Re: [bfcpbis] Alexey Melnikov's No Objection on draft-ietf-bfcpbis-bfcp-websocket-13: (with COMMENT)

"Ram Mohan R (rmohanr)" <rmohanr@cisco.com> Mon, 30 January 2017 15:11 UTC

Return-Path: <rmohanr@cisco.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 481971299A9; Mon, 30 Jan 2017 07:11:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.72
X-Spam-Level:
X-Spam-Status: No, score=-17.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-3.199, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fzM_bufL-qq7; Mon, 30 Jan 2017 07:11:31 -0800 (PST)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 153C1129541; Mon, 30 Jan 2017 07:11:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4902; q=dns/txt; s=iport; t=1485789091; x=1486998691; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=0k5JLrZ6qFEYMy6A+BazOnp8UV0YRYtbuvGBFbAg0cI=; b=R/kJECYxMPuBSR8lYblkJ0ZGPzT9rVsFMXc2nAEx5hKwmoqcpL4WP2E8 X74hZrK5tzdq5neFKYt69HTLUDyLp8Bx5TSSOHekbwiaL0K8GCOTkDa/3 s4TwlkhPj34Po2/ewLobWGPlyAYERMHerzok5vsy6nRQ4i6TgXIwTMoEA o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BOAQBdV49Y/4gNJK1dGQEBAQEBAQEBAQEBBwEBAQEBg1NhgQkHg06KCZIEiAmLGoIPggwqhXgCGoIDPxgBAgEBAQEBAQFiKIRpAQEBBCMRRQwEAgEIDgMDAQIDAiYCAgIfERUICAIEAQ0FiUkDFQ6qZYIlhywNgzoBAQEBAQEBAQEBAQEBAQEBAQEBAQEYBYELh0WCaoJRgUoRAQYWBzECgkwugjEFiQKSGjgBhmaHA4QRgXmFFYlpiieIVwEfOHZVFUsBhGCBSHUBhgSBIYEMAQEB
X-IronPort-AV: E=Sophos;i="5.33,312,1477958400"; d="scan'208";a="200332290"
Received: from alln-core-3.cisco.com ([173.36.13.136]) by rcdn-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 30 Jan 2017 15:11:22 +0000
Received: from XCH-RTP-018.cisco.com (xch-rtp-018.cisco.com [64.101.220.158]) by alln-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id v0UFBMkp001542 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 30 Jan 2017 15:11:22 GMT
Received: from xch-rtp-017.cisco.com (64.101.220.157) by XCH-RTP-018.cisco.com (64.101.220.158) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 30 Jan 2017 10:11:21 -0500
Received: from xch-rtp-017.cisco.com ([64.101.220.157]) by XCH-RTP-017.cisco.com ([64.101.220.157]) with mapi id 15.00.1210.000; Mon, 30 Jan 2017 10:11:21 -0500
From: "Ram Mohan R (rmohanr)" <rmohanr@cisco.com>
To: Alexey Melnikov <aamelnikov@fastmail.fm>, The IESG <iesg@ietf.org>
Thread-Topic: Alexey Melnikov's No Objection on draft-ietf-bfcpbis-bfcp-websocket-13: (with COMMENT)
Thread-Index: AQHScN+m3ScWswMku0+y1F9K/iBRD6FR5HwA
Date: Mon, 30 Jan 2017 15:11:20 +0000
Message-ID: <CC608477-79C4-4DAB-A4E5-997F30CDF97D@cisco.com>
References: <148467088398.32098.5746976377858263906.idtracker@ietfa.amsl.com>
In-Reply-To: <148467088398.32098.5746976377858263906.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1a.0.160910
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.65.75.132]
Content-Type: text/plain; charset="utf-8"
Content-ID: <16D1759D9F783D4DB3951BBE0F884259@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/bfcpbis/fZpS4ubaMjWTKjkWQS8-KYWgkfM>
Cc: "bfcpbis@ietf.org" <bfcpbis@ietf.org>, "draft-ietf-bfcpbis-bfcp-websocket@ietf.org" <draft-ietf-bfcpbis-bfcp-websocket@ietf.org>, "Charles Eckel (eckelcu)" <eckelcu@cisco.com>, "bfcpbis-chairs@ietf.org" <bfcpbis-chairs@ietf.org>
Subject: Re: [bfcpbis] Alexey Melnikov's No Objection on draft-ietf-bfcpbis-bfcp-websocket-13: (with COMMENT)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2017 15:11:34 -0000

