[MMUSIC] AD evaluation: draft-ietf-mmusic-rtsp-nat-evaluation-13
Alissa Cooper <alissa@cooperw.in> Thu, 15 May 2014 21:31 UTC
Return-Path: <alissa@cooperw.in>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C16CB1A0158 for <mmusic@ietfa.amsl.com>; Thu, 15 May 2014 14:31:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.8
X-Spam-Level:
X-Spam-Status: No, score=-0.8 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oEkJPMCYGTx7 for <mmusic@ietfa.amsl.com>; Thu, 15 May 2014 14:31:28 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E52411A0152 for <mmusic@ietf.org>; Thu, 15 May 2014 14:31:27 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.mail.srv.osa [10.202.2.41]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id ABE1F2123F for <mmusic@ietf.org>; Thu, 15 May 2014 17:31:19 -0400 (EDT)
Received: from frontend2 ([10.202.2.161]) by compute1.internal (MEProxy); Thu, 15 May 2014 17:31:19 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=cooperw.in; h=date :subject:from:to:message-id:mime-version:content-type :content-transfer-encoding; s=mesmtp; bh=FMicjTaJ4k7LIya4hLdyriB NX0Y=; b=vHyQl9CVFU2dZhY2cu1h74bDF2q+veG2sfKG5BcGe0IPazyHJLMWuDF O4MJosa94W6UqyFI46aT+LraGdzh67qjRumvsPTEilr/qAcuotHlRdXlyzDSjiJm 6JB2t0DOIRaOklJqgzjJUdOSbCJYud7NqyGmzbCf0hqvtUpCVlhc=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=date:subject:from:to:message-id :mime-version:content-type:content-transfer-encoding; s=smtpout; bh=FMicjTaJ4k7LIya4hLdyriBNX0Y=; b=fg9nBN2oGq7MEftfqOziksCvk2qw X0ncoizcDNTG4IotQq7fMQNLeRxHQmeSx9RkHB6suNkjTkhpWBxVGg7bjazEQ5nl Cz8PZ+VzGekHS1HYb4ANhXtZqP9Mk/ycdxrGmskNJ8vd0USuI1LRlPWqzzmb9n/3 kl0rVRyikQ1Ch9I=
X-Sasl-enc: z048UxXx5EG5Er/sfk6aFA/LBEu/0UWtKfcKv8Pz/7TL 1400189479
Received: from [171.68.20.90] (unknown [171.68.20.90]) by mail.messagingengine.com (Postfix) with ESMTPA id 7CA1868015E for <mmusic@ietf.org>; Thu, 15 May 2014 17:31:17 -0400 (EDT)
User-Agent: Microsoft-MacOutlook/14.3.9.131030
Date: Thu, 15 May 2014 14:31:19 -0700
From: Alissa Cooper <alissa@cooperw.in>
To: mmusic@ietf.org
Message-ID: <CF99093B.398BC%alcoop@cisco.com>
Thread-Topic: AD evaluation: draft-ietf-mmusic-rtsp-nat-evaluation-13
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/mmusic/Faxmd7SId_yCPbuRJEPUPhnJJPU
Subject: [MMUSIC] AD evaluation: draft-ietf-mmusic-rtsp-nat-evaluation-13
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 May 2014 21:31:31 -0000
I have reviewed draft-ietf-mmusic-rtsp-nat-evaluation-13 and I have a number of comments and questions below that I’d like to see resolved before sending this document to IETF LC. I’ve also included a long list of nits below to be resolved along with any LC comments. Overall, although the content of this document is good, I wish the clarity would have been better — it was quite difficult to review. Comments and questions: General: It might be good in the introduction to characterize the extent to which this document is focused on single-NAT environments versus CGN/multiple NAT. The applicability of the various solutions in CGN environments is touched on here and there, but it would be good to set out the scope at the beginning. There are a number of references to an RSTP server being “in the public” or “public.” I think it would be better in those cases to say that the server is not behind a NAT, as opposed to “public." Sec 2: "If a client does not receive data within a few seconds after having received the "200 OK" response to a PLAY request, there are likely some middleboxes blocking the traffic.” This seems like a fairly sweeping statement. Surely the lack of response could be caused by congestion somewhere along the path? I would suggest: "If a client does not receive data within a few seconds after having received the "200 OK" response to a PLAY request, it may be the result of a middlebox blocking the traffic.” Sec 3: "In terms of requirements, the first requirement should be to solve the RTSP NAT traversal problem for RTSP servers deployed in a public network, i.e. no NAT at the server side.” What does “the first requirement” mean? It seems to me that the analysis in Section 4 covers cases where the server is behind a NAT and where it is not. "Should have minimal impact on clients in the open and not dual-hosted." I don’t understand this. What does it mean for a client to be “in the open”? And are you recommending minimal impact only in the case of single-hosted RTSP? Sec 4.1.4: "Using STUN does not require RTSP server modifications” This is only true for servers that already implement RTSP 2.0. This should be made explicit. Sec 4.2.5: "The removal