IETF Logo Mail Archive

Re: [MMUSIC] 10 BUNDLE questions

"Cullen Jennings (fluffy)" <fluffy@cisco.com> Mon, 22 April 2013 15:25 UTC

Return-Path: <fluffy@cisco.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7640F21F88A9 for <mmusic@ietfa.amsl.com>; Mon, 22 Apr 2013 08:25:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -109.999
X-Spam-Level:
X-Spam-Status: No, score=-109.999 tagged_above=-999 required=5 tests=[AWL=-0.600, BAYES_00=-2.599, J_CHICKENPOX_111=0.6, J_CHICKENPOX_55=0.6, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LYZq1EGHVt4m for <mmusic@ietfa.amsl.com>; Mon, 22 Apr 2013 08:25:57 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id 4A10221F86D9 for <mmusic@ietf.org>; Mon, 22 Apr 2013 08:25:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5738; q=dns/txt; s=iport; t=1366644357; x=1367853957; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=2aQsk69TfwOyjhmPkdW4kWtAtXZlnIIxCYzw8zltrUk=; b=cqTxgeKaFCarAQpgiO/VfnOJwmP4JjRvI/sdWO8Hbs//F/A18vfU2Oo5 A9P5hcv7tcZXiL5Xg09d7vaARxad7vApCHTwvDbJwhQCQjZ4uJDf18wdZ F9ZIKe7Tb6xICDSK7zV10GI/5vpxompaQrBZoeVjeELFT/vcNVKuM2Pm5 U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhcFAC9WdVGtJV2a/2dsb2JhbABPgwY2wQKBBhZ0gh8BAQEDAQEBAWgDCwULAgEIGAokIQYLJQIEDgUIh3oDCQYMslINiEAEjGiCJAIxB4JmYQOVMY1ghR6DDIIo
X-IronPort-AV: E=Sophos;i="4.87,527,1363132800"; d="scan'208";a="201539104"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-7.cisco.com with ESMTP; 22 Apr 2013 15:25:55 +0000
Received: from xhc-aln-x04.cisco.com (xhc-aln-x04.cisco.com [173.36.12.78]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id r3MFPtbn018592 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 22 Apr 2013 15:25:55 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.192]) by xhc-aln-x04.cisco.com ([173.36.12.78]) with mapi id 14.02.0318.004; Mon, 22 Apr 2013 10:25:55 -0500
From: "Cullen Jennings (fluffy)" <fluffy@cisco.com>
To: Martin Thomson <martin.thomson@gmail.com>
Thread-Topic: [MMUSIC] 10 BUNDLE questions
Thread-Index: AQHOP22ubRWWkZ0c50GtvuAkRDHaxg==
Date: Mon, 22 Apr 2013 15:25:55 +0000
Message-ID: <C5E08FE080ACFD4DAE31E4BDBF944EB113494A47@xmb-aln-x02.cisco.com>
References: <CAOJ7v-0tr6_HAPwOnLD_De-LkNCsj1EfLhZL=G_B=k5tz9Hkwg@mail.gmail.com> <C5E08FE080ACFD4DAE31E4BDBF944EB11348F0AF@xmb-aln-x02.cisco.com> <CABkgnnU1XW4vgC3rW-2DB15yMgc4GkhwQvYOuxmvBE4+9k0pDA@mail.gmail.com>
In-Reply-To: <CABkgnnU1XW4vgC3rW-2DB15yMgc4GkhwQvYOuxmvBE4+9k0pDA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.20.249.164]
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <CCEB85BA94D20844BE7A6CA1FE61C187@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "mmusic@ietf.org" <mmusic@ietf.org>
Subject: Re: [MMUSIC] 10 BUNDLE questions
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Apr 2013 15:25:58 -0000

On Apr 19, 2013, at 3:05 PM, Martin Thomson <martin.thomson@gmail.com> wrote:

> This clarifies things for me.  I hope that these are captured effectively.
> 
> On 19 April 2013 09:19, Cullen Jennings (fluffy) <fluffy@cisco.com> wrote:
>> On Mar 15, 2013, at 2:51 PM, Justin Uberti <juberti@google.com> wrote:
>>>      • From 6.1, list 1 - are conditions 2, 5, 7 really necessary? (MUST use same c=, add rtcp-mux, same a=fingerprint)
>> 
>> on fingerprint, I don't think this impacts the bundle but it seems like it make simplify the code that matches the fingerprint to the DTLS connection. Be interested in hearing EKR's thoughts.
> 
> I'm not EKR, but I don't see any way that having multiple sets of
> credentials would be useful.  That implies multiple handshakes.