Hi Alexey,

Please see inline <Ram> for my responses

-----Original Message-----
From: Alexey Melnikov <aamelnikov@fastmail.fm>
Date: Tuesday, 17 January 2017 at 10:04 PM
To: The IESG <iesg@ietf.org>
Cc: "draft-ietf-bfcpbis-bfcp-websocket@ietf.org" <draft-ietf-bfcpbis-bfcp-websocket@ietf.org>, "Charles Eckel (eckelcu)" <eckelcu@cisco.com>, "bfcpbis-chairs@ietf.org" <bfcpbis-chairs@ietf.org>, "Charles Eckel (eckelcu)" <eckelcu@cisco.com>, "bfcpbis@ietf.org" <bfcpbis@ietf.org>
Subject: Alexey Melnikov's No Objection on draft-ietf-bfcpbis-bfcp-websocket-13: (with COMMENT)
Resent-From: <alias-bounces@ietf.org>
Resent-To: <anton.roman@quobis.com>, <stephane.cazeaux@orange.com>, <gsalguei@cisco.com>, <sergio.garcia.murillo@gmail.com>, <rmohanr@cisco.com>, <victor.pascual.avila@oracle.com>
Resent-Date: Tuesday, 17 January 2017 at 10:04 PM

    Alexey Melnikov has entered the following ballot position for
    draft-ietf-bfcpbis-bfcp-websocket-13: No Objection
    
    When responding, please keep the subject line intact and reply to all
    email addresses included in the To and CC lines. (Feel free to cut this
    introductory paragraph, however.)
    
    
    Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
    for more information about IESG DISCUSS and COMMENT positions.
    
    
    The document, along with other ballot positions, can be found here:
    https://datatracker.ietf.org/doc/draft-ietf-bfcpbis-bfcp-websocket/
    
    
    
    ----------------------------------------------------------------------
    COMMENT:
    ----------------------------------------------------------------------
    
    
    In 4.2, last sentence: wouldn't that require a new WebSocket sub-protocol
    identifier?
<Ram> Yes section 10 of this draft defines the new sub-protocol identifier. Do you see a need for anything else ?
    
    In 6.2: some formatting errors in the PDF version. Also, I think you
    meant Section 3.3 (not 3.2) when talking about WSS.
<Ram> I have fixed this now in my local copy. Now we are having only one attribute (a=websocket-uri) that will point to either ws-URI or wss-URI. 
    
    In 7.2: when referencing Section 3, you are missing the RFC number. At
    least section 3 of this draft is not relevant.
<Ram> I fixed this now. I have pointed to the section of ietf-bfcpbis-sdp-ws-uri where the new SDP attribute is defined.
    
    In 8: HTTP authentication text is rather weak.
<Ram> I will add the below text (considering the feedback from Kathleen Moriarty and Stephen as well)
EXISTING:
         If the status code received from the server is not 101,
          the WebSocket client stack handles the response per HTTP
          [RFC7230] procedures, in particular the
          client might perform authentication if it receives 401
          status code.
NEW:
        If the status code received from the server is not 101,
          the WebSocket client stack handles the response per HTTP
          [RFC7230] procedures, in particular the
          client might perform authentication if it receives 401
          status code.  The WebSocket clients are vulnerable to the attacks
         of basic authentication (mentioned in Section 4 of [RFC7617]) and 
        digest authentication (mentioned in Section 5 of [RFC7616]). To overcome
        some of these weakness, the WebSocket clients can use HTTP Origin-Bound Authentication (HOBA)
        mechanism mentioned in [RFC7486].

Does this look ok ?
Regards,
Ram