Re: [MMUSIC] Is ice-mismatch media or session level?

Suhas Nandakumar <suhasietf@gmail.com> Fri, 24 May 2019 21:43 UTC

Return-Path: <suhasietf@gmail.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E60D5120316 for <mmusic@ietfa.amsl.com>; Fri, 24 May 2019 14:43:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id adWePPQJTO-5 for <mmusic@ietfa.amsl.com>; Fri, 24 May 2019 14:43:35 -0700 (PDT)
Received: from mail-ua1-x929.google.com (mail-ua1-x929.google.com [IPv6:2607:f8b0:4864:20::929]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05A671200E9 for <mmusic@ietf.org>; Fri, 24 May 2019 14:43:35 -0700 (PDT)
Received: by mail-ua1-x929.google.com with SMTP id 79so4220351uav.6 for <mmusic@ietf.org>; Fri, 24 May 2019 14:43:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BSmOQRUAZKFxo78Dj5fIKnWZ3v3NIjVgSErEP77847I=; b=aphkIkH99sJH2QkeSi9ZklrK3eFQz2akbe2R49oP0fKtftCfxg//6fcwCdmHlfbm+0 0kRltvVaTkxtcgvMuO5orsSXgbtsv6nfkDfPIo4ZkrwggkwCHFtlXR2xNGljbolViSf3 MrMj7stedtMZuwjHmDY152wCBfECrc2Tt9ZvoG22tuatS40Rg8pVA/u1A9P6zEPTOlVG pcZSa+xma+mIHbJPtQ39Pznqmx72d/+ktt/acCpKkwRac21pP73IVZFLuKe22C5ArWA1 rkLHOSNwXQcF+6icylj+HLuN4jSOtRiLs1C08HqwEP8Jkv761O8c1HR8+dlvj6zyM2Ky atSA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BSmOQRUAZKFxo78Dj5fIKnWZ3v3NIjVgSErEP77847I=; b=q+jlVU5hPE3JN2wJJX6gKyu0qkIyrQsGQaoDbgCKK5y2tMrsJOPdIeH7g38UK4Lrd6 Kg+s1HBQaSV+wsiieTriW/q5JdYzo5Ha08UTNv0Sc41UBPLXHXaUtR8bOyWGsRKb9A+P tub2XoU9vCGNQ/CXi/oOmBsrGzagTP/FHcQjKcMKZfhtUB1pcgCf3PhFeSZyMQ5HrqcU D9QGU/MRFQg4IcqpFdPlulWX9RsoLOs2zGAv8a9klhDUSOTThTR+j0Ozg9KcPcbaMgm7 r2hUu2gkXGlNBQgBTUa2WDOiFqofyncnMmApnsH4FzQ7poC/a9gN+oiv4joJkeq4LIAE 2k4w==
X-Gm-Message-State: APjAAAUkQiwyKmEmDJ+Kpe9PN85oJnYS6+XcEZE1nLnLQhC/EaypvjEv L+3eqf6FbZCpinTncWQelBjzW2ONwtm+/lN3c+4=
