Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc4583bis-24
Roman Shpount <roman@telurix.com> Fri, 21 September 2018 21:48 UTC
Return-Path: <roman@telurix.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCD05130E23 for <bfcpbis@ietfa.amsl.com>; Fri, 21 Sep 2018 14:48:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telurix-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vnBI-gf9n2rA for <bfcpbis@ietfa.amsl.com>; Fri, 21 Sep 2018 14:48:57 -0700 (PDT)
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DF60130DF6 for <bfcpbis@ietf.org>; Fri, 21 Sep 2018 14:48:57 -0700 (PDT)
Received: by mail-pl1-x62c.google.com with SMTP id g2-v6so6506163plo.2 for <bfcpbis@ietf.org>; Fri, 21 Sep 2018 14:48:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=CAbJvRRzUSH/cjUIb/Q3rpRBV6UNnLk8280cOV5VaC4=; b=sGK5raxa6Zcm+skUxXdnuuwscWQJ3k+fSoOeie86hMhpHRqUUA/a2eIPyaBCVi0x9U qVfUUCVObLngNZKEEQbMOpKXN2Q25PKgA6C3mmwOUWRDXy5ajx7R42OFKATfFhSMXg0h jPB+EnjjOH/4oIg2sEupc5pUI402cOEuOFEw1UgRBtKmTBTQxkYgd9UR04hqUfqcJEqG aYCpJIAS+gHi7QiosJpcFPCNMSdLyc4RVLrCxee+7Esy3zEnNE/X/bvfO0NuDQTqXK82 ENNBG0przqsBV0t4DjFniiSVPCxMZ9v/KQApRxgofuH5rJvS45TUgQJPb2JefYrWVu9i CaJw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=CAbJvRRzUSH/cjUIb/Q3rpRBV6UNnLk8280cOV5VaC4=; b=B0Ci9/b8Ds6tlKgOBPe4I8AUywMW/fcWpWAA+Zf7NwDHAKpSzDPrS2TNJ+EuQ6klyX f13VfIzNgtpiR0fT52Y9tY2pl+HzFgQmf4qKkh75wOFafMHw85Ka/5W9r3WqV82TlL3T +3sOoX19cXKhRlMI14JvzxSmXGOhKgvU2y40gM+ttT1CD2ufanhh2bTatbBR8UJ2qKo3 xXSSnWYYoV5TkR1P/QJ3k8vFuJdDqrKFfpRzVBbUFHpx1I3S4oWklUU7QiI77smWoRba cFwVb3xrS/L2iJoB37XOWAHoev4e7/ekQ2arUpdHU8V82krzTb85SsLxa3yvbeOv/nd7 2pNg==
X-Gm-Message-State: APzg51Ak6RNufR7c0cpTvuOZu+4laJekoNGMNRjbOH+Kve3Y7JZBP0Tx lAlEoTmiYPJFBNndpownYu3Qeg==
X-Google-Smtp-Source: ANB0Vdb1YhPVYQtJ/fM+iUrHxwacRvTug+JKO00vgtD5fiEfxGjXZhcsH/4Fwe8Fqyi/G/EZ2+cAlw==
X-Received: by 2002:a17:902:8b8b:: with SMTP id ay11-v6mr45372814plb.1.1537566537005; Fri, 21 Sep 2018 14:48:57 -0700 (PDT)
Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com. [209.85.210.173]) by smtp.gmail.com with ESMTPSA id b21-v6sm59507878pfm.97.2018.09.21.14.48.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Sep 2018 14:48:56 -0700 (PDT)
Received: by mail-pf1-f173.google.com with SMTP id h79-v6so6530637pfk.8; Fri, 21 Sep 2018 14:48:56 -0700 (PDT)
X-Received: by 2002:a62:455b:: with SMTP id s88-v6mr47602369pfa.203.1537566535757; Fri, 21 Sep 2018 14:48:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a17:90a:d588:0:0:0:0 with HTTP; Fri, 21 Sep 2018 14:48:55 -0700 (PDT)
In-Reply-To: <9a74a495fdda41a4892929a6c4da0ba2@ericsson.com>
References: <09534f21-9ccc-91c9-d440-56a9eca86d94@nostrum.com> <CAD5OKxuteVX6o-KgeUrG_O0Bf0czi3r-X+T-4Hd+1uBBEDH-eA@mail.gmail.com> <9a74a495fdda41a4892929a6c4da0ba2@ericsson.com>
From: Roman Shpount <roman@telurix.com>
Date: Fri, 21 Sep 2018 17:48:55 -0400
X-Gmail-Original-Message-ID: <CAD5OKxts-ATOdSY3zXUFp7=69bD5Ccte6Y8HJEBvB3n4p85jXQ@mail.gmail.com>
Message-ID: <CAD5OKxts-ATOdSY3zXUFp7=69bD5Ccte6Y8HJEBvB3n4p85jXQ@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Cc: Adam Roach <adam@nostrum.com>, "draft-ietf-bfcpbis-rfc4583bis.all@ietf.org" <draft-ietf-bfcpbis-rfc4583bis.all@ietf.org>, "bfcpbis@ietf.org" <bfcpbis@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002eb4550576689b99"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bfcpbis/Bnkc4qDb8EfYl67XqlCOof8wYbM>
Subject: Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc4583bis-24
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Sep 2018 21:49:00 -0000
Christer, Here is the best I can come up with: The main use case for TCP/TLS/BFCP is legacy interop. This protocol should be used if end point needs to communicate with existing equipment that implements it. This protocol cannot be used with ICE and does not work in NAT environments. This protocol utilizes TCP for reliable in-order delivery and relies on these properties of TCP in its implementation, so that implementation of this protocol is fairly different from UDP/TLS/BFCP. The main use case for TCP/DTLS/BFCP is ICE and associated support for NAT environments. This is the protocol which will be used on the wire and specified in the m= line when an ICE TCP candidate is used. It is recommended