IETF Logo Mail Archive

RE: [midcom] draft-ietf-midcom-requirements-01.txt

"Christian Huitema" <huitema@windows.microsoft.com> Mon, 25 June 2001 18:53 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA24039 for <midcom-archive@odin.ietf.org>; Mon, 25 Jun 2001 14:53:57 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id OAA20662; Mon, 25 Jun 2001 14:47:08 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id OAA20630 for <midcom@ns.ietf.org>; Mon, 25 Jun 2001 14:47:06 -0400 (EDT)
Received: from mail4.microsoft.com (mail4.microsoft.com [131.107.3.122]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA23837 for <midcom@ietf.org>; Mon, 25 Jun 2001 14:46:22 -0400 (EDT)
Received: from 157.54.9.100 by mail4.microsoft.com (InterScan E-Mail VirusWall NT); Mon, 25 Jun 2001 10:48:16 -0700 (Pacific Daylight Time)
Received: from red-imc-01.redmond.corp.microsoft.com ([157.54.9.102]) by inet-imc-03.redmond.corp.microsoft.com with Microsoft SMTPSVC(5.0.2195.2966); Mon, 25 Jun 2001 10:48:13 -0700
Received: from win-imc-01.wingroup.windeploy.ntdev.microsoft.com ([157.54.0.39]) by red-imc-01.redmond.corp.microsoft.com with Microsoft SMTPSVC(5.0.2195.2883); Mon, 25 Jun 2001 10:48:12 -0700
Received: from win-msg-02.wingroup.windeploy.ntdev.microsoft.com ([157.54.0.134]) by win-imc-01.wingroup.windeploy.ntdev.microsoft.com with Microsoft SMTPSVC(5.0.2195.2966); Mon, 25 Jun 2001 10:47:43 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.0.4712.0
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Subject: RE: [midcom] draft-ietf-midcom-requirements-01.txt
Date: Mon, 25 Jun 2001 10:47:43 -0700
Message-ID: <F66A04C29AD9034A8205949AD0C9010418BE7F@win-msg-02.wingroup.windeploy.ntdev.microsoft.com>
Thread-Topic: [midcom] draft-ietf-midcom-requirements-01.txt
Thread-Index: AcD9m6A5w1Z6drz5RrKoSmUrq5MVdwAAkHMg
From: Christian Huitema <huitema@windows.microsoft.com>
To: richard.swale@bt.com, mshore@cisco.com, christopher.a.martin@wcom.com, midcom@ietf.org
X-OriginalArrivalTime: 25 Jun 2001 17:47:43.0225 (UTC) FILETIME=[EF905E90:01C0FD9E]
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by optimus.ietf.org id OAA20633
Sender: midcom-admin@ietf.org
Errors-To: midcom-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: <midcom.ietf.org>
X-BeenThere: midcom@ietf.org
Content-Transfer-Encoding: 8bit

I wrote the scenario draft precisely so we could check that what we are
designing enables the use that we are planning. In section 2.3.1,
"Explicit call from an internal host", I wrote:

	We should note that, at step 2, the internal server 
	must learn the external mappings of the internal address 
	and ports; at this stage, it does no know the IP address 
	and ports of the third party.

This is very much a fact of life. If you are unwilling to open the hole
before you know the complete five-tuple, then there is a race condition
between opening the hole and receiving the first audio packets;
announcements and first words will sometimes be clipped. A few lines
letter, the scenario text explains that:

	The description assumes that the hosts use the same UDP ports 
	in both direction of the media communication. This is not 
	necessarily the case. The source IP address may be unpredictable

	in the case of multi-homed hosts; the source port may be 
	systematically different from the receive port in some 
	implementation, e.g. parallel processing of the send and receive

	channels by different software or hardware components. 

SIP and SDP, as they are defined today, only provide the address at
which a host is ready to receive data. They do not document the sending
address. The requirement document already mention that the protocol
should allow use of wildcards for specifying pinholes. We may expect
this to be used frequently.

-- Christian Huitema

> -----Original Message-----
> From: richard.swale@bt.com [mailto:richard.swale@bt.com] 
> Sent: Monday, June 25, 2001 10:13 AM
> To: Christian Huitema; mshore@cisco.com; 
> christopher.a.martin@wcom.com; midcom@ietf.org
> Subject: RE: [midcom] draft-ietf-midcom-requirements-01.txt
> 
> 
> Christian,
> 
> > The examples about RTP have outlined the fact that RTP pin-hole 
> > typically are of the form "allow data from unknown sources 
> and ports 
> > to reach a specific address and port." It is true that the 
> average RTP
> > session will require 2 pinholes. But in this case, the direction is
> > expressed trivially; there is no need for a multi-value field.
> > 
> 
> While possible as an option I don't think openning ports to 
> allow allow data
> from unknown sources and ports is necessarily wise as a 
> security policy for
> a complete solution. We should allow for more precise cases 
> where a more
> strict policy is applied( open an RTP stream from THIS source 
> and port to
> THAT source and port.), shouldn't we?
> 
> regards
> 
> Richard
> 
> _______________________________________________
> midcom mailing list
> midcom@ietf.org
> http://www.ietf.org/mailman/listinfo/midcom
> 

_______________________________________________
midcom mailing list
midcom@ietf.org
http://www.ietf.org/mailman/listinfo/midcom

v2.23.0 | Report a Bug | By Email