Re: [MMUSIC] Updating the pacing of ICE connectivity checks
"Dan Wing" <dwing@cisco.com> Thu, 14 February 2013 23:55 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 672C621F85E6 for <mmusic@ietfa.amsl.com>; Thu, 14 Feb 2013 15:55:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.216
X-Spam-Level:
X-Spam-Status: No, score=-110.216 tagged_above=-999 required=5 tests=[AWL=0.383, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fx4ft7497kld for <mmusic@ietfa.amsl.com>; Thu, 14 Feb 2013 15:55:01 -0800 (PST)
Received: from mtv-iport-2.cisco.com (mtv-iport-2.cisco.com [173.36.130.13]) by ietfa.amsl.com (Postfix) with ESMTP id 405E421F85DF for <mmusic@ietf.org>; Thu, 14 Feb 2013 15:55:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1341; q=dns/txt; s=iport; t=1360886101; x=1362095701; h=from:to:cc:references:in-reply-to:subject:date: message-id:mime-version:content-transfer-encoding; bh=0SlCAH8pwK3Jupb7C5gdYwK6OP095GDXVMwwDm8PSy8=; b=XDom5SebXiOXDbOy1oRIogTqhKrRWa5BBQegN4bU3TmqIWyh9aMCbjPu eC6sa1RGD3XqQubUGrmgZfZT99eWLaaL4ey7RRzIk15lknR6O+LvCIrU1 NMjQydIFowhUYKEcoZvaxlMhYOPg6mTtRf35t/M4iuNpNVDJF3Jl/1EbF M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EABN4HVGrRDoJ/2dsb2JhbABFwFsWc4IfAQEBBAgCbwwBAwIJEQQBAQEnBxktCQgCBBMLBYgBvSeNRYQ/A4gwNoUhiB2QU4MogUk
X-IronPort-AV: E=Sophos;i="4.84,666,1355097600"; d="scan'208";a="72273701"
Received: from mtv-core-4.cisco.com ([171.68.58.9]) by mtv-iport-2.cisco.com with ESMTP; 14 Feb 2013 23:55:00 +0000
Received: from DWINGWS01 ([10.154.36.85]) by mtv-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r1ENt0sf004817; Thu, 14 Feb 2013 23:55:00 GMT
From: Dan Wing <dwing@cisco.com>
To: 'Matthew Kaufman' <matthew@matthew.at>
References: <511CEB64.6070306@ericsson.com> <05a401ce0ac6$db547230$91fd5690$@cisco.com> <511D03A7.1060008@ericsson.com> <511D0498.3030909@jitsi.org> <511D07F1.3070808@ericsson.com> <085d01ce0b0d$12dbfb10$3893f130$@cisco.com> <AA2FE935-F441-4A68-B104-1AF5F01600AF@matthew.at>
In-Reply-To: <AA2FE935-F441-4A68-B104-1AF5F01600AF@matthew.at>
Date: Thu, 14 Feb 2013 15:55:00 -0800
Message-ID: <086d01ce0b0e$b35a2480$1a0e6d80$@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHEzjPbQxUzVAxWufG5eY2LeHo6PAE3VhFkAl3CtsIB+REApAJspBJ/AmM1OvkCVE8nupgm7a4w
Content-Language: en-us
Cc: 'Magnus Westerlund' <magnus.westerlund@ericsson.com>, 'Ari Keränen' <ari.keranen@ericsson.com>, 'mmusic' <mmusic@ietf.org>
Subject: Re: [MMUSIC] Updating the pacing of ICE connectivity checks
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2013 23:55:05 -0000
> -----Original Message----- > From: Matthew Kaufman [mailto:matthew@matthew.at] > Sent: Thursday, February 14, 2013 3:47 PM > To: Dan Wing > Cc: Magnus Westerlund; Emil Ivov; Ari Keränen; mmusic > Subject: Re: [MMUSIC] Updating the pacing of ICE connectivity checks > > > > On Feb 14, 2013, at 3:43 PM, "Dan Wing" <dwing@cisco.com> wrote: > > > > > Question, playing devil's advocate: is the voice hammer attack (or a > > STUN connectivity check hammer attack) worse than a web page full of > > HTML IMG tags pointing at a victim's web server, which I believe has > > no protection or pacing? Has such an HTML IMG attack been a real > > problem, or do we consider it will be a problem? > > Most browsers do have a limit for the number of simultaneous IMG loads, > some even more so if they all appear to be pointed at the same domain. > > Matthew Kaufman= I guess you are referring to the per-server HTTP connection limit, but I am guessing on your reference. If so, perhaps modeling the ICEbis limits (for ICE connectivity checks) on that design is a straw man we should consider. If not, perhaps you could clarify what Most Browsers do regarding such a crafted web page (which of course need not be IMG, but any HTML tag that pulls content from another host). -d
- [MMUSIC] Updating the pacing of ICE connectivity … Ari Keränen
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Dan Wing
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Ari Keränen
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Emil Ivov
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Ari Keränen
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Magnus Westerlund
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Ari Keränen
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Emil Ivov
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Dan Wing
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Matthew Kaufman
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Dan Wing
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Dale R. Worley
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Gonzalo Camarillo
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Emil Ivov
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Pal Martinsen (palmarti)
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Dan Wing
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Martin Thomson
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Cullen Jennings (fluffy)
- Re: [MMUSIC] Updating the pacing of ICE connectiv… Ari Keränen