IETF Logo Mail Archive

Re: [rtcweb] Consent Freshness: Some suggestions for editorial clarifications

Harald Alvestrand <harald@alvestrand.no> Fri, 26 September 2014 08:31 UTC

Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E36BD1A009E for <rtcweb@ietfa.amsl.com>; Fri, 26 Sep 2014 01:31:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.685
X-Spam-Level:
X-Spam-Status: No, score=-2.685 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.786] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pGpjps4pLB0E for <rtcweb@ietfa.amsl.com>; Fri, 26 Sep 2014 01:30:56 -0700 (PDT)
Received: from mork.alvestrand.no (mork.alvestrand.no [IPv6:2001:700:1:2::117]) by ietfa.amsl.com (Postfix) with ESMTP id 2101E1A0195 for <rtcweb@ietf.org>; Fri, 26 Sep 2014 01:30:56 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mork.alvestrand.no (Postfix) with ESMTP id 291CF7C41E8 for <rtcweb@ietf.org>; Fri, 26 Sep 2014 10:30:55 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at alvestrand.no
Received: from mork.alvestrand.no ([127.0.0.1]) by localhost (mork.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7FE8BqG5cq5a for <rtcweb@ietf.org>; Fri, 26 Sep 2014 10:30:52 +0200 (CEST)
Received: from hta-hippo.lul.corp.google.com (unknown [IPv6:2620:0:1043:1:75ad:e5d6:3938:e129]) by mork.alvestrand.no (Postfix) with ESMTPSA id 5F4887C41D1 for <rtcweb@ietf.org>; Fri, 26 Sep 2014 10:30:52 +0200 (CEST)
Message-ID: <5425243C.8010305@alvestrand.no>
Date: Fri, 26 Sep 2014 10:30:52 +0200
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <7594FB04B1934943A5C02806D1A2204B1D44E72A@ESESSMB209.ericsson.se> <CAKz0y8xB6VaJtcABPhyP2FMr13_ZGZNFzafaUs590ym2T5OPyA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D45A186@ESESSMB209.ericsson.se> <CAKz0y8x624Pwib+1Mxj9eOW2ACB55agfTXewp=YybRFiFzhKrA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D45A403@ESESSMB209.ericsson.se> <CAKz0y8yo+B-3fv-LpjhRTgLq5_-ouLkOJbnGeQ0CR3efMDvWjw@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D45A4DC@ESESSMB209.ericsson.se>
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B1D45A4DC@ESESSMB209.ericsson.se>
Content-Type: multipart/alternative; boundary="------------050405070706090605040109"
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/He21kFYCgiV7lELmuPvarZDxfW8
Subject: Re: [rtcweb] Consent Freshness: Some suggestions for editorial clarifications
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Sep 2014 08:31:01 -0000

On 09/25/2014 12:25 PM, Christer Holmberg wrote:
>
> Hi,
>
>     The reason for 30 seconds is the following:
>
>     As we know, the sender needs to receive at least one response to a
>     request sent within the last 30 seconds, or the consent expires.
>
>     Assume you send a STUN request at time X, another one at time X+n etc.
>
>     Now, within the 30 seconds, assume the only response (all other
>     requests/responses get lost in the network) you get is to the
>     request you sent at time X, and you receive it 28 seconds after
>     you sent the request.
>
> ​ But it is unlikely that someone will buffer the response for 28 sec. 
> If the connectivity was lost for so long, the response to the first 
> request would have also got lost..
>

I think people who have experimented with the "walk behind a tree" 
scenario in 3G networks have reported seeing packets delayed for 10 
seconds in real networks.

Of course, if you send requests at X, X+5, X+10, X+15 and so on, you're 
likely to get the one at X+15 as well as the one at X once connectivity 
resumes.

Experimentation would be good here....