well, this would only be for the initial offer and if bundle is not selected, there will be multiple handshakes. I can't think of a reason that the multiple handshakes can't have the same certificate so I think I agree with you

> 
> a=fingerprint pertains to the transport and as such needs to be the same.
> 
> You *could* add fingerprints from different lines as alternative valid
> (in the same way that two a=fingerprint can be added to a single
> line).  Since this is more likely to be mistake than something
> intentional, better to require that every block in a bundle have the
> same a=fingerprint.
> 
>>>      • From 6.1, list 2 - is condition 6 right? Why would we use different SDES keys for a single RTP session?
>> 
>> This is confusing in what you do in first is this, but once you know what you are doing, you put what you are using which will result in same not different keys. This needs series review from crypto experts.
> 
> In theory you can use multiple keys.  And it doesn't have any real
> consequences.  That's not necessarily a useful property though.

I just want to make sure there is not chance for a two time pad problem but I assume that will not be a problem and we can use the same sdes key when bundle does not get negotiated 

> 
>>>      • If you start with a m= line with one SDES config (e.g. 32-bit MAC), and then BUNDLE with another SDES line with a different (non overlapping) SDES config (e.g. 80-bit MAC), what happens? (assume fail)
>> 
>> Lets say can not do that and if you do it, it is a fail.
> 
> See above - it's *possible* to have this particular example work.  But
> not useful and therefore inadvisable.
> 
> I think that a good requirement is that new m= lines are entered into
> a bundle when they are added to the session and that bundle can't
> change.  That means you can't move m= lines in and out of bundles.
> That also keeps the rules with respect to properties constant for any
> given m= line.
> 
> Sure, you could make a complicated system where this was possible, but
> it probably wouldn't interoperate.

+1

> 
> 
>>>      • If you add a m= line to an existing BUNDLE, can the recipient reject that BUNDLEing (assume no)
>> 
>> agree it should be no
> 
> On first impressions, I was inclined to agree that it makes no sense
> to allow for unbundling on new m= lines, but this is exactly the same
> sort of scenario that an initial offer has to deal with.  Offer the
> addition of a stream in a bundle, but allow for the fact that peer
> might not support bundling.  So, I'm actually inclined to disagree
> here.
> 
> That said, without a use case, such a capability complicates things.
> I'll get to the use case below.
> 
>> Also imagine case where
>> 
>> Alice offers A, B, and C and offers to bundle them all
>> 
>> Bob wants to accept A and B in a bundle and C separate
>> 
>> When I talked to Justin this, I was convinced we don't want to bother to support this as it complicated gathering ports for future offers. So what it comes down to the device receive the offer can either accept the bundle or not. (and separate accept or reject each m line in the bundle but can't refactor the bundling).
> 
> This is actually the same sort of problem as the above.  The question
> is whether the bundle is negotiated as a whole, or whether answers can
> differentiate on per-line basis.  I can appreciate the desire to
> simplify, but you have to examine use cases.
> 
> Example: Alice offers A and B bundled, Bob accepts the bundling.
> Later, Alice adds C to the bundle.  How can Bob get that m= line
> routed over a different path?  Do we require that Bob reject the line
> and offer the same line, potentially inverted, without bundling in a
> subsequent offer?
> 
> I'm thinking here about a case where a session escalates from audio to
> audio+video and there might be a middlebox involved.  I guess in that
> case the middlebox needs to drive the addition.
> 
> I can probably live with the simplification, but this needs to be
> crystal clear.  A more complete discussion of the implications of this
> particular choice would be really helpful.

+1 on we need to be crystal clear. 

I think I am leaning towards once a bundle is set up, a new update to it can offer things in the bundle or not it the bundle. And if offered in the bundle, the answer can choose to put it in the bundle or not. But I want to avoid all things like the answer can move a m-line from one one bundle to another bundle or something like that. It's too complicated and I don't see the need for it. 


> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic

v2.30.2 | Report a Bug | By Email | System Status