X-Google-Smtp-Source: APXvYqxo1ortwbxhyy0pMXEIGiDDwvhJtb8kqYozipHwnUTm6uRpyvGxNkwr0J0e+8Jf9WHgSkEUye65M8mQK7zf9HA=
X-Received: by 2002:ab0:7019:: with SMTP id k25mr31893616ual.49.1558734214115; Fri, 24 May 2019 14:43:34 -0700 (PDT)
MIME-Version: 1.0
References: <CAD5OKxvGcC0inLRxwTHKdWW3z6xM2PWjV=1J8+3_zwQsF3tCaA@mail.gmail.com> <HE1PR07MB3161E1BDB1E2439E1A9CE785933F0@HE1PR07MB3161.eurprd07.prod.outlook.com> <CAD5OKxtqKi1ucRXd5xrZrsM6hiqu=FUULx3mQv+=bZx3YHMbLg@mail.gmail.com> <310293b1-0fbf-9b74-03ca-63ad8d4b80bd@cisco.com> <CAMRcRGSyWB3O04CDOUx1oXtyL=AyB--dM-e+ABfm2dN16RK7sw@mail.gmail.com> <222e6d5f-dcca-56c8-095d-e8ca96b1948b@cisco.com> <CAMRcRGQYuv0M5pcrjAfFLUk5J4VcGMAMm_hSTWB+k=ackcxbZQ@mail.gmail.com> <e3523821-b7bf-0d1b-7b10-d38b64e4110c@cisco.com> <26BDCCFB-A65F-417C-8291-B490386ED869@ericsson.com> <CAMRcRGQtyttNhJrPkUEVS9wkVHVQ=XeZ2HDUEBwq-g5995mgvg@mail.gmail.com> <CAD5OKxvts_xviXW4R3rj1CYYxdzSQCLGTWwa+ZUExF_dHFT+gg@mail.gmail.com> <CAD5OKxtYhKgAf_cqRBJYgZZ5z-R1Qaj=UjjsxRvrbFcno3YV+Q@mail.gmail.com>
In-Reply-To: <CAD5OKxtYhKgAf_cqRBJYgZZ5z-R1Qaj=UjjsxRvrbFcno3YV+Q@mail.gmail.com>
From: Suhas Nandakumar <suhasietf@gmail.com>
Date: Sat, 25 May 2019 03:13:22 +0530
Message-ID: <CAMRcRGR6q7oX1bSToe1G-kgywYx+CgQbO0ZPD3zTj7_s1SZW1A@mail.gmail.com>
To: Roman Shpount <roman@telurix.com>
Cc: Christer Holmberg <christer.holmberg@ericsson.com>, Flemming Andreasen <fandreas@cisco.com>, mmusic WG <mmusic@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000021b7220589a9171f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/D9665Mphh4CPDOX3_Za2uihPF0I>
Subject: Re: [MMUSIC] Is ice-mismatch media or session level?
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 May 2019 21:43:39 -0000

