section 2 > > In addition the terminology defined in [RFC3550], [RFC3551], > [RFC3611], [RFC4585], and [RFC5506] applies. > > [3551 and 3611 don't seem to have prominent dedicated "definitions" > sections.] Removed these references. > Section 3.1 > > o L (1 bit): is a boolean to indicate if the packet was received. 0 > represents that the packet was not yet received and all the > subsequent bits (ECN and ATO) are also set to 0. 1 represents > that the packet was received and the subsequent bits in the block > need to be parsed. > > (side note) it's tempting to parse this as the "loss bit", but then a > value of true means not-lost and false means lost, which feels somewhat > unnatural. That said, preserving all-bits-zero as "no data" is probably > worth the tradeoff… Renamed the bit to “R” to better match its use. > sent previous reports for RTP packets included in both reports. If > an RTP packet was reported as received in one report, that packet > MUST also be reported as received in any overlapping reports sent > later that cover its sequence number range. > > What should a recipient do if this invariant is violated? Tear down the > RTP session as a protocol violation? Treat the later report as an update, as in the previous sentence. I reordered the text to clarify. (It makes no sense for a packet to be reported as received then lost, but it’s not going to cause any great harm) > Section 4 > > feedback, using a feedback interval range of 50-200ms. Applications > need to negotiate an appropriate congestion control feedback interval > at session setup time, based on the choice of congestion control > algorithm, the expected media bit rate, and the acceptable feedback > overhead. > > Are there protocol mechanisms standardized that can perform this > negotiation? (I note that though we provide SDP signalling for the use > of CCFB overall, we do not define SDP signalling for the feedback > interval.) SDP has various mechanisms, such as b= lines amongst others, that allow this negotiation. > Section 7 > > provides duplicate information. Accordingly, when congestion control > feedback is to be used with RTP and ECN, the SDP offer generated MUST > include an "a=ecn-capable-rtp:" attribute to negotiate ECN support, > along with an "a=rtcp-fb:" attribute with the "ack" parameter "ccfb" > to indicate that the RTP Congestion Control Feedback Packet is to be > used for feedback. The "a=rtcp-fb:" attribute MUST NOT include the > "nack" parameter "ecn", so the RTCP ECN Feedback Packet will not be > used. > > Am I reading this correctly that a "mixed" deployment with Offerer that > supports both mechanisms and an Answerer that only supports RFC 6679 > will result in ECN not being used for the RTP session at all, even > though 6679 is supported by both parties? Why does it not suffice to > only constrain the Answer behavior? Good catch – I’ve changed this to allow the receiver to choose. > Section 8 > > control. TMMBR could, however, be viewed a complementary > mechanism that can inform the sender of the receiver's current > view of acceptable maximum bit rate. The Received Estimated > Maximum Bit-rate (REMB) mechanism [I-D.alvestrand-rmcat-remb] > provides similar feedback. > > The REMB I-D expired in 2014; is it still useful to reference it by name > (as opposed to a representative of a class)? Contrast to > draft-holmer-rmcat-transport-wide-cc-extensions, which expired in 2016, > but we reference only as an example of the class of schemes that adds a > transport-wide sequence number to each RTP packet. Fixed. > RTCP Extended Reports (XR): Numerous RTCP extended report (XR) > blocks have been defined to report details of packet loss, arrival > times [RFC3611], delay [RFC6843], and ECN marking [RFC6679]. It > is possible to combine several such XR blocks into a compound RTCP > packet, to report the detailed loss, arrival time, and ECN marking > marking information needed for effective sender-based congestion > control. However, the result has high overhead both in terms of > bandwidth and complexity, due to the need to stack multiple > reports. > > If I am reading correctly, RFC 6679 only provides ECN counters, not > necessarily at packet granularity, so it may not actually provide as > much information as this mechanism. Right. > Section 9 > > Are the named individuals the members of the design team? If not, where > can the membership of the design team be determined? I think so…. it’s been a long time. > Section 11 > > I look forward to the clarification regarding off-path attacks produced > in response to the tsv-art review. > > In theory the exposure of (somewhat) fine-grained timing information at > per-packet granularity could open up new attacks that look for side > channels in processing of other protocols operating between the same > endpoints, but I am not really convinced that millisecond-scale > information presents enough exposure to merit mentioning here. > > congestion on the path. This will negatively impact the quality of > experience of that receiver. Since RTP is an unreliable transport, a > > And potentially other entities using the bottleneck segment of that > path? Also could potentially cause excessive resource consumption on the > sender? Yes, updated. > sender can intentionally leave a gap in the RTP sequence number space > without causing harm, to check that the receiver is correctly > reporting losses. > > [I assume that recommended remediation measures in the face of such a > lying peer are covered in the referenced documents already.] I’m not sure they are, but such guidance would relate to RTP implementations in general, not just to this feedback mechanism, so this isn’t the right place to add it. > An on-path attacker that can modify RTCP congestion control feedback > packets can change the reports to trick the sender into sending at > either an excessively high or excessively low rate, leading to denial > of service. The secure RTCP profile [RFC3711] can be used to > authenticate RTCP packets to protect against this attack. > > I guess to try to do this off-path you'd need to guess the SSRCs and > sequence-numbers (mod 2**16) in addition to transport ports, which > quickly becomes infeasible if there's more than one stream, so it really > is just an off-path threat. Right – it’s not feasible as an off-path attack, because you need to also guess the SSRC, sequence number, and ports. > Section 12.1 > > It seems that we only list 3611 as normative for the terminology > reference, but I didn't see any terminology usage that we clearly needed > 3611 for. It should be informative, yes. -- Colin Perkins https://csperkins.org/
- [AVTCORE] Benjamin Kaduk's Yes on draft-ietf-avtc… Benjamin Kaduk via Datatracker
- Re: [AVTCORE] Benjamin Kaduk's Yes on draft-ietf-… Colin Perkins