Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples

Roman Shpount <roman@telurix.com> Thu, 12 March 2015 14:49 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0F371A7021 for <rtcweb@ietfa.amsl.com>; Thu, 12 Mar 2015 07:49:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NCPEG9aNzeQj for <rtcweb@ietfa.amsl.com>; Thu, 12 Mar 2015 07:49:17 -0700 (PDT)
Received: from mail-ie0-f171.google.com (mail-ie0-f171.google.com [209.85.223.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 443641A1BE6 for <rtcweb@ietf.org>; Thu, 12 Mar 2015 07:48:56 -0700 (PDT)
Received: by ieclw3 with SMTP id lw3so43346077iec.2 for <rtcweb@ietf.org>; Thu, 12 Mar 2015 07:48:55 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=uUn+jLVbNf0+uk5ejcib9YdfLPIRjIDD1p7zgTjk/ls=; b=QrOk/Rkf4BwWZCTGoqCiqdcRmgJxHKbtdiOyI7JmABZhVWf63VWgHkUdMXqSMbI8dd PI2VsNNj0+6wGKNRqcSBqaEWvGqg0ZlxudO89OFhGXO45g3xowpUXEeOlA0nNN1K8jyx fcdQVfR6AWBtOWeUgl0JuEDotX6iFNn938bLl+x6JQoRw7Drl/k/XS3iUOa/5b/meZUx LksBddznuaSibZRaTXv0LePs3lw+GE0L261UyeIHWeqToSBnsrsj1Id7GMsKWwVmfyrv 1bYr5gaLQNxxxjh18F3GIRaT5CvalgUcv2xrnBa2Otb5zd4FLCbivC6voA8rsgm9TBou acwA==
X-Gm-Message-State: ALoCoQkvWzytVP0rXMc/8h24yc8KjpfOoFfjX6klddWylwv/DqxiqHCS6shtrjJWVKHSLvpS+K9K
X-Received: by 10.50.25.231 with SMTP id f7mr102106108igg.48.1426171724861; Thu, 12 Mar 2015 07:48:44 -0700 (PDT)
Received: from mail-ie0-f169.google.com (mail-ie0-f169.google.com. [209.85.223.169]) by mx.google.com with ESMTPSA id q78sm4518348ioi.28.2015.03.12.07.48.42 for <rtcweb@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 Mar 2015 07:48:44 -0700 (PDT)
Received: by ieclw3 with SMTP id lw3so43335911iec.2 for <rtcweb@ietf.org>; Thu, 12 Mar 2015 07:48:42 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.50.107.36 with SMTP id gz4mr74987257igb.25.1426171711083; Thu, 12 Mar 2015 07:48:31 -0700 (PDT)
Received: by 10.36.20.10 with HTTP; Thu, 12 Mar 2015 07:48:30 -0700 (PDT)
In-Reply-To: <CAOJ7v-3YypG1s9KXOCA+Fo58SuVuUk5-thcSc0k3N2j=4ZmJoA@mail.gmail.com>
References: <54F74B02.1070902@jive.com> <CAD5OKxs8JYG3-Vvndi59ZrdPE7UTj22ozD4tcWTHgzWrHv=q7Q@mail.gmail.com> <54F756B2.60408@jive.com> <7594FB04B1934943A5C02806D1A2204B1D726AD8@ESESSMB209.ericsson.se> <CAD5OKxu7py3HbrFjxTDZS5ECFzx7vd=wpjve-gT6gWwksjEu+g@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D726B71@ESESSMB209.ericsson.se> <CABcZeBO1O6sA8MqvWkCDu3RPLz5-P2G65Us28i0baOavDnRT7Q@mail.gmail.com> <CAD5OKxuWCdgMR5Kxjv9BSwZ3Jm9kGXx9Pi-9FrfsnuQZ_91jAA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D726DC1@ESESSMB209.ericsson.se> <CALiegfkipJhsy7-40+=d9xMUf4RJGdn3_fABL3NN2KuFNvS2BA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D727570@ESESSMB209.ericsson.se> <CALiegfmfvz3NWSjcovGBytiOTbR6kFfyh0vx5cXoMJtytfGzRA@mail.gmail.com> <CAD5OKxsu3D0xHY-zYbDu1hyH_+4=3mWDvW2i98WCVZ+29BpKCw@mail.gmail.com> <CA5E97EE-99F8-44D8-B05B-C9EFDED1A9BB@vidyo.com> <2F467A7E-7A6C-4B1B-985A-0D9C089BE973@cisco.com> <CAOJ7v-1TjZOZ5G31vy_Gt73ADGLRay1RHVeMi=H6Q4=N1b6HLA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D7367A0@ESESSMB209.ericsson.se> <CALiegfmyp=v6thk4eLz7nL1BHh2Qj7jmC84tdG7ufg8HPXsVKA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D7369C9@ESESSMB209.ericsson.se> <CAD5OKxtCswToNzoZnnqJ5M66mjNjKJoA++WYNqN5155n+CWXsA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D736AC0@ESESSMB209.ericsson.se> <CAD5OKxs1grSqAG32mf__wtsjpo68jZmKonbd+EsJmYNsDHUbFQ@mail.gmail.com> <CAOJ7v-3YypG1s9KXOCA+Fo58SuVuUk5-thcSc0k3N2j=4ZmJoA@mail.gmail.com>
Date: Thu, 12 Mar 2015 10:48:30 -0400
Message-ID: <CAD5OKxs451cVQg6J9KEMq=nOK1kLoeCWGFEqLihDhyVsf71Zrg@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Justin Uberti <juberti@google.com>
Content-Type: multipart/alternative; boundary="047d7b1117bf3a80060511187aa9"
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/IwxAWuCiQMBlqM7IcY3LT_WRXr0>
Cc: Cullen Jennings <fluffy@cisco.com>, Jonathan Lennox <jonathan@vidyo.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Mar 2015 14:49:21 -0000

On Wed, Mar 11, 2015 at 11:33 AM, Justin Uberti <juberti@google.com> wrote:

>
>
> On Wed, Mar 11, 2015 at 7:32 AM, Roman Shpount <roman@telurix.com> wrote:
>
>> On Wed, Mar 11, 2015 at 10:24 AM, Christer Holmberg <
>> christer.holmberg@ericsson.com> wrote:
>>
>>> I assume you mean SCTP-over-DTLS? Usage of "plain" SCTP with ICE is not
>>> defined, as far as I know.
>>>
>>
>> You are correct.
>>
>>
>>>
>>> > New things can be defined in the future. When they do, they should
>>> treat ICE a virtual communication channel that
>>> > provides unreliable packet transport with no order guarantees which
>>> can span multiple 5-tuples.
>>>
>>> Then the scope of what we discuss now should not be "whatever protocol"
>>> - it should be the specific protocols we are discussing.
>>>
>>>
>> I think ICE-bis should define protocol requirements for the protocols
>> that can run on top of ICE, which includes:
>> 1. Ability to run over unreliable packet based transport with no order
>> guarantees
>> 2. Ability to demux with STUN packets
>> 3. Not t make any assumption about IP addresses, ports, or other
>> transport level protocols attributes such as TOS.
>>
>>
> I think these are good criteria. Note that TCP would meet these criteria,
> and I see no problem running TCP atop ICE (we used to do this in an old
> version of our data channel code).
>
> I think for TCP to meet this criteria, usage of TCP over ICE would still
need to be defined somewhere. In particular the use of address, port, and
checksum in such use case would need to be specified somewhere. Until this
is done, TCP-over-ICE would be under-defined and not quite usable.
_____________
Roman Shpount