Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-stun-consent-freshness-13
"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Thu, 28 May 2015 06:32 UTC
Return-Path: <tireddy@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B9DC1A1AFF; Wed, 27 May 2015 23:32:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7g-8sDEM93Jm; Wed, 27 May 2015 23:32:25 -0700 (PDT)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF5841A1AA6; Wed, 27 May 2015 23:32:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=25576; q=dns/txt; s=iport; t=1432794744; x=1434004344; h=from:to:cc:subject:date:message-id: content-transfer-encoding:mime-version; bh=oPqd+wi7+SFf6VT1IrlMlQ3dpj1AyZtBCqTf4gK3Qik=; b=NpSrPO/2nocpI9FNANYFUm06o8LhE9ZPAcEsaXF6ba/+WBDmFidjg1bp UajRNws5w7/TpSU1M5MKH8YA2X8/+NGtIkuldHtDkFr74k0HjLAtBAOMM xmBg4LeYbWgG3/9fYggoHY+Drbnlfn2ceevkJCHoMpfGjN/+yVQuv46U8 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ARBADStWZV/4MNJK1ZA4MQgTIGwHxmCYdRAoFKOBQBAQEBAQEBgQqEIgEBAQMBGl8FBwYBCBEBAgEBAQEKHSgRFAMGCQEEAQ0FCIgQAwoIzmYNhH4BAQEBAQEBAQEBAQEBAQEBAQEBAQEXizqCTYFgDRohEA0LgwaBFgWFDYFehHQrhn6HBIF4OoMCg3GKNlyDKoNZI2GDF2+BAwEGGQIhgQEBAQE
X-IronPort-AV: E=Sophos;i="5.13,511,1427760000"; d="scan'208";a="154051107"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by alln-iport-5.cisco.com with ESMTP; 28 May 2015 06:32:23 +0000
Received: from xhc-rcd-x01.cisco.com (xhc-rcd-x01.cisco.com [173.37.183.75]) by alln-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id t4S6WM2B014252 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 28 May 2015 06:32:23 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.253]) by xhc-rcd-x01.cisco.com ([173.37.183.75]) with mapi id 14.03.0195.001; Thu, 28 May 2015 01:32:22 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: "Black, David (david.black@emc.com)" <david.black@emc.com>, "joel jaeggli (joelja@bogus.com)" <joelja@bogus.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Thread-Topic: OPS-Dir review of draft-ietf-rtcweb-stun-consent-freshness-13
Thread-Index: AdCZEAkgUwawg8/yQZKvd0M2cshTwQ==
Date: Thu, 28 May 2015 06:32:21 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A478607D3@xmb-rcd-x10.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.47.79]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/OkFI7HtK73Yr_ePBXJuQA776Pb0>
Subject: Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-stun-consent-freshness-13
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2015 06:32:29 -0000
> -----Original Message----- > From: Black, David [mailto:david.black@emc.com] > Sent: Thursday, May 28, 2015 3:35 AM > To: Ram Mohan R (rmohanr); joel jaeggli; muthu.arul@gmail.com; Dan Wing > (dwing); Tirumaleswar Reddy (tireddy); martin.thomson@gmail.com; ops- > dir@ietf.org; rtcweb@ietf.org; Black, David > Cc: Black, David; rtcweb-chairs@tools.ietf.org; Alissa Cooper > (alissa@cooperw.in) > Subject: RE: OPS-Dir review of draft-ietf-rtcweb-stun-consent-freshness-13 > > Unfortunately, one of the major issues just became much more serious. As > part of my issue [1], I wrote: > > I don't > see any RFCs listed as updated by this draft, so I'm guessing that this > is not intended to promulgate new requirements for all uses of ICE and > STUN, but this should be clarified. > > Unfortunately, the required clarification is more than editorial, as upon > further reading, I see this sentence at the end of Section 3 in this draft: > > If consent is > performed then there is no need to send keepalive messages. > > However, the first sentence in section 10 of RFC 5245 says: > > All endpoints MUST send keepalives for each media session. > > Therefore, this draft normatively modifies RFC 5245, but there was no > indication of that modification during IETF Last Call, as the draft contains > neither an Updates: header nor a summary description of changes to RFC > 5245. > > This is a serious process problem; please work with your WG chairs and AD > to determine what to do, as your AD (Alissa) owns the decision about what > has to happen to correct this mistake in addition to correcting the text in the > draft. > > ---------- > > Moving on to concerns beyond the two major issues ... anything not > mentioned here (aside from [1] and [2] covered in my previous message, > plus the above missing info on the updates to RFC 5245) is ok with me. > > > >> [3] In Section 1, please explain what ICE-lite is. A suitable > > >> reference should suffice. > > > > Yes we will add reference to RFC5245 that describes ICE-lite > > Please add a sentence to summarize ICE-lite, not just the reference. NEW: ICE-lite agent defined in section 2.7 of [RFC5245] does not generate connectivity checks or runs the ICE state machine, it only needs to be able to respond to connectivity checks. Hence an ICE-lite implementation will not generate consent checks, but will just respond to consent checks it receives. No changes are required to ICE-lite implementations in order to respond to consent checks, as they are processed as normal ICE connectivity checks. > > > >> [4] In Section 4.1, please explain or provide a reference for what > "paced" > > >> means in "paced STUN connectivity