IETF Logo Mail Archive

Re: [bfcpbis] Eric Rescorla's Discuss on draft-ietf-bfcpbis-rfc4583bis-26: (with DISCUSS and COMMENT)

Eric Rescorla <ekr@rtfm.com> Wed, 24 October 2018 19:54 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D98BA12DDA3 for <bfcpbis@ietfa.amsl.com>; Wed, 24 Oct 2018 12:54:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xq10x29-udip for <bfcpbis@ietfa.amsl.com>; Wed, 24 Oct 2018 12:54:12 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AB9E129619 for <bfcpbis@ietf.org>; Wed, 24 Oct 2018 12:54:11 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id z9-v6so1112119ljk.9 for <bfcpbis@ietf.org>; Wed, 24 Oct 2018 12:54:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4jC2Q57iUS6Z0M4nVUChsImm8WMa3ABa8u/g77DTs6o=; b=bb6SszGVrBs1eT0DVn381fWtOd448hHtWb96jFCo+/SOos8Tr0x/IRqWXSMcoVbMgm 9YLTNK8OXRWyUR173il8ZfVmBZsMBN0eybZNTvxVY5ytmaVLcc4qITgYLQfdRFumP/wU SIzKGggq7/BB0MCSwmVMF/uBpTusvf+b7NYRrLiylGHPGR0AYRY1EEVzUjOR1wkD3GkQ SsUN44KSaYw4OXH84wTIz7FoFqbtwgn1fhkVt1dKH5G+dGRerqEk6xwcogScI1MTzJ5e rRsalyvuIGoOg9czAFQ8KUZuR2LYEwhhBzoJF4gAXc5SAGdzPbnLCI7jaa9iOvLWETuy d1pg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4jC2Q57iUS6Z0M4nVUChsImm8WMa3ABa8u/g77DTs6o=; b=RFd6pxcy3eCU0uuEIMJl+QQ8U+YmtjdLrbJQ3q0yoBGaVyp6a7zWyFDja01HFCNcmY HyTTkw8F9pVPpIbYV8D8UjmGIKB9/veryZS7CYHsSUw+K+FsL9dseUJ0IXzkj5ia/DoZ QL2wGi4m3WsTsu0F3hoDQRS8n4NNijDpZZ9NjZBJS/6FBcbA99SF731RKWU+uVEPvhmq XUGLa1++FTm5oAXNxaHa9E3+npQnw1hGh3gd14bSpv/X4ar7vAzZeKueA++hRMRWKXJL WeBMvEgCbbcktkugo7H/4jNAhNgqtZoRBsncotauPVWB5U61tU8m1ZWGTFAkG9pznyOt vJmg==
X-Gm-Message-State: AGRZ1gIxQ6pWPK27gq320YL85z1lgc+SrFi5x+ZuGD25voI3RFOAR6g4 4zoxRDSW09Kz3Kfu+RH3t6+Q3bMYidP0cvFaCsp9NUYg
X-Google-Smtp-Source: AJdET5dLFdDfI6JV779AQpwQDAv+Eja8s3nZUuralI7XqvVsvBSmOjLr9WpG8oDMK3RbkS4Mo/3LZ9O7TBuvvSEVaSY=
X-Received: by 2002:a2e:2a43:: with SMTP id q64-v6mr2611258ljq.153.1540410849787; Wed, 24 Oct 2018 12:54:09 -0700 (PDT)
MIME-Version: 1.0
References: <154040901414.6834.17243795717657341259.idtracker@ietfa.amsl.com> <CAD5OKxtDT=20hX880j1h365TBSLyg=RfqrBF8d9YNidNyjutkA@mail.gmail.com>
In-Reply-To: <CAD5OKxtDT=20hX880j1h365TBSLyg=RfqrBF8d9YNidNyjutkA@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 24 Oct 2018 12:53:32 -0700
Message-ID: <CABcZeBMgFJR1MfXi+TLMph6tJLNXLMxMRYv0zVTCdvdX7yjM3g@mail.gmail.com>
To: Roman Shpount <roman@telurix.com>
Cc: IESG <iesg@ietf.org>, bfcpbis@ietf.org, Mary Barnes <mary.ietf.barnes@gmail.com>, draft-ietf-bfcpbis-rfc4583bis@ietf.org, bfcpbis-chairs@ietf.org
Content-Type: multipart/alternative; boundary="0000000000008295e00578fed9b8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bfcpbis/zG0O1zomFxnsq_F0c2QjaF2AAiM>
Subject: Re: [bfcpbis] Eric Rescorla's Discuss on draft-ietf-bfcpbis-rfc4583bis-26: (with DISCUSS and COMMENT)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2018 19:54:14 -0000

