Re: [rtcweb] RTCP consent approach comment
Harald Alvestrand <harald@alvestrand.no> Tue, 20 March 2012 10:19 UTC
Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8DCE21F8650 for <rtcweb@ietfa.amsl.com>; Tue, 20 Mar 2012 03:19:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dISqmX7V5hmw for <rtcweb@ietfa.amsl.com>; Tue, 20 Mar 2012 03:19:44 -0700 (PDT)
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no [158.38.152.233]) by ietfa.amsl.com (Postfix) with ESMTP id 3C0B421F8611 for <rtcweb@ietf.org>; Tue, 20 Mar 2012 03:19:44 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id 48FFD39E132; Tue, 20 Mar 2012 11:19:43 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at eikenes.alvestrand.no
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jrqctEtRy-q1; Tue, 20 Mar 2012 11:19:42 +0100 (CET)
Received: from [78.65.120.97] (host-78-65-120-97.homerun.telia.com [78.65.120.97]) by eikenes.alvestrand.no (Postfix) with ESMTPSA id F404839E0E7; Tue, 20 Mar 2012 11:19:39 +0100 (CET)
Message-ID: <4F6859B5.8060603@alvestrand.no>
Date: Tue, 20 Mar 2012 11:19:33 +0100
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.27) Gecko/20120216 Thunderbird/3.1.19
MIME-Version: 1.0
To: "Ravindran, Parthasarathi" <pravindran@sonusnet.com>
References: <387F9047F55E8C42850AD6B3A7A03C6C0E1FFDFE@inba-mail01.sonusnet.com>
In-Reply-To: <387F9047F55E8C42850AD6B3A7A03C6C0E1FFDFE@inba-mail01.sonusnet.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] RTCP consent approach comment
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Mar 2012 10:19:45 -0000
On 03/20/2012 02:06 AM, Ravindran, Parthasarathi wrote: > Eric, > > Sec 4.2.3 mentions about RTCP consent approach is not adopted for > > 1) Small window attack of RTP > 2) Tough for legacy non-RTCP endpoint to implement RTCP > > I think that small window attack of RTP is possible in ICE as well in case attacker has access to offer SDP and the second reason is funny to recommend non-RTCP endpoint to implement ICE instead of implementing RTCP because this reason is equivalent of asking the person to buy cake who is struggling to buy bread. > > The missing information is that NAT traversal is not possible using RTCP mechanism. Could you please add "NAT traversal" as the one of the reason for not adopting RTCP consent approach. Ravindran, the section already limits itself to "... cases where the legacy endpoint has a public address...." - in those cases, NAT traversal is not necessary, so I don't believe your comment applies. Can you explain why you see a window of attack in the ICE case? I don't understand that comment. > Thanks > Partha > _______________________________________________ > rtcweb mailing list > rtcweb@ietf.org > https://www.ietf.org/mailman/listinfo/rtcweb >
- [rtcweb] RTCP consent approach comment Ravindran, Parthasarathi
- Re: [rtcweb] RTCP consent approach comment Harald Alvestrand