Re: [Ice] TLS Candidates
"Pal Martinsen (palmarti)" <palmarti@cisco.com> Wed, 01 March 2017 08:43 UTC
Return-Path: <palmarti@cisco.com>
X-Original-To: ice@ietfa.amsl.com
Delivered-To: ice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB1F61294DA for <ice@ietfa.amsl.com>; Wed, 1 Mar 2017 00:43:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.521
X-Spam-Level:
X-Spam-Status: No, score=-14.521 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uyKnli4bIflJ for <ice@ietfa.amsl.com>; Wed, 1 Mar 2017 00:43:57 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C9FF1294BF for <ice@ietf.org>; Wed, 1 Mar 2017 00:43:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=15992; q=dns/txt; s=iport; t=1488357837; x=1489567437; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=udShlwQ/nhjfBiu6662mCciy5fYkFgubKbg0Q03md/M=; b=H+oSCeool2GO0JBUpg5rCDiAxClZbd+CyIPzx8Igg+oJBkVSBwyhibBQ TFQ2ekQYo7kdyrRBc5W00a6gjg5or9t/KfERKSHpF8Qfhg8XL/+0lSVTV sLvcGSoh7xHKAV1xRlHspvpEDy6PBOVAp4N7xRlJQZYQ+W1y5HqICAOBN M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BCAgAribZY/49dJa1eGQEBAQEBAQEBAQEBBwEBAQEBg1BhgQkHg1SKCJFkiAyHfYUsgg0fAQyEHIFaAhqCFz8YAQIBAQEBAQEBYh0LhHABAQEEAQEhSxsCAQgRAwECKAMCAgIfBgsUCQgCBBMbiUYDFQ6xOoImhzoNg14BAQEBAQEBAQEBAQEBAQEBAQEBAQEdhkyCBYJqglGCIxaCUC6CMQWPVYwZOgGGdIcUhCmBe1OEToNThi2KTIhnAQ8QODxFVBUYJhEBhAQ5HYFhdQGIZIENAQEB
X-IronPort-AV: E=Sophos;i="5.35,224,1484006400"; d="scan'208,217";a="217500617"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 01 Mar 2017 08:43:56 +0000
Received: from XCH-RTP-019.cisco.com (xch-rtp-019.cisco.com [64.101.220.159]) by rcdn-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id v218ht0c002846 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <ice@ietf.org>; Wed, 1 Mar 2017 08:43:56 GMT
Received: from xch-rtp-019.cisco.com (64.101.220.159) by XCH-RTP-019.cisco.com (64.101.220.159) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 1 Mar 2017 03:43:55 -0500
Received: from xch-rtp-019.cisco.com ([64.101.220.159]) by XCH-RTP-019.cisco.com ([64.101.220.159]) with mapi id 15.00.1210.000; Wed, 1 Mar 2017 03:43:55 -0500
From: "Pal Martinsen (palmarti)" <palmarti@cisco.com>
To: "ice@ietf.org" <ice@ietf.org>
Thread-Topic: [Ice] TLS Candidates
Thread-Index: AQHSda7kVoaWhrafREGY+pScEtsCSKFuOZiAgBH+xgA=
Date: Wed, 01 Mar 2017 08:43:54 +0000
Message-ID: <BF168044-46C1-48C2-BC6C-6C606722CBAE@cisco.com>
References: <148491768993.13355.16722423940569276403.idtracker@ietfa.amsl.com> <9731EE32-8E08-447A-B028-A9B57ADD1A99@cisco.com> <CAOW+2dvSrGmwf53M-7qUc_p-gxEVNApNxqOeVBJ+JMwPsXiM=g@mail.gmail.com>
In-Reply-To: <CAOW+2dvSrGmwf53M-7qUc_p-gxEVNApNxqOeVBJ+JMwPsXiM=g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.61.197.153]
Content-Type: multipart/alternative; boundary="_000_BF16804446C148C2BC6C6C606722CBAEciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ice/4qPXBuR11czO4zK4baC14b46pPI>
Subject: Re: [Ice] TLS Candidates
X-BeenThere: ice@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interactive Connectivity Establishment \(ICE\)" <ice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ice>, <mailto:ice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ice/>
List-Post: <mailto:ice@ietf.org>
List-Help: <mailto:ice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ice>, <mailto:ice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Mar 2017 08:43:59 -0000
Hi, Seems like we have rough consensus that this is something that is useful. We currently have: - A problem that the WG is willing to work on and solve. - A draft that describes a possible solutions (Text and other drafts are of-course welcome). - A working implementation. (Library is open source, no open source client uses it yet..) - Discussion on list on whats working and whats not. Seems like a good recipe for a RFC. What er our options to speed up the process since we are not meeting during the next IETF? There is no need to rush, but always good to get work done and finished. Especially since this touches on connectivity and not optimisation. .-. Pål-Erik On 17 Feb 2017, at 22:55, Bernard Aboba <bernard.aboba@gmail.com<mailto:bernard.aboba@gmail.com>> wrote: I have read this draft, and like it. In practice there are enough customers restricting connectivity via UDP or TLS to make it worthwhile to implement TLS candidates. My experience is that customers who only allow TLS to port 443 also tend to impose other restrictions, such as forcing connections through an HTTPS proxy of some kind. So the considerations discussed in Section 6 are quite important. On Mon, Jan 23, 2017 at 11:28 AM, Pal Martinsen (palmarti) <palmarti@cisco.com<mailto:palmarti@cisco.com>> wrote: Hi all, There is a need for TLS candidates. We did an implementations, so we thought is was a good idea to write up a draft. Is this something others are interested in as well? (As there seems to be no ICE meeting next IETF it would be nice to get the discussion started on the list) .-. Pål-Erik Begin forwarded message: From: <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> Subject: New Version Notification for draft-martinsen-ice-tls-candidates-00.txt Date: 20 January 2017 at 14:08:09 GMT+1 To: Nathan Buckles <nbuckles@cisco.com<mailto:nbuckles@cisco.com>>, Paal-Erik Martinsen <palmarti@cisco.com<mailto:palmarti@cisco.com>> A new version of I-D, draft-martinsen-ice-tls-candidates-00.txt has been successfully submitted by Paal-Erik Martinsen and posted to the IETF repository. Name: draft-martinsen-ice-tls-candidates Revision: 00 Title: TLS Candidates for ICE Document date: 2017-01-20 Group: Individual Submission Pages: 6 URL: https://www.ietf.org/internet-drafts/draft-martinsen-ice-tls-candidates-00.txt Status: https://datatracker.ietf.org/doc/draft-martinsen-ice-tls-candidates/ Htmlized: https://tools.ietf.org/html/draft-martinsen-ice-tls-candidates-00 Abstract: This document introduces TLS candidates to ICE. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org/>. The IETF Secretariat _______________________________________________ Ice mailing list Ice@ietf.org<mailto:Ice@ietf.org> https://www.ietf.org/mailman/listinfo/ice
- [Ice] TLS Candidates Pal Martinsen (palmarti)
- Re: [Ice] TLS Candidates Roman Shpount
- Re: [Ice] TLS Candidates Simon Perreault
- Re: [Ice] TLS Candidates Pal Martinsen (palmarti)
- Re: [Ice] TLS Candidates Peter Thatcher
- Re: [Ice] TLS Candidates Roman Shpount
- Re: [Ice] TLS Candidates Bernard Aboba
- Re: [Ice] TLS Candidates Bernard Aboba
- Re: [Ice] TLS Candidates Pal Martinsen (palmarti)
- Re: [Ice] TLS Candidates Ari Keränen