Re: [rtcweb] Fwd: New Version Notification for draft-uberti-rtcweb-turn-rest-00.txt
Matt Fredrickson <creslin@digium.com> Wed, 10 July 2013 15:11 UTC
Return-Path: <creslin@digium.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C736221F9D12 for <rtcweb@ietfa.amsl.com>; Wed, 10 Jul 2013 08:11:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.976
X-Spam-Level:
X-Spam-Status: No, score=-2.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HUCBoppVNtce for <rtcweb@ietfa.amsl.com>; Wed, 10 Jul 2013 08:11:49 -0700 (PDT)
Received: from mail-lb0-f177.google.com (mail-lb0-f177.google.com [209.85.217.177]) by ietfa.amsl.com (Postfix) with ESMTP id 6E16B21F9B07 for <rtcweb@ietf.org>; Wed, 10 Jul 2013 08:11:49 -0700 (PDT)
Received: by mail-lb0-f177.google.com with SMTP id 10so5695184lbf.8 for <rtcweb@ietf.org>; Wed, 10 Jul 2013 08:11:48 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=hAJnLlCrCwwStD8RnY06J35ct/VpSNg5qm8E+372a1s=; b=fOsH52XVlatyvH50CCgiEd0kAb97xkNk+QLFDjPLAXgpZ4g9b1/FGHOixrKXVY7Udj YhOo0ChTyh0r5YvMgAvMuMFtyS5YkKb5aMtec3JEbRGOm56ufuGDCd4Gl9TgRKw18eCM 4gWXNxQCeFc/sLoYhxyGiaZb7nadETqqvvlROjz4qwP0a1l8mBoVSKdPK3YxPRSt87n8 Rayhkh/qnF+FBxSXfaranJWIEsembMUOfDGJUzNmar45Z3qrBWA/ONCnuWVMOuP7es69 7Jk8Md6ANc9ba+KWl7AtiUXDyJwlSETlT5DZ4rRfCG21YbAjfhIm9aluBeAStXwIc20U koMw==
MIME-Version: 1.0
X-Received: by 10.152.19.40 with SMTP id b8mr15078580lae.34.1373469107884; Wed, 10 Jul 2013 08:11:47 -0700 (PDT)
Received: by 10.112.141.161 with HTTP; Wed, 10 Jul 2013 08:11:47 -0700 (PDT)
In-Reply-To: <E721D8C6A2E1544DB2DEBC313AF54DE224189868@xmb-rcd-x02.cisco.com>
References: <20130708041540.7930.93762.idtracker@ietfa.amsl.com> <CALe60zAs-NCJgiiHuFHi1ZEOdp2SB4v2-0AYrxBQ2R_gJ=nLcA@mail.gmail.com> <CAOJ7v-0Vxkf-4j-ZHCisKuORob_cL3ogXoexTFMDMJDEttRbaQ@mail.gmail.com> <E721D8C6A2E1544DB2DEBC313AF54DE224183578@xmb-rcd-x02.cisco.com> <CAOJ7v-2_oMAfTqyUzd6cdu2fkS04LQHGO+naqAy7z6KLjJDgMQ@mail.gmail.com> <CAHZ_z=zdF0J3QsvC+yLrOSBiJNvz_T3zT25h753xhsicJsSWdg@mail.gmail.com> <E721D8C6A2E1544DB2DEBC313AF54DE224189868@xmb-rcd-x02.cisco.com>
Date: Wed, 10 Jul 2013 10:11:47 -0500
Message-ID: <CAHZ_z=wacQxLKxtf3+yVCPiv7Ph-kbJROM2=fj60QeNSy02FUw@mail.gmail.com>
From: Matt Fredrickson <creslin@digium.com>
To: "Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com>
Content-Type: multipart/alternative; boundary="089e01493b1649263f04e129b2b5"
X-Gm-Message-State: ALoCoQkH5RT4aPyjRdCn8zjyUWEnOIefBAUg7jInsNZy7GFxBmPkplLWE7AaiEXadc7OLWQ+1jeJ
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Fwd: New Version Notification for draft-uberti-rtcweb-turn-rest-00.txt
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jul 2013 15:11:54 -0000
On Wed, Jul 10, 2013 at 1:40 AM, Muthu Arul Mozhi Perumal (mperumal) < mperumal@cisco.com> wrote: > I think the digest protection should suffice for all practical purposes. > On the other hand, is the web and TURN server clocks expected to be in > sync? I think the draft should discuss it. > I tend to agree as well. Just from an implementation perspective, it seems like that a presumed current timestamp on the credentials could be useful for TTLs on the credentials. It seems that this also could be a potential security vulnerability if the time was out of sync between the two servers. Matthew Fredrickson
- [rtcweb] Fwd: New Version Notification for draft-… Justin Uberti
- Re: [rtcweb] Fwd: New Version Notification for dr… Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] Fwd: New Version Notification for dr… Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] Fwd: New Version Notification for dr… Simon Perreault
- Re: [rtcweb] Fwd: New Version Notification for dr… Martin Thomson
- Re: [rtcweb] Fwd: New Version Notification for dr… Justin Uberti
- Re: [rtcweb] Fwd: New Version Notification for dr… Justin Uberti
- Re: [rtcweb] Fwd: New Version Notification for dr… Justin Uberti
- Re: [rtcweb] Fwd: New Version Notification for dr… Martin Thomson
- Re: [rtcweb] Fwd: New Version Notification for dr… Simon Perreault
- Re: [rtcweb] Fwd: New Version Notification for dr… Justin Uberti
- Re: [rtcweb] Fwd: New Version Notification for dr… Martin Thomson
- Re: [rtcweb] Fwd: New Version Notification for dr… Adam Roach
- Re: [rtcweb] Fwd: New Version Notification for dr… Martin Thomson
- Re: [rtcweb] Fwd: New Version Notification for dr… Adam Roach
- Re: [rtcweb] Fwd: New Version Notification for dr… Martin Thomson
- Re: [rtcweb] Fwd: New Version Notification for dr… Justin Uberti
- Re: [rtcweb] Fwd: New Version Notification for dr… Matt Fredrickson
- Re: [rtcweb] Fwd: New Version Notification for dr… Justin Uberti
- Re: [rtcweb] Fwd: New Version Notification for dr… Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] Fwd: New Version Notification for dr… Matt Fredrickson