> Unlikely, yes. But, if it happens, and consent expires (because the 
> sender did not wait for 30 seconds), who to blame?
>
> The sender will say “you buffered the response too long”, and the 
> receiver will say “you did get the response within 30 seconds”.
>
> I am trying to avoid such situations, because both parties will say 
> that they implement the draft correctly.
>
> Of course, if you send a request at time X, and another one at time 
> X+N, if you get a response to the X+N request you can terminate the 
> state for the X request also.
>
> So, in reality, I doubt there will be cases where the state lives for 
> 30 seconds.
>
> Regards,
>
> Christer
>
>     Therefore, unless you wait for the response 30 seconds,  consent
>     will expire – EVEN if you did receive a response within 30 seconds.
>
>     I do agree it very likely won’t happen in real life, but our state
>     machines etc should be able to handle the “worst case” scenario.
>
>     Regards,
>
>     Christer
>
>     *From:*Muthu Arul Mozhi Perumal [mailto:muthu.arul@gmail.com
>     <mailto:muthu.arul@gmail.com>]
>     *Sent:* 25 September 2014 12:22
>     *To:* Christer Holmberg
>     *Cc:* rtcweb@ietf.org <mailto:rtcweb@ietf.org>
>     *Subject:* Re: [rtcweb] Consent Freshness: Some suggestions for
>     editorial clarifications
>
>     On Thu, Sep 25, 2014 at 2:02 PM, Christer Holmberg
>     <christer.holmberg@ericsson.com
>     <mailto:christer.holmberg@ericsson.com>> wrote:
>
>         Hi,
>
>             Based on feedback I receive from implementers, there are a
>             couple of clarifications I think would be useful in the
>             consent freshness draft.
>
>             Q1:
>
>             -----
>
>             As STUN binding requests for consent are sent unreliably,
>             and are not re-transmitted, I think it would be useful to
>             have some explicit text saying that individual requests
>             (and/or their associated responses) may get lost in the
>             network, and that a sender must be prepared that a
>             response to such requestmay never arrive.
>
>             It may be obvious to us, but maybe not as clear to the
>             first-time reader of the draft.
>
>             Q2:
>
>             -----
>
>             Section 4.1 says:
>
>             “That is, if a valid STUN binding response corresponding
>             to one of the STUN requests sent in the last 30 seconds
>
>                          has not been received from the remote peer's
>             Transport Address, the endpoint MUST cease transmission on
>             that 5-tuple.”
>
>             First, I suggest the following clarification:
>
>             s/”to one of the STUN requests sent in the last 30
>             seconds”/”to one of the STUN requests (not necessarily the
>             last one) sent in the last 30 seconds”.
>
>             Second, there is no explicit text on for how long the
>             client keeps the STUN transaction alive, i.e. for how long
>             it waits for the response.
>
>             I assume that, after 30 seconds, the client does not need
>             to maintain state and wait for the response anymore.
>
>         ​My understanding is that the sender doesn't need remember the
>         request for 30 sec, instead it needs to remember it only for
>         RTT duration. If a matching response is received within that
>         duration you have a 'hit'. If there is no 'hit' over the last
>         30 sec, consent expires.
>
>         I agree this isn't clear in the current version.
>
>         How do you calculate the RTT? Based on previous transactions?
>
>     ​I should have said smoothed RTT. ​I believe that is what STUN and
>     TCP currently use.
>
>         What if, for whatever reason, the roundtrip for a STUN binding
>         request/response takes longer that previously? You would
>         discard the response.
>
>     ​Yes, but that shouldn't a problem for consent I think, because
>     only if there was no 'hit' over the last 30 sec would consent expire.
>
>         I think it is much more clear the specify a time. 30 seconds
>         is a good value, because if it takes longer the response is
>         “unvalid” anyway.
>
>     ​I am okay with a fixed duration instead of a smoothed RTT.
>     However, 30 sec looks too long to me to remember the request,
>     holding unnecessary resources (we just need one matching response
>     over the last 30 sec).
>
>     The other question is, do we really need to specify the duration
>     to achieve interoperability here? I though Martin's opinion was
>     that isn't needed to achieve interoperability, but I could have
>     misread one of those discussions..
>
>     Muthu
>
>         Regards,
>
>         Christer
>
>             I think it would be useful to explicitly indicate that,
>             and also say that responses that are received after that
>             time must be discarded.
>
>             Thanks!
>
>             Regards,
>
>             Christer
>
>
>             _______________________________________________
>             rtcweb mailing list
>             rtcweb@ietf.org <mailto:rtcweb@ietf.org>
>             https://www.ietf.org/mailman/listinfo/rtcweb
>
>
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email