Re: [rtcweb] Transports: RFC 4941 support?

Harald Alvestrand <hta@google.com> Wed, 19 March 2014 07:03 UTC

Return-Path: <hta@google.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F1951A0652 for <rtcweb@ietfa.amsl.com>; Wed, 19 Mar 2014 00:03:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.925
X-Spam-Level:
X-Spam-Status: No, score=-1.925 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vjXv43UaKzbL for <rtcweb@ietfa.amsl.com>; Wed, 19 Mar 2014 00:03:00 -0700 (PDT)
Received: from mail-ve0-x22a.google.com (mail-ve0-x22a.google.com [IPv6:2607:f8b0:400c:c01::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 30C821A0640 for <rtcweb@ietf.org>; Wed, 19 Mar 2014 00:03:00 -0700 (PDT)
Received: by mail-ve0-f170.google.com with SMTP id pa12so8566237veb.1 for <rtcweb@ietf.org>; Wed, 19 Mar 2014 00:02:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=09oJ00h4yvfaOmdtJw86Z+y8+9EffoFU3dcten5ZMf0=; b=bovE0n0QhSS6en8lppnG9V9fTBEvjVotMMP7/IAaP02fQ2dXtFp0w9KCUT2PGM+Xu5 MorO3MVnRuxykd1ng4vEr/5l1L+rvec7c/p6dbOUZO+XaZeUNqRaP0OccR+fhjo9mACi lCdtSdOiL2+/og7ruvNSthC/QKdPny+JwIVwVRXOudDlz+B6kfSxkGzvXqdVhhh7QQ8f OW1EC6/P9Ef5uSgSuFVBWDlypW36vGb/rG4sBuYa59hhnO9lVG8ol5cHlARNt/kDgvEH 9rfemn7UNrR1SmngUGGDTWFD2bixa09Z51buUs3ittaK0LL/hsXHkiYlWIhxWfEkfLay JYRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=09oJ00h4yvfaOmdtJw86Z+y8+9EffoFU3dcten5ZMf0=; b=hSLicqEqi2wopaEbgOG+pVYIh/urZRNu0+vZ832voX7F7JOPfcL4OB5w2hIriPtHfv xdevkNh9I0sfsSS/eGBfXUoX1C7mqyWMvaQeDD4gDLTmWzjLhJJT52n3nsF66GF+vwec L5ySWsPDa2GIMdd48l03urkhJnuDBQMCFAqahrjNS+CzL1g5lfC89d50F8L8xqvKNdX7 voj1l/YXjhSK6Yt2Jgzg1HEBkGyF6KkZdmZTWuSy/qHetofLlcgFX2ekEbVdjEHfaw7q gwOaWoxYWEMo9C2NYXvhJlID90FM7cNSZXHgkqKbSCpKmcePwIxXzU9pXHob3RP+TZU8 //KQ==
X-Gm-Message-State: ALoCoQkRxlXpOICrah4NgeRbDAlw5hGLMyN5OFMEpsoddxx2bgNnVOWN97b8r5X0op26c6X45nPk+Bj5iECuwJIi/Y9KKOK+yd3kiLPRUeewpkKXbMQcYFUtKO8UsmW+Icgf1GqCbegdgc48erCe95klLK5YdHJTaFZzrxq0jO9twVUZRxwgHoNz3Wo82jbHXnLRO/BgmRrS
X-Received: by 10.52.165.105 with SMTP id yx9mr24305456vdb.22.1395212571382; Wed, 19 Mar 2014 00:02:51 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.128.178 with HTTP; Wed, 19 Mar 2014 00:02:31 -0700 (PDT)
In-Reply-To: <B6836FFA-867A-4CBF-9855-D265425EC5E1@cisco.com>
References: <CAOJ7v-0Hw0NFs_avsB2Z8do21BCws2LRZSeSh6HP0t455SPXyw@mail.gmail.com> <B6836FFA-867A-4CBF-9855-D265425EC5E1@cisco.com>
From: Harald Alvestrand <hta@google.com>
Date: Wed, 19 Mar 2014 08:02:31 +0100
Message-ID: <CAOqqYVE=i2L7FxGgKuV0DVaaxYOPnxzSEbDoq0_4Tqapna575g@mail.gmail.com>
To: Dan Wing <dwing@cisco.com>
Content-Type: multipart/alternative; boundary=001a11c210ccb43d2004f4f03de4
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/HavE-APfn_VlwyuVbQZirTeM_8w
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Transports: RFC 4941 support?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Mar 2014 07:03:03 -0000

I'd like to be silent on the issue, since which IPv6 addresses to prefer is
likely to be a matter of system policy. Trying to override system policy in
an application specific profile usually leads to sadness.



On Wed, Mar 19, 2014 at 6:14 AM, Dan Wing <dwing@cisco.com> wrote:

>
> On Mar 18, 2014, at 6:00 PM, Justin Uberti <juberti@google.com> wrote:
>
> https://tools.ietf.org/html/rfc4941 defines the concept of temporary IPv6
> addresses. For, example, as enumerated on my local system:
>
> inet 172.31.x.y netmask 0xfffffe00 broadcast 172.31.x.255
> inet6 2620::1008:100b:e2f8:47ff:wwww:xxxx prefixlen 64 autoconf
> inet6 2620::1008:100b:819e:1d3f:yyyy:zzzz prefixlen 64 autoconf
> *temporary *
>
> As indicated in the RFC, the temporary addresses expire after hours or
> days, and therefore could be used to prevent long-term linkability of
> sessions. Expiration shouldn't be an issue for WebRTC, since we can simply
> do ICE restart if this occurs during a session.
>
> Is this something we want to recommend in the transports doc?
>
>
> Yes.
>
> And it should be as frequent as every new 'call', if IPv6 privacy
> addresses are to provide the same privacy as a NAPT44, as a NAPT44 should
> be assigning random ports per reasons described in RFC6056.
>
> The transport document should also recommend doing port randomization
> (RFC6056), as that was found pretty useful for DNS, but randomizing ports
> is still not popular with many OS's TCP stacks for whatever reason.
>
> -d
>
>
>