On Wed, Oct 24, 2018 at 12:50 PM Roman Shpount <roman@telurix.com> wrote:

> Hi Eric,
>
> Since I have helped with ICE related sections of this draft, I can provide
> answers to some of your comments:
>
> On Wed, Oct 24, 2018 at 3:23 PM Eric Rescorla <ekr@rtfm.com> wrote:
>
>> S 9.
>> >      transport is used for the default candidate, then the 'm' line
>> proto
>> >      value MUST be 'UDP/TLS/BFCP'.  If TCP transport is used for the
>> >      default candidate, the 'm' line proto value MUST be
>> 'TCP/DTLS/BFCP'.
>> >
>> >         Note: Usage of ICE with protocols other than UDP/TLS/BFCP and
>> >         TCP/DTLS/BFCP is outside of scope for this specification.
>>
>> this is very different from any other use of ICE, and I'm not sure
>> it's interoperable, unless you require that only TCP or only UDP
>> candidates be offered (which you do not seem to). The reason is that
>> with ICE you can flip between different candidates as part of the
>> negotiation. So what happens if I initially get a UDP candidate and
>> then via aggressive nomination settle on TCP (or vice versa). DTLS and
>> TLS aren't really interoperable in that way. It would be far better to
>> do what WebRTC does and when you do ICE, always do DTLS even if it's
>> over TCP.
>>
>>
> When ICE is used, DTLS is always used exactly for the reasons you
> mention.  End points only allowed to use 'UDP/TLS/BFCP', which is DTLS over
> UDP, or 'TCP/DTLS/BFCP', which is DTLS over TCP. DTLS over UDP is only
> named  'UDP/TLS/BFCP' instead of  'UDP/DTLS/BFCP' for legacy interop
> reasons, since some implementations apparently already added support for
> this.  Please note that naming of BFCP over DTLS over UDP  as
> 'UDP/TLS/BFCP'  is similar to naming RTP over DTLS over UDP as
> "UDP/RTP/TLS/SAVP".
>

Ah, I missed this. But then I do wonder whether it's really useful to have
two proto versions here, rather than just UDP/TLS/BFCP. We didn't find it
helpful in JSEP....



>
>> S 5.5.
>> >      'bfcpver' attribute in offers and answers.  The attribute value, if
>> >      present, MUST be in accordance with the definition of the Version
>> >      field in [I-D.ietf-bfcpbis-rfc4582bis].  If the attribute is not
>> >      present, endpoints MUST assume a default value in accordance with
>> >      [I-D.ietf-bfcpbis-rfc4582bis]: when used over a reliable transport
>> >      the default attribute value is "1", and when used over an
>> unreliable
>>
>> Just for clarity: UDP over TURN-TCP is an unreliable transport, right?
>>
>>
> UDP/BFCP, UDP/TLS/BFCP, and TCP/DTLS/BFCP are all unreliable transports,
> even if TURN-TCP or TURN-TLS is used. Only TCP/BFCP and TCP/TLS/BFCP
> transports are considered reliable. Do you think it should be explicitly
> spelled out?
>

It shouldn't have to be, but people seem to get confused.

-Ekr


> Regards,
> _____________
> Roman Shpount
>
>
>

v2.23.0 | Report a Bug | By Email