of STUN capability in the client implementations will have to wait until there is absolutely no need to use STUN.” I don’t quite get why this text is here. Of course if NAT ever disappears entirely, then none of the mechanisms described in this document will be necessary, but that seems unlikely any time soon. In general, I’m not sure I understand the purpose of the “Transition” sections in this document, nor do I understand why they appear for some of the mechanisms but not others. Could the authors provide a justification for that? Sec 4.2.6: The previous section said "See next section for an in-depth security discussion” and this section just points back to 4.1.5. Was that intentional? Sec 4.3.2: “High performance rather than always successful is recommended, as it is most likely to be a server in the public.” Not quite sure what this means. I assume the “it” refers to the server to which the client is connecting? Even so, I don’t understand the claim. Is it that in general RTSP servers are more likely to be directly addressable than they are to be behind a NAT? Sec 4.3.5: For a section that is meant to explain the security properties of this solution choice, this seems a little thin. In particular, it’s not clear what it means to use ICE “correctly.” There are some attacks that are only mitigated if RTSP signaling is confidentiality protected — that’s not really a matter of “correctness,” but an implementation choice that deserves mention here. Sec. 4.4.3: "The format of the RTP packet for "connection setup" (a.k.a Latching packet) is yet to be defined. One possibility is to use RTP No-Op packet format in [I-D.ietf-avt-rtp-no-op].” I’m assuming there isn’t actually any plan to define this. If that’s the case, it would be better to just say so, rather than implying otherwise. The text in 4.5.1 gets this right. Sec 4.5.1: "Latching as described above requires the usage of a valid RTP format as the Latching packet, i.e. the first packet that the client sends to the server to set up virtual RTP connection. Need different phrasing for “virtual RTP connection” — it’s not actually virtual. Sec 4.7.4: "An ALG will not work with deployment of end-to-end RTSP signaling security. Therefore deployment of ALG will likely result in clients located behind NATs not using end-to-end security.” Not sure that’s the only conclusion to be drawn here, particularly if the client can traverse the NAT using some other mechanism. Sec 4.9.1: "This means that TURN could only be used if the server knows and accepts that the IP belongs to a TURN server and the TURN server can't be targeted at an unknown address or also the RTSP connection is relayed through the same TURN server.” Not sure what is meant by the clause that begins “or also.” Sec 5: Is it worth noting here the implications for firewalls when RTSP uses confidentiality protection? Sec 6: Why are C1 and C2 not discussed in Section 3? Sec 8: Conspicuously missing from this section is a discussion of the security properties of ICE. Given that it is the chosen mechanism, those need to be discussed here, at least at the same cursory level as the security considerations for all of the other mechanisms. --- Nits to be resolved with any IETF last call comments received: General: “Firewall" should not be capitalized unless it appears at the beginning of a sentence or in the title of referenced document. Sec 1: s/This document is capturing/This document captures/ Sec 2: s/techniques in the next chapter/techniques discussed in the next section/ s/A RTP session/An RTP session/ s/no RTP packets has arrived/no RTP packets have arrived/ s/client can not get through/client cannot get through/ Section 3: s/for RTSP NAT solutions/for RTSP NAT traversal solutions/ s/connection till arrival/connection until arrival/ Sec 4.1.2: s/See [RFC4787] for full definition of these terms.// (terms are also defined in this document s/A RTSP client/An RTSP client/ s/a NAT(s)/a NAT/ s/a RTSP PLAY request/an RTSP PLAY request/ Sec 4.1.4: s/a RTSP-aware ALG /an RTSP-aware ALG / Sec 4.2.2: s/one of the can/one of them can/ s/establishing TCP connection/establishing a TCP connection/ Sec 4.2.5: s/a IETF standard/an IETF standard/ Sec 4.4: s/Latching/latching/ (throughout the document) Sec 4.4.3: s/an public IP address./a public IP address./ Sec. 4.4.4: s/the possible address a latching packet can come from to the same as the RTSP TCP connection are from/the source address of a latching packet to be the same as the source address of the RTSP TCP connection/ s/it is difficult to determine the address usage for the network