IETF Logo Mail Archive

Re: [rtcweb] JSEP: Why always offer actpass?

Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com> Tue, 25 November 2014 17:38 UTC

Return-Path: <stefan.lk.hakansson@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 234501A6FFF for <rtcweb@ietfa.amsl.com>; Tue, 25 Nov 2014 09:38:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_56=0.6, J_CHICKENPOX_57=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D8y6SmtfCVFk for <rtcweb@ietfa.amsl.com>; Tue, 25 Nov 2014 09:38:36 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DABD81A0368 for <rtcweb@ietf.org>; Tue, 25 Nov 2014 09:38:35 -0800 (PST)
X-AuditID: c1b4fb30-f79e66d000000ff1-a8-5474be990274
Received: from ESESSHC020.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 78.65.04081.99EB4745; Tue, 25 Nov 2014 18:38:33 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.126]) by ESESSHC020.ericsson.se ([153.88.183.78]) with mapi id 14.03.0195.001; Tue, 25 Nov 2014 18:38:33 +0100
From: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
To: "Makaraju, Maridi Raju (Raju)" <Raju.Makaraju@alcatel-lucent.com>, Justin Uberti <juberti@google.com>
Thread-Topic: [rtcweb] JSEP: Why always offer actpass?
Thread-Index: AdAH/G6saC/Ce4vxTgqv23nLTon8JA==
Date: Tue, 25 Nov 2014 17:38:32 +0000
Message-ID: <1447FA0C20ED5147A1AA0EF02890A64B1D0D5FB6@ESESSMB209.ericsson.se>
References: <1447FA0C20ED5147A1AA0EF02890A64B1D0D579E@ESESSMB209.ericsson.se> <CAOJ7v-1ztXies0-W3B2=zWaydeLTuR8tU7v15nqyTw+MwGE+rw@mail.gmail.com> <1447FA0C20ED5147A1AA0EF02890A64B1D0D5A4B@ESESSMB209.ericsson.se> <E1FE4C082A89A246A11D7F32A95A17828E63C45B@US70UWXCHMBA02.zam.alcatel-lucent.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.150]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrFLMWRmVeSWpSXmKPExsUyM+Jvje7MfSUhBg9PGVhsnSpk0bDxCqvF 2n/t7A7MHq3P9rJ6LNhU6rFkyU+mAOYoLpuU1JzMstQifbsEroxfR2sK9gpVfL/wi7mBcQ5/ FyMnh4SAicSyxyfYIGwxiQv31gPZXBxCAkcYJf5f+soI4SxhlHh8ZgJYFZtAoMTWfQvAbBGB XIl5fSvBbGYBdYk7i8+xg9jCAqYSky4uY4KoMZNYeHICI4StJ3HzywUWEJtFQFXi24OrzCA2 r4CvRNuvbVDLVjNJHJr/EayZEeik76fWMEEsEJe49WQ+E8SpAhJL9pxnhrBFJV4+/scKYStJ rNh+iRGiXk/ixtQpUMdpSyxb+BpqmaDEyZlPWCYwis5CMnYWkpZZSFpmIWlZwMiyilG0OLU4 KTfdyEgvtSgzubg4P08vL7VkEyMwcg5u+W2wg/Hlc8dDjAIcjEo8vBs+FIcIsSaWFVfmHmKU 5mBREuddeG5esJBAemJJanZqakFqUXxRaU5q8SFGJg5OqQbGtZqyc5V2HHv/WqtYwXan5alX nK7WQrdFX4o/fsk6p/jQiYMnZ+ovsZVlnDj9x3ob35tLy2JKq+cmHm9qZvRb/t2uUWrb+baS nRMvrZhQHDPfJiSuLHnunZnSaaI5e5YK7L7xYat4zZ0lUybaelWvk1jYt+XvM6aEEKk/qjaK L8+cMXqn9fA2txJLcUaioRZzUXEiAOONGVR9AgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/LmkqKs0g5QJv8fscZYKu9XMVdCw
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] JSEP: Why always offer actpass?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Nov 2014 17:38:38 -0000

On 25/11/14 17:28, Makaraju, Maridi Raju (Raju) wrote:
>>> o  The endpoint MUST use the setup attribute defined in [RFC4145
>> <https://tools.ietf.org/html/rfc4145>].
>>> The endpoint that is the offerer MUST use the setup attribute
>>> value of setup:actpass and be prepared to receive a client_hello
>>> before it receives the answer.  The answerer MUST use either a
>>> setup attribute value of setup:active or setup:passive.  Note
>>> that if the answerer uses setup:passive, then the DTLS handshake
>>> will not begin until the answerer is received, which adds
>>> additional latency. setup:active allows the answer and the DTLS
>>> handshake to occur in parallel.  Thus, setup:active is
>>> RECOMMENDED.  Whichever party is active MUST initiate a DTLS
>>> handshake by sending a
>>>
>>> ClientHello over each flow (host/port quartet).
>>
>> The section quoted seem to refer to the initial offer/answer, later
>> in that document (section 6.6, with heading "Session Modification")
>> there is wording that (to me at least) hints at keeping the
>> established roles in subsequent offers.
>>
>> A different question is the value of initially offering actpass
>> when ICE is mandatory to use. ICE connectivity checks will happen
>> before the DTLS handshake, so perhaps initially offering passive
>> would make sense. (actpass is a MUST according to 5763, OTOH 5763
>> is only an informal ref to JSEP.)
>
> <Raju> Limiting it to "passive" would force the peer and/or
> intermediaries to support DTLS client functionality as well. IMHO,
> this may limit the success rate. If a peer or middlebox does not
> support DTLS client functionality then it can always return
> "passive", which may involve bit more delay in DTLS setup. But it is
> not that bad as the SDP offerer must wait for SDP answer
> (a=fingerprint is needed) before the DTLS can be setup successfully
> anyway. </Raju>

Thanks Raju, seems this was a bad proposal - forget you heard it!

Do you have an opinion on my main "topic": that subsequent offers should 
offer the already negotiated role, rather than always "actpass"?

Br,
Stefan

>
> BR Raju
>

v2.23.0 | Report a Bug | By Email