Re: [bfcpbis] Spencer Dawkins' Discuss on draft-ietf-bfcpbis-rfc4582bis-13: (with DISCUSS)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Thu, 05 March 2015 15:01 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D78D01A00B1; Thu, 5 Mar 2015 07:01:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qPNAkn3pcOQQ; Thu, 5 Mar 2015 07:01:23 -0800 (PST)
Received: from mail-lb0-x236.google.com (mail-lb0-x236.google.com [IPv6:2a00:1450:4010:c04::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FD531A004D; Thu, 5 Mar 2015 07:01:19 -0800 (PST)
Received: by lbjf15 with SMTP id f15so23861422lbj.2; Thu, 05 Mar 2015 07:01:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=0uiubY916SQVjtTr7WMw6EUR+lV635y86/S8NqokJIk=; b=H1Xjjtrx1jg6yYykyjFzVqOIqnbMH2aNKK3bbWRMOSG5rW5BA39GjhLJlLQlSlVD9w cpKev935jMBuTMATjulayfBjNiI3o6Iryc7APmnljsAQXcL+XJeeS2esfbyDpgnmr7La VfRW5gSPGfAd/h+/nPxnCqQRICXwBLo3d/bRJpCZuc2Oe4q/+iNY4tJyid7yPD1ALJKd xou2SDMxr4RVvZhj6VNQMgO/9J8Ov50y149bUgDIHcEkPubTe6kHRCheJKh8C8aryXMv ZAKWeiRicEhvWgchwKMKG9x6dL+6+Br7JlNROYHxm8y4Pg+A5SUmiVtpmGwW3JlOYb10 Aosw==
MIME-Version: 1.0
X-Received: by 10.152.87.199 with SMTP id ba7mr3028468lab.75.1425567677623; Thu, 05 Mar 2015 07:01:17 -0800 (PST)
Received: by 10.112.167.101 with HTTP; Thu, 5 Mar 2015 07:01:17 -0800 (PST)
In-Reply-To: <20150305043826.4994.75386.idtracker@ietfa.amsl.com>
References: <20150305043826.4994.75386.idtracker@ietfa.amsl.com>
Date: Thu, 05 Mar 2015 10:01:17 -0500
Message-ID: <CAHbuEH4zYETWqY9JjLnFd1xF8c2_QFgAC7EQBM6ArQ83Jt8WnQ@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
To: Spencer Dawkins <spencerdawkins.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="001a11c34e460735f805108bd749"
Archived-At: <http://mailarchive.ietf.org/arch/msg/bfcpbis/ADtpGPqqO2fB4Ye2Mtq6Ex3XZ8k>
X-Mailman-Approved-At: Thu, 05 Mar 2015 08:14:17 -0800
Cc: bfcpbis@ietf.org, draft-ietf-bfcpbis-rfc4582bis.all@ietf.org, Mary Barnes <mary.ietf.barnes@gmail.com>, The IESG <iesg@ietf.org>, bfcpbis-chairs@ietf.org
Subject: Re: [bfcpbis] Spencer Dawkins' Discuss on draft-ietf-bfcpbis-rfc4582bis-13: (with DISCUSS)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2015 15:01:26 -0000
Hi Spencer, I think I can help with the last part of your discuss after reading this to help reduce the list... On Wed, Mar 4, 2015 at 11:38 PM, Spencer Dawkins < spencerdawkins.ietf@gmail.com> wrote: > Spencer Dawkins has entered the following ballot position for > draft-ietf-bfcpbis-rfc4582bis-13: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > http://datatracker.ietf.org/doc/draft-ietf-bfcpbis-rfc4582bis/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > For the moment, I'm balloting a process Discuss, because I'm not seeing a > response to Gorry Fairhurst's TSV-DIR review sent on March 2, at > https://www.ietf.org/mail-archive/web/ietf/current/msg92156.html. Did I > miss it? > > During my review, I did not see a definition of "transaction failure > window". I can guess what that means, but would love to know for sure. > > I'm understanding that in RFC 4582, the version number (1) was a version > number, but in this draft, version 1 means "reliable transport" and > version 2 means "unreliable transport". Is that right? If so, how does an > RFC 4582 TCP-only floor control server receive a message with a version > field set to 2, which would have been sent over UDP? > > I'm also wondering whether overloading the version number field as a > transport reliability indicator would cause a problem in the future. If > you end up with a mandatory extension that applies to both reliable and > unreliable transport, does that mean you'd use two version numbers > (possibly 2 for reliable and 3 for unreliable)? > > Within Gorry's review, these are the points I thought were > Discuss-worthy. It's probably best for you to reply to these in his > e-mail, rather than try to juggle two sets of overlapping comments. I'm > just pointing out what I think matters most. On the others, please do the > right thing. > > - > > Gorry asked in Section 5: > > What is the security model when TLS/DTLS is not used? - has the protocol > protection from off-path attacks, and how is this provided? > > I'm especially interested in this question when unreliable transport is > used without DTLS. This is probably related to the question about > randomizing Conference ID later in Gorry's review. > See section 7: BFCP floor control servers and clients (which include both floor participants and floor chairs) MUST support TLS for transport over TCP [6] and MUST support DTLS [7] for transport over UDP. Any BFCP entity MAY support other security mechanisms. This covers MTI, we usually don't get into MTU. Are you asking that the properties required for other secure transport alternatives be listed? If someone doesn't want to turn on encryption and have that session established securely, they could have a really 'fun' conference session. > - > > Payload Length: > - What happens when using a datagram format if the datagram length (e.g. > UDP-Length) is less or more than the value specified within the BFCP? > > - > > Fragment Length: > - What happens if the datagram length (e.g. UDP-Length) is less or more > than the value specified within the BFCP? > > I'd also like to see this covered to explicitly prevent fragmentation overlap attacks, so I'll add a discuss as I think it's important to have this stated. Thanks, Kathleen -- Best regards, Kathleen
- [bfcpbis] Spencer Dawkins' Discuss on draft-ietf-… Spencer Dawkins
- Re: [bfcpbis] Spencer Dawkins' Discuss on draft-i… Kathleen Moriarty
- Re: [bfcpbis] Spencer Dawkins' Discuss on draft-i… Alissa Cooper
- Re: [bfcpbis] Spencer Dawkins' Discuss on draft-i… Paul E. Jones