the client connects from./it cannot be assumed that addresses within the range all belong to the same client./ s/the server will send from and also the SSRC the client will use./that the server will send from and that the SSRC client will use./ s/Having this information/Having this information,/ s/legit/legitimate/ (two occurrences) s/which results in that the media server sends the RTP/RTCP traffic to ports the client isn’t listening for RTP/RTCP on./which results in the media server sending the RTP/RTCP traffic to ports on which the client is not listening for RTP/RTCP./ s/client to server network path/client-to-server network path/ s/To improve the security against attackers/To improve the security against attackers,/ Sec. 4.5.1: s/[I-D.ietf-avt-rtp-no-op], however, that work was abandoned./[I-D.ietf-avt-rtp-no-op]. However, that work was abandoned./ OLD: There exists a RFC that discusses the implication of different type of packets as keep-alives for RTP [RFC6263] and its findings are very relevant to the format of the Latching packet. NEW: The findings of [RFC6263] concerning the implications of different types of packets as keep-alives for RTP are very relevant to the format of the Latching packet. s/there has been/there have been/ Sec. 4.5.2: s/so called/so-called/ s/as Latching packet/as a Latching packet/ Sec 4.5.3: s/(Requirement 4 in Section 3), instead a Latching protocol must be defined./(Requirement 4 in Section 3). Instead a Latching protocol must be defined./ Sec 4.5.4: s/more unlikely/less likely/ s/works and when it didn’t/worked and when it did not/ s/security issue remain/security issue remains/ s/a RTSP client/an RTSP client/ s/likes to/intends to/ s/an DoS target/a DoS target/ Sec 4.6: s/three way Latching/three-way latching/ (throughout) Sec 4.6.2: s/Uses the same RTSP extensions/Three-way latching uses the same RTSP extensions/ s/client to server latching packet/client-to-server latching packet/ s/an UDP packet/a UDP packet/ s/nonce. Thus confirming/nonce, thus confirming/ s/a RTSP client/an RTSP client/ Sec 4.6.3: s/have the following/has the following/ Sec 4.7.4: s/an UDP mapping/a UDP mapping/ s/with RTSP ALG/with an RTSP ALG/ Sec 4.8.3: s/where the RTSP server in not NATed or at least reachable like it was not./where the RTSP server is not NATed or is reachable as if it were not NATed./ Sec 4.9.1: s/a RTSP client/an RTSP client/ s/the IP belongs/the IP address belongs/ Sec 4.9.2: s/addresses also the TCP connection must be done through the same TURN server as the one in the next step./addresses, the TCP connection must be made through the same TURN server to be used for NAT traversal./ s/that it desires/where it desires/ Sec 4.9.3: s/has public/has a public/ Sec 4.9.4: s/a RTSP session/an RTSP session/ s/Which would/This would/ Sec 5: s/a RTSP session/an RTSP session/ s/what type of transport and from where, the media stream packets will be sent./what type of transport will be used and from where the media stream packets will be sent./ Sec 6: s/R1: Work/R1: Must work/ s/use, Implement and administer/use, implement and administer/ OLD: C1: Will solution support both Clients and Servers behind NAT C2: Is the solution robust to changing NAT behaviors NEW: C1: Supports both clients and servers behind NAT C2: Is robust to changing NAT behaviors s/using TCP Tunneling or Three-Way Latching is the solutions that best fulfill/TCP Tunneling or Three-Way Latching is the solution that best fulfills/ s/is acceptable/are acceptable/ s/When it comes to Three-Way Latching it is a very competitive technique given that you don't need support for RTSP servers behind NATs./Three-Way Latching is a comparable technique in situations where support for RTSP servers behind NATs is not required./ s/were some discussion/were some discussions/ s/In the end the authors believe that reuse of ICE, the greater flexibility and anyway need to deploy a new solution was the decisive factors./In the end, the WG concluded that reuse of ICE, its greater flexibility, and the need to deploy a new solution in either case were the decisive factors in favor of ICE./ Sec 8: s/IP-address/IP address/ s/those variants/of those variants/ Sec 9: s/has commented/have commented/ s/protocol/document/
- [MMUSIC] AD evaluation: draft-ietf-mmusic-rtsp-na… Alissa Cooper
- Re: [MMUSIC] AD evaluation: draft-ietf-mmusic-rts… Magnus Westerlund
- Re: [MMUSIC] AD evaluation: draft-ietf-mmusic-rts… Magnus Westerlund
- Re: [MMUSIC] AD evaluation: draft-ietf-mmusic-rts… Alissa Cooper
- Re: [MMUSIC] AD evaluation: draft-ietf-mmusic-rts… Alissa Cooper