IETF Logo Mail Archive

Re: [rtcweb] WG Last Call for draft-ietf-rtcweb-stun-consent-freshness

"Makaraju, Maridi Raju (Raju)" <Raju.Makaraju@alcatel-lucent.com> Fri, 22 August 2014 16:22 UTC

Return-Path: <Raju.Makaraju@alcatel-lucent.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 152411A04E8 for <rtcweb@ietfa.amsl.com>; Fri, 22 Aug 2014 09:22:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.567
X-Spam-Level:
X-Spam-Status: No, score=-2.567 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZbJ3iROIk8q0 for <rtcweb@ietfa.amsl.com>; Fri, 22 Aug 2014 09:22:04 -0700 (PDT)
Received: from smtp-us.alcatel-lucent.com (us-hpatc-esg-02.alcatel-lucent.com [135.245.18.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB77C1A03ED for <rtcweb@ietf.org>; Fri, 22 Aug 2014 09:22:01 -0700 (PDT)
Received: from us70uusmtp4.zam.alcatel-lucent.com (unknown [135.5.2.66]) by Websense Email Security Gateway with ESMTPS id CAF24DE874284; Fri, 22 Aug 2014 16:21:58 +0000 (GMT)
Received: from US70TWXCHHUB03.zam.alcatel-lucent.com (us70twxchhub03.zam.alcatel-lucent.com [135.5.2.35]) by us70uusmtp4.zam.alcatel-lucent.com (GMO) with ESMTP id s7MGM0sc002019 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 22 Aug 2014 12:22:00 -0400
Received: from US70UWXCHMBA02.zam.alcatel-lucent.com ([169.254.8.175]) by US70TWXCHHUB03.zam.alcatel-lucent.com ([135.5.2.35]) with mapi id 14.02.0247.003; Fri, 22 Aug 2014 12:22:00 -0400
From: "Makaraju, Maridi Raju (Raju)" <Raju.Makaraju@alcatel-lucent.com>
To: Muthu Arul Mozhi Perumal <muthu.arul@gmail.com>, Martin Thomson <martin.thomson@gmail.com>
Thread-Topic: [rtcweb] WG Last Call for draft-ietf-rtcweb-stun-consent-freshness
Thread-Index: AQHPvCyeYIc/MFSTfk+VKNIJfUtwNpvZX8mAgAIBcQCAABTbAYAA57WAgAAp6xA=
Date: Fri, 22 Aug 2014 16:21:59 +0000
Message-ID: <E1FE4C082A89A246A11D7F32A95A17828E526CA4@US70UWXCHMBA02.zam.alcatel-lucent.com>
References: <CA+9kkMCZT1XW4LLaJ4Nq2DbrxD59cYnjLo5JXn9fjEb8pyamaQ@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D41CDC3@ESESSMB209.ericsson.se> <CAKz0y8zycsyr9m4BA=-8xOaWkU+Sog5Mbz7K-oN3woqi++mVzg@mail.gmail.com> <53F451CF.10705@alvestrand.no> <001b01cfbc94$fccd5310$f667f930$@co.in> <CAKz0y8zNM3rc3XC6JqrK+d4hXiT5TomhNM+W2twg0+-83-pFow@mail.gmail.com> <CABkgnnUnfB5bskH4zWRfBMdHbSoqftV5Fo_GEXoLt9XCH9Tt_w@mail.gmail.com> <CAD5OKxsT9Vdm0=tjk9WsLAH4ekbAizgyjm--168TrOf8UAYGZw@mail.gmail.com> <CABkgnnXUpibu8kWYmbJJJT2J3RNGXFV8LbceLijgG0U-pGY2xQ@mail.gmail.com> <CAKz0y8z_oBf2efavfOLgzqE1R8sZstefZ1tvwwJLkhRskXZERQ@mail.gmail.com>
In-Reply-To: <CAKz0y8z_oBf2efavfOLgzqE1R8sZstefZ1tvwwJLkhRskXZERQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.5.27.16]
Content-Type: multipart/alternative; boundary="_000_E1FE4C082A89A246A11D7F32A95A17828E526CA4US70UWXCHMBA02z_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/C-NgVIB3Ic2txVxFFW_kqd1J85I
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] WG Last Call for draft-ietf-rtcweb-stun-consent-freshness
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Aug 2014 16:22:07 -0000

>WebRTC browser - MUST
>WebRTC devide - SHOULD
>Other RTP entities (including WebRTC gateway) - MAY

+1

From: rtcweb [mailto:rtcweb-bounces@ietf.org] On Behalf Of Muthu Arul Mozhi Perumal
Sent: Friday, August 22, 2014 12:26 AM
To: Martin Thomson
Cc: rtcweb@ietf.org
Subject: Re: [rtcweb] WG Last Call for draft-ietf-rtcweb-stun-consent-freshness

ICE-lite entities don't even perform connectivity checks. Requiring they perform consent freshness doesn't seem to make sense to me (of course, we can come up with a new spec ICE-lite-with-consent, but that's a different problem).

I am not saying you can't spoof a public VoIP service to send RTP anywhere. Legacy ICE entities perform connectivity checks today and not consent and consent freshness. Do we want to make them more secure? Sure. It however is a problem of different scope and need to be solved in MMUSIC or elsewhere, IMHO.

draft-ietf-rtcweb-stun-consent-freshness is about making the WebRTC browser more secure. It however allows an RTP endpoint (that also does ICE) to use the mechanism to make it more secure or compute RTT or carry network information or whatever. However, requiring every RTP endpoint perform it seems asking too much.

My take:
WebRTC browser - MUST
WebRTC devide - SHOULD
Other RTP entities (including WebRTC gateway) - MAY

Thoughts?

Muthu

On Fri, Aug 22, 2014 at 1:06 AM, Martin Thomson <martin.thomson@gmail.com<mailto:martin.thomson@gmail.com>> wrote:
On 21 August 2014 11:25, Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> wrote:
> All entities receive peer transport information from elsewhere, including
> gateways running ICE-Lite. Does it mean all of them need to perform consent?
That's the logical conclusion, yes.

v2.23.0 | Report a Bug | By Email