Hi Roman

Please go ahead with PR on that branch

Thanks
Suhas

On Sat, May 25, 2019 at 3:07 AM Roman Shpount <roman@telurix.com>; wrote:

> Hi Suhas,
>
> I have looked at ice-mismatch branch and I think there is a slight
> confusion there between presence of a=ice-mismatch in the answer and ICE
> mismatch condition (ICE validation procedures failing for the answer).
>
> There are three distinct conditions when m= line in the answer is
> processed:
>
> In case a=ice-mismatch is included in only some m= lines out of several,
> ICE should not be used only for these specific m= lines and RFC 3264
> procedures should be followed instead for these m= lines only.
>
> In case if offerer did not include any ICE attributes (offerer does not
> support ICE) or if offerer included a=mismatch into all m= lines, ICE
> should be terminated for the entire sessions and RFC 3264 procedures should
> be followed instead for the whole session.
>
> In case if ICE validation procedures failed for one or more m= line in the
> answer (answerer detected ICE mismatch), the behavior is unspecified
> (answerer will likely terminate the session or emit a groan of unearthly
> pain and die) .
>
> Let me know if you want a pull request on this branch.
> _____________
>
> Roman Shpount
>
>
> On Mon, May 20, 2019 at 5:03 PM Roman Shpount <roman@telurix.com>; wrote:
>
>> Hi All,
>>
>> Few comments about this:
>>
>> 1. Section 3.2.5 needs to be rewritten to specify that Verifying ICE
>> Support procedures is per m= line:
>>
>> First change old text:
>>
>> If this condition is not met, the agents MUST process the SDP based on
>> normal [RFC3264] procedures, without using any of the ICE mechanisms
>> described in the remainder of this specification with the few exceptions
>> noted below:
>>
>> First change new text:
>>
>> If this condition is not met, the agents MUST process the SDP *for the
>> media stream* based on normal [RFC3264] procedures, without using any of
>> the ICE mechanisms described in the remainder of this specification with
>> the few exceptions noted below:
>>
>> Second change old text:
>>
>> In some cases, controlling/initiator agent may receive the SDP answer
>> that may omit "a=candidate" attributes for the media streams, and instead
>> include a session level "a=ice-mismatch" attribute.  This signals to the
>> offerer that the answerer supports ICE, but that ICE processing was not
>> used for this session.  This specification provides no guidance on how an
>> agent should proceed in such a failure case.
>>
>> Second change new text:
>>
>> In some cases, controlling/initiator agent may receive the SDP
>> answer that may omit "a=candidate" attributes for the media *stream*,
>> and instead include a *media *level "a=ice-mismatch" attribute.
>> This signals to the offerer that the answerer supports ICE, but that
>> ICE processing was not used for this *media stream*.  In this case,  ICE
>> processing MUST be terminated for this media stream and SDP for this media
>> stream MUST be processed based on normal [RFC3264] procedures.
>>
>> 2. Section 3.3.3 says "If the answer does not indicate that the answerer
>> supports ICE, or if the offerer detects an ICE mismatch in the answer, the
>> offerer MUST terminate the usage of ICE". This needs to be clarified that
>> if "a=ice-mismatch" attribute is included in the m= line, ICE processing
>> MUST be terminated for this m= line only and this m= line MUST be processed
>> based on procedures described in RFC 3264. If "a=ice-mismatch" is included
>> in all m= lines in the answer, then ICE processing MUST be terminated for
>> the entire session.
>>
>> 3. We need to specify somewhere that a=ice-mismatch is only allowed in
>> the answer and MUST not be present in the offer.
>>
>> P.S. This would be much easier as a pull request but the repo is out of
>> date.
>> _____________
>> Roman Shpount
>>
>>
>> On Thu, May 16, 2019 at 4:28 PM Suhas Nandakumar <suhasietf@gmail.com>;
>> wrote:
>>
>>>
>>>
>>> On Thu, May 16, 2019 at 12:25 AM Christer Holmberg <
>>> christer.holmberg@ericsson.com>; wrote:
>>>
>>>> Hi,
>>>>
>>>>
>>>>
>>>> >>>> I am inclined to leave it as media-level attribute. I am not sure
>>>> what more clarification is needed in the text today ?
>>>>
>>>> >>
>>>>
>>>> >>> Are the clarifications Roman suggested below already included ?
>>>>
>>>> >
>>>>
>>>> >> I am finding it hard to parse suggested clarification. I am sure I
>>>> am missing something.
>>>>
>>>> >
>>>>
>>>> > Roman suggested ice-mismatch should be defined for both media- and