to use this protocol for new implementations or when endpoints deployed in NAT environments need to be supported. From implementation point of view, TCP/DTLS/BFCP protocol compliments UDP/TLS/BFCP since it allows seamless switch-over between TCP/DTLS/BFCP and UDP/TLS/BFCP within the same communication session, which is required for ICE support. Both protocols use the same encryption (DTLS), and the same mechanisms to insure reliable message delivery. Essentially, TCP/DTLS/BFCP is UDP/TLS/BFCP with DTLS packets sent over the TCP connection using framing defined in RFC 4571 instead of UDP, so that most of the transport implementation code can be shared. Regards, _____________ Roman Shpount On Fri, Sep 21, 2018 at 5:21 PM, Christer Holmberg < christer.holmberg@ericsson.com> wrote: > Hi Roman, > > > > Could you help providing explanation? > > > > Perhaps a bullet list with each protocol value, and when to use it. > > > > Regards, > > > > Christer > > > > *From:* Roman Shpount [mailto:roman@telurix.com] > *Sent:* 11 September 2018 00:23 > *To:* Adam Roach <adam@nostrum.com> > *Cc:* draft-ietf-bfcpbis-rfc4583bis.all@ietf.org; bfcpbis@ietf.org > *Subject:* Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc4583bis-24 > > > > Hi Adam, > > > > On Mon, Sep 10, 2018 at 4:41 PM, Adam Roach <adam@nostrum.com> wrote: > > > §4 (BLOCKING): > > > This document defines five values for the proto field: TCP/BFCP, > > TCP/DTLS/BFCP, TCP/TLS/BFCP, UDP/BFCP, and UDP/TLS/BFCP. > > Generally, having more ways to do the same things in a protocol leads to > less > interoperability rather than more. While the rationale for the four-way > split > caused by TLS-versus-plaintext and UDP-versus-TCP is pretty self evident, > there > appears to be no rationale in this document for having both TCP/DLTS/BFCP > and > TCP/TLS/BFCP; more importantly, the document offers no guidance to > implementors > regarding which to use. This is likely to lead to some implementations > choosing > one encoding and others choosing the other somewhat arbitrarily. This > decreases > the chances of the protocol interoperating. > > Minimally, please include guidance regarding which of these two variations > implementations should use, and under which conditions. On a first glance, > it > would appear that the guidance might be that non-ICE uses should use > TCP/TLS/BFCP for maximal compatibility with RFC 4583 implementations, and > that > ICE uses need to use TCP/DTLS/BFCP, as outlined in section 9. > > > > You are correct, the reason there are two protocols is that TCP/TLS/BFCP > needs to be supported for legacy interop with RFC4583 but it does not work > with ICE. Since ICE is designed as being able to switch between ICE > candidates, including UDP and TCP based candidates, without disrupting the > higher level protocol, any ICE transport, including ICE-TCP, should be > treated as packet-based unreliable transport. As a result, ICE can only > work with UDP/TLS/DTLS/BFC for UDP candidates or TCP/DTLS/BFCP for TCP > candidates. Both of these protocols treat underlying transport as > unreliable with DTLS responsible for packet re-transmission. On the other > hand, TCP/TLS/BFCP relies on the underlying transport for reliable > in-order delivery, which is not provided by ICE. Furthermore, ICE is not > supported by plain UDP/BFC either, or you will end up with TCP/UDP/BFCP > (different from TCP/BFCP) which everyone found to be even more confusing. I > think some explanation of this would be helpful. > > > > Regards, > > _____________ > > Roman Shpount > > > >
- [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc4583… Adam Roach
- Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc… Roman Shpount
- Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc… Christer Holmberg
- Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc… Roman Shpount
- Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc… Christer Holmberg
- Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc… Christer Holmberg
- Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc… Roman Shpount
- Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc… Christer Holmberg
- Re: [bfcpbis] AD Review of draft-ietf-bfcpbis-rfc… Christer Holmberg