Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS
Justin Uberti <juberti@google.com> Mon, 23 March 2015 21:54 UTC
Return-Path: <juberti@google.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BDFE1A1B8D for <mmusic@ietfa.amsl.com>; Mon, 23 Mar 2015 14:54:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.412
X-Spam-Level:
X-Spam-Status: No, score=0.412 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_CHICKENPOX_110=0.6, J_CHICKENPOX_14=0.6, J_CHICKENPOX_55=0.6, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q_QcbWd3WPOv for <mmusic@ietfa.amsl.com>; Mon, 23 Mar 2015 14:54:45 -0700 (PDT)
Received: from mail-ig0-x234.google.com (mail-ig0-x234.google.com [IPv6:2607:f8b0:4001:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0235A1A1B78 for <mmusic@ietf.org>; Mon, 23 Mar 2015 14:54:45 -0700 (PDT)
Received: by ignm3 with SMTP id m3so40975342ign.0 for <mmusic@ietf.org>; Mon, 23 Mar 2015 14:54:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=DxZmAt9mLZZTFjpROotx589XHT8BCGlyc2SiScfKFng=; b=o+FUHc8WCJVRJUEtQ1ta2487D3XMQTSA8Ru66QtIecnEGOnQvHKurB0q4Q/ZY3Yxdx HLz7d8+U53jwgkBZnPwKrOt4fnIaQy1sZNk00miHQEZZzClTGZtEIdiuyfkbiKRVjy2Z zbi8ZWmUUT1+4tXs7vwD37NqbikZYkNNFwHThTQOpsy80+cERIyjePFC9EjPbWhKOBt7 dmpEDMfXCf3XPL5RJ8VAJYKCxoMd1c0fkkTDdKqHpyW6t/OW2kfZABbcbBCwLNyEJPKJ lIdCLW7MfwbMj8gynr5V60BHee/oPR4c+ZxSI6z4CIuPU62wnNtNac+ILvoKwTRqgovO o72g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=DxZmAt9mLZZTFjpROotx589XHT8BCGlyc2SiScfKFng=; b=dL7MpTxKEURh5sCy6xbxcBh//0mPvB8lL1elSawR0BSxnhnQr0pUc8X4JZyw/H1pPH hV7UxWRc0lYjdKLC2Gfh6Nuq0TyvCd0DTaVc+MGN+By9RflN7Yjp7GVILcXUq++Alykn OkIWgDHXt6B0JWcPQo4qWSGh8JdIIQo9NVKWxH0wyH3QYy9nWOKUWZ68ym/EfuIoTjA3 bKgcYIzjzv0jvslk09f/J7yoEroF9xnVLIODbJQ5hSyVKTbJniLnQ8v/577+fCsBch7v PHr7CPmQ3tuW4rz9UYz5+sdeOhrPIQAZe31kv0CfvjM6a1RkkSxaU4fTWu/TZifqv2Kr hsug==
X-Gm-Message-State: ALoCoQlLpc+tarGVVtLctL7MxzmXMOVbdNps/6662NwJXZsQaDLEmeZFqV2ounxZ7eyAbqS1Kun8
X-Received: by 10.50.61.135 with SMTP id p7mr17974394igr.22.1427147684401; Mon, 23 Mar 2015 14:54:44 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.64.42 with HTTP; Mon, 23 Mar 2015 14:54:24 -0700 (PDT)
In-Reply-To: <CAD5OKxu5LVFGqyixLzG4W-FBYRa9VFm6NmAdCmD0_ccDrOJo2A@mail.gmail.com>
References: <550E0F1A.2090303@ericsson.com> <BLU406-EAS2095DB481DB8142DA8BC0BB930C0@phx.gbl> <7594FB04B1934943A5C02806D1A2204B1D7729E2@ESESSMB209.ericsson.se> <CAD5OKxtB5qWQ1yYdGEOdKD55y0HPTGkY_hP0uV=PXEkRnZfcBg@mail.gmail.com> <CAOJ7v-0pQ=smq1EzpMrQBULm+mjscDXf=fpapdvMWtVX4FkWVw@mail.gmail.com> <CAD5OKxu5LVFGqyixLzG4W-FBYRa9VFm6NmAdCmD0_ccDrOJo2A@mail.gmail.com>
From: Justin Uberti <juberti@google.com>
Date: Mon, 23 Mar 2015 14:54:24 -0700
Message-ID: <CAOJ7v-3NWNu8SLzv1VMuvj-FoAmUCfZ=f+Pa7ggLjPRctnhQhw@mail.gmail.com>
To: Roman Shpount <roman@telurix.com>
Content-Type: multipart/alternative; boundary="e89a8fb20900c582f20511fbb6d2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/mmusic/NJvSkJBPWc_GaqU1CU8nLzajdek>
Cc: mmusic <mmusic@ietf.org>, Ari Keränen <ari.keranen@ericsson.com>, "draft-uberti-mmusic-nombis@tools.ietf.org" <draft-uberti-mmusic-nombis@tools.ietf.org>, Christer Holmberg <christer.holmberg@ericsson.com>
Subject: Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Mar 2015 21:54:46 -0000
On Mon, Mar 23, 2015 at 8:24 AM, Roman Shpount <roman@telurix.com> wrote: > On Sun, Mar 22, 2015 at 11:56 PM, Justin Uberti <juberti@google.com> > wrote: > >> Alas, an ICE ufrag doesn't uniquely identify an ICE virtual connection; >> with ICE forking you can have N virtual connections from the same ufrag. >> >> A lfrag:rfrag tuple is closer, but even this does not work, because a) an >> ICE restart changes lfrag/rfrag without invalidating the connection, and b) >> because a ufrag can be shared across multiple m= lines (and thereby ICE >> connections). >> >> The closest thing is m-line, keeping in mind that bundled m-lines use the >> virtual connection of the m-line onto which they are bundled. >> >> > Would ICE restart cause new DTLS handshake? If it does not, what is the > appropriate transport parameter change that will cause the new DTLS > handshake? > No, ICE restart does not rehandshake (it's orthogonal). There is currently no SDP parameter defined that allows for a rehandshake, except for offering a new fingerprint; use of the a=connection attribute is explicitly forbidden by 5763. > > When you say m= line, how would the end point associate received packets > with the specific m= line? To handle forks this has to be local m= line and > remote m=line pair, but what does this translate into on the RTP/DTLS > transport layer? Do you propose to associate based on remote ufrag, local > ufrag and the set of local candidates associated with this m= line? Would > it not be simpler to prohibit ufrag reuse? > For unbundled cases this is non-ambiguous. For bundled cases, there is the mid header extension. > > P.S. If ICE restart would cause the new DTLS connection to be established > this would either mean the same candidates cannot be used after ICE restart > or that an end point can receive packets for several unrelated DTLS > connections over the same 5-tuple. Same old mess all over again. > _____________ > Roman Shpount > >
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Ari Keränen
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Justin Uberti
- [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Ari Keränen
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Bernard Aboba
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Christer Holmberg
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Roman Shpount
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Justin Uberti
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Jonathan Lennox
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Christer Holmberg
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Simon Perreault
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Roman Shpount
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Justin Uberti
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Roman Shpount
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Justin Uberti
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Roman Shpount
- Re: [MMUSIC] draft-uberti-mmusic-nombis and (D)TLS Justin Uberti