>>>> session-level.
>>>>
>>>> >
>>>>
>>>> > Looking further at the current text, I'm not sure I agree since there
>>>> really isn't any normative behavior associated with receiving ice-mismatch.
>>>>
>>>> > Thus, I'd suggest simply keeping it as-is and media-level only.
>>>>
>>>>
>>>>
>>>> No matter whether it's session and/or media level, I still think there
>>>> needs to be normative behavior associated with receiving ice-mismatch.
>>>>
>>>>
>>>>
>>>> Section 5.4 of RFC 8445 says:
>>>>
>>>>
>>>>
>>>>    "Each using protocol needs to define whether the using protocol is
>>>>
>>>>    vulnerable to ICE mismatch, how ICE mismatch is detected, and
>>>> *whether*
>>>>
>>>> *   specific actions need to be taken when ICE mismatch is detected*."
>>>>
>>>
>>> [Suhas] RFC5245 never defined a normative behavior on how a ice-mismtach
>>> needs to be
>>> handled and I do agree with the intent there.
>>>
>>> ice-sip-sdp says this today
>>>
>>> Also to note, this specification provides no guidance on how an
>>>    controlling/initiator agent should proceed in scenarios where the the
>>>    SDP answer includes "a=ice-mismatch" from the peer.
>>>
>>>
>>> I am inclined to leave it as it is. RFC8445 doesn't mandate it either
>>> (referring to  *whether*
>>>
>>> *   specific actions need to be taken"*
>>>
>>>
>>>
>>>>
>>>> Regards,
>>>>
>>>>
>>>>
>>>> Christer
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Sun, May 12, 2019 at 8:41 PM Flemming Andreasen <mailto:
>>>> fandreas@cisco.com>; wrote:
>>>>
>>>> Based on the errata, it seems like the intent was for to be
>>>> media-level. I'd suggest we keep it that way and add the clarifications you
>>>> outline below.
>>>>
>>>>
>>>>
>>>> If people feel otherwise, please speak up no later than May 19.
>>>>
>>>>
>>>>
>>>> Thanks
>>>>
>>>>
>>>>
>>>> -- Flemming (with chair hat on)
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 4/29/19 4:44 PM, Roman Shpount wrote:
>>>>
>>>> Hi Christer,
>>>>
>>>>
>>>>
>>>> Thank you for reviewing and responding.
>>>>
>>>>
>>>>
>>>> On Sat, Apr 27, 2019 at 1:48 PM Christer Holmberg <mailto:
>>>> christer.holmberg@ericsson.com>; wrote:
>>>>
>>>> Before we just change something back we need to think what the reason
>>>> for the change to media-level was. Could it be related to RTCWEB?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> This is definitely not RTCWEB related, since RTCWEB should never
>>>> generate ice-mismatch or use it for any reason.
>>>>
>>>>
>>>>
>>>> The ice-mismatch attribute was session only according to RFC 5245
>>>> Section 21..1.4 (https://tools.ietf.org/html/rfc5245#section-21.1.4).
>>>> At the same time, according to RFC 5245 Section 15..3 (
>>>> https://tools.ietf.org/html/rfc5245#section-15.3), ice-mismatch is
>>>> media level attribute only. This being said, according to RFC 5245 Section
>>>> 6.1 (https://tools.ietf.org/html/rfc5245#section-6.1), ice-mismatch
>>>> applies to the whole session, but it is specified per m= line. According to
>>>> errata 3149 (https://www.rfc-editor.org/errata/eid3149), ice-mismatch
>>>> should be media level. So, it is a bit of a mess.
>>>>
>>>>
>>>>
>>>> I can change ice-mismatch back to media level, but what we need to
>>>> clarify then is the following: If ice-mismatch is present in the m= line,
>>>> does it stop ICE processing for the whole session or for this m= line only?
>>>>
>>>>
>>>>
>>>> If it stops ICE processing for the whole session then it makes little
>>>> or no sense being specified per m= line. If it only stops processing for
>>>> specific m= line, then ice-mismatch probably also makes sense at the
>>>> session level to stop ICE processing for the whole session.
>>>>
>>>>
>>>>
>>>> I am definitely open to input here.
>>>>
>>>> _____________
>>>>
>>>> Roman Shpount
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>>
>>>> mmusic mailing list
>>>>
>>>> mailto:mmusic@ietf.org
>>>>
>>>> https://www.ietf.org/mailman/listinfo/mmusic
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>>
>>>> mmusic mailing list
>>>>
>>>> mailto:mmusic@ietf.org
>>>>
>>>> https://www.ietf.org/mailman/listinfo/mmusic
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>>
>>>> mmusic mailing list
>>>>
>>>> mailto:mmusic@ietf.org
>>>>
>>>> https://www.ietf.org/mailman/listinfo/mmusic
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>> _______________________________________________
>>> mmusic mailing list
>>> mmusic@ietf.org
>>> https://www.ietf.org/mailman/listinfo/mmusic
>>>
>>