checks or responses." > > > > Pacing is explained in the same section below. Let us know if this is > > not sufficient/not clear. > > <snip> > > To prevent expiry of consent, a STUN binding request can be sent > > periodically. To prevent synchronization of consent checks, each > > interval MUST be randomized from between 0.8 and 1.2 times the basic > > period. Implementations SHOULD set a default interval of 5 seconds, > > resulting in a period between checks of 4 to 6 seconds. > > It's not clear - the word "paced" is absent, and that explanation shows up in > the middle of the next page after the use of "paced." I suggest the following > two changes to the second paragraph in Section 4.1 for clarity: > > First sentence: > > An endpoint MUST NOT send data other than paced STUN connectivity > checks or responses toward any transport address unless the receiving > endpoint consents to receive data. > > a) Delete "paced" from the first line. > b) Add the following sentence immediately after that first sentence. > > Additional constraints apply to when these checks are allowed to be sent, > including a minimum interval between checks, as further specified in this > section. > > -- Everything below here is editorial -- > > > >> This mechanism is an incremental modification to the STUN and ICE > > >> protocols, and can be implemented by one party to a communication > > >> session; ordinary response generation behavior (already required) > > >> reflects the cryptographically strong STUN transaction IDs on which > > >> the mechanism is based. As a result, the mechanism can be deployed > > >> at one end of a two-party communication session without impact on > > >> the other party. This is implied by section 3 of the draft, but would be > useful to state explicitly. > > > > We will add a new applicability section proposed above and also > > modified para 3 of Intro to make it clearer that this draft does not > > change ICE procedures. Please let us know if this solves the comment > above. > > It does not. Please add a sentence to say that consent checks can be > deployed via modifications solely to endpoints that send STUN connectivity > checks because implementations are already required to respond to such > checks. A rephrasing of Section 3 would be a good means of adding this. Section 3. NEW: The mechanism proposed in the document is an optional extension to the ICE protocol, it can be deployed at one end of the two-party communication session without impact on the other party. > > > >> [A.1.1 - deployment] > > >> > > >> The mechanism has been defined to limit the amount of added traffic > > >>and to shut down unwanted traffic, plus contains a facility to > > >>desynchronize independent users of this protocol. Some rationale > > >>should be added for the choice of the 30 second timeout period. > > > > 30 second timeout period was selected so that consent checks could be > > sent between 7 to 5 times (to handle packet loss). > > Please add that statement to the draft. NEW: 30 second timeout period was selected so that consent checks could be sent between 7 to 5 times to handle packet loss. > > > >> [A.1.5 - network impact] > > >> > > >> There is an obvious fault condition, namely that consent is lost or > > >> revoked causing immediate cessation of traffic. While the details > > >> depend on the environment in which this mechanism is used, it'd be > > >> helpful to add a sentence or two on reporting of the state of STUN > > >> consent-based connectivity and how that reporting should or may > > >> relate to reporting of the state of other forms of connectivity (e.g., TCP, > SRTP/SRTCP) that are mentioned in this draft. > > > > We specifically discussed in WG about how applications should handle > > changes in Consent and it was decided to keep it outside the scope of > > this draft. Para 3 of introduction already has a text that says the same. > > There can be many possibilities if consent is lost or failed depending > > on what the application wants. > > Ok, but .. this is not about "how applications should handle" loss of consent; > it's about "how implementations should report" loss of consent. Part of this > is already in Section 7, which indicates how the application learns that > consent has expired. It would suffice to add a sentence added to that > section to indicate that there are other reasons for loss of ability to transmit > data, and include an example of how at least one other is reported to > applications. NEW: The circuit breaker algorithm discussed in section 7.1 of [I-D.ietf-rtcweb-rtp-usage] could be one of the reasons for ceasing transmission of media and to notify the application about the loss of ability to transmit data. > > > >> [A.1.8 - fault and threshold conditions] > > >> > > >> This mechanism is a simple extension to existing protocols, and > > >> should fit into existing configuration and management for those > > >> protocols. [A.1.9 - configuration, A.2 - Management (in general)] > > >> > > >> It might be useful to mention the utility of tracking frequency and > > >> duration of loss and re-establishment of consent-based > > >> connectivity, as such information has operational value. In > > >> particular, a discussion of how a server could infer loss of > > >> connectivity with a client that is using this mechanism might be > > >> useful to add, as the operational concerns may be more significant > > >> for servers and related networks than clients. [A.2.2 - management > information, A.2.3 - fault management]. > > > > This again seems some thing outside the scope of this draft as it is > > trying to specify application behavior. Is there some thing that you > > want us to add in the draft for this? > > Nope, this is again about reporting information, not how applications > respond to the reports. In addition, the consumer of this information may > be a network operation tool of some sort as opposed to a WebRTC > application. Specific details of what to track and how to report it belong > elsewhere, but it would be good to at least add a sentence pointing out that > it is useful to track frequency and duration of loss of consent, e.g., to assist in > troubleshooting application problems. NEW: WebRTC client application may in-turn notify WebRTC server about loss of consent so that it can track frequency and duration of loss of consent , e.g., to assist in troubleshooting application problems. Cheers, -Tiru > > > Thanks, > --David > > > -----Original Message----- > > From: Black, David > > Sent: Wednesday, May 27, 2015 3:17 AM > > To: Ram Mohan R (rmohanr); joel jaeggli; muthu.arul@gmail.com; Dan > > Wing (dwing); Tirumaleswar Reddy (tireddy); martin.thomson@gmail.com; > > ops- dir@ietf.org; rtcweb@ietf.org > > Cc: Black, David > > Subject: RE: OPS-Dir review of > > draft-ietf-rtcweb-stun-consent-freshness-13 > > > > I'll limit comments here to the two major issues. Quick summary: > > > > [1] Applicability: The proposed text looks generally good, but the definition > > of "consent" needs a couple of clarifications. > > > > [2] Security Considerations: The proposed text isn't sufficient. In addition > > to the new applicability text's reference to the WebRTC security > > architecture draft, a reference to the WebRTC security > considerations > > draft with specific section pointers needs to be added to the security > > considerations section of this draft. > > > > > >> [1] The draft seems to be missing discussion of applicability - > > > >> what environments and/or protocols is this mechanism intended for > > > >> or > > applicable > > > >> to? > > > > > We will add a new section ³Applicability² after the introduction section. > > > > I think that proposed applicability section will address most of the concern. > > As part of this, the definition of consent (Section 2) needs elaboration: > > > > Consent: The mechanism of obtaining permission to send to a remote > > transport address. Initial consent is obtained using ICE. > > > > Two important concepts should be clearer: > > - Permission to send is obtained *from the recipient* of the traffic. > > - The traffic to which permission to send applies is *non-ICE* traffic. > > > > > >> [2] The security considerations appear to be incomplete. > > > >> There should be an explanation of why cryptographically strong > > > >> STUN transaction IDs are required (e.g., there are no > > > >> cryptographically strong IDs in the TCP consent mechanism noted > > > >> on p.4), and there should be a discussion of how and why replays > > > >> of previous consent responses are harmless (will be ignored by the > recipient). > > > > > > Cryptographically strong STUN transaction IDs are required so that > > > off-path attacker does not replay old consent responses. > > > > > > > > > > > > >>The mechanism design > > > >> appears to be ok, but this rationale should be provided in terms > > > >>of attacks that are of concern and how they are prevented - a > > > >>primary intent appears to be to resisting off-path attacks. > > > > > > We will add the following line to Security Considerations section. > > > > > > NEW: > > > > > > Consent requires 96 bits transaction ID to be uniformly and randomly > > > chosen from the interval 0 .. 2**96-1, and be cryptographically strong. > > > This is good enough security against an off-path attacker replaying > > > old STUN consent responses. > > > > That's good, but the actual problem is a missing reference. The > > rationale discussion is in draft-ietf-rtcweb-security, so that draft > > needs to be added as a normative reference, plus text added to the > > security considerations section of this consent draft to call > > attention to sections 3.3 and 4.2 of that rtcweb-security draft. This > > is in addition to the citation of sections > > 4.4 and 5.3 of draft-ietf-rtcweb-security-arch in the proposed new > > applicability text. > > > > Thanks, > > --David > > > > > -----Original Message----- > > > From: Ram Mohan R (rmohanr) [mailto:rmohanr@cisco.com] > > > Sent: Tuesday, May 19, 2015 11:28 AM > > > To: joel jaeggli; Black, David; muthu.arul@gmail.com; Dan Wing > > > (dwing); Tirumaleswar Reddy (tireddy); martin.thomson@gmail.com; > > > ops-dir@ietf.org; rtcweb@ietf.org > > > Subject: Re: OPS-Dir review of > > > draft-ietf-rtcweb-stun-consent-freshness-13 > > > > > > Hi David/Joel, > > > > > > Please see inline for my responses. > > > > > > > > > -----Original Message----- > > > From: joel jaeggli <joelja@bogus.com> > > > Date: Friday, 15 May 2015 4:59 am > > > To: "Black, David" <david.black@emc.com>, "muthu.arul@gmail.com" > > > <muthu.arul@gmail.com>, "dwing@cisco.com" <dwing@cisco.com>, > Cisco > > > Employee <rmohanr@cisco.com>, "tireddy@cisco.com" > > > <tireddy@cisco.com>, "martin.thomson@gmail.com" > <martin.thomson@gmail.com>, "ops-dir@ietf.org" > > > <ops-dir@ietf.org> > > > > > Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>, "ietf@ietf.org" > > > <ietf@ietf.org> > > > Subject: Re: OPS-Dir review of > > > draft-ietf-rtcweb-stun-consent-freshness-13 > > > > > > >Thanks David, > > > > > > > >I'll be looking with interest for the addressing of items 1/2. > > > > > > > >joel > > > > > > > >On 5/14/15 4:21 PM, Black, David wrote: > > > >> I have reviewed this document as part of the Operational > > > >> directorate's ongoing effort to review all IETF documents being > processed by the IESG. > > > >> These comments were written with the intent of improving the > > > >> operational aspects of the IETF drafts. Comments that are not > > > >> addressed in last call may be included in AD reviews during the > > > >> IESG review. Document editors and WG chairs should treat these > > > >> comments just like any other last call comments. > > > >> > > > >> Document: draft-ietf-rtcweb-stun-consent-freshness-13 > > > >> Reviewer: David Black > > > >> Review Date: May 14, 2015 > > > >> IETF LC End Date: May 15, 2015 (on -11) > > > >> > > > >> Summary: This draft is on the right track, but has open issues > > > >> described in the review. > > > >> > > > >> This draft describes use of STUN to obtain ongoing consent to > > > >> send in a fashion that is secured by the use of cryptographically > > > >> strong nonces as STUN transaction IDs. > > > >> > > > >> -- Major issues -- > > > >> > > > >> [1] The draft seems to be missing discussion of applicability - > > > >> what environments and/or protocols is this mechanism intended for > > > >> or > > applicable > > > >> to? Is this generally applicable wherever ICE and STUN are used? > > > >> I > > don't > > > >> see any RFCs listed as updated by this draft, so I'm guessing > > > >> that this is not intended to promulgate new requirements for all > > > >> uses of ICE and STUN, but this should be clarified. The shepherd > > > >> writeup implies that this draft is intended primarily for WebRTC. > > > > > > This document defines what it takes to obtain, maintain, and lose > > > consent to send using ICE. This draft does not restrict on what > > > applications should use Consent. Currently on webRTC applications > > > use Consent, however any other application that has Similar security > > > requirements can use this mechanism. We will add a new section > > > ³Applicability² after the introduction section. > > > > > > <snip> > > > 2. Applicability > > > > > > This document defines what it takes to obtain, maintain, and lose > > > consent to send using ICE.Verification of peer consent before > > > sending traffic is necessary in deployments like WebRTC to ensure > > > that a malicious JavaScript cannot use the browser as a platform for > > > launching attacks.Section 4.4 and section 5.3 of > > > [I-D.ietf-rtcweb-security-arch] explains why webRTC application needs > consent. > > > > > > Other Applications that have similar security requirement where it > > > is required to verify peer's consent before sending non-ICE packets > > > can use the consent mechanism described in this draft. > > > > > > > > > </snip> > > > > > > > > > Also we will modify para 3 of Intro to make it clearer. > > > > > > OLD: > > > This document defines what it takes to obtain, maintain, and lose > > > consent to send. Consent to send applies to a single 5-tuple. How > > > applications react to changes in consent is not described in this > > > document. > > > > > > > > > > > > NEW: > > > This document defines what it takes to obtain, maintain, and lose > > > consent to send. Consent to send applies to a single 5-tuple. How > > > applications react to changes in consent is not > > > described in this document. The consent mechanism does not update > > > the ICE procedures defined in [RFC 5245]. > > > > > > > > > > > > > > > > > > > > > >> > > > >> [2] The security considerations appear to be incomplete. > > > >> There should be an explanation of why cryptographically strong > > > >> STUN transaction IDs are required (e.g., there are no > > > >> cryptographically strong IDs in the TCP consent mechanism noted > > > >> on p.4), and there should be a discussion of how and why replays > > > >> of previous consent responses are harmless (will be ignored by the > recipient). > > > > > > Cryptographically strong STUN transaction IDs are required so that > > > off-path attacker does not replay old consent responses. > > > > > > > > > > > > >>The mechanism design > > > >> appears to be ok, but this rationale should be provided in terms > > > >>of attacks that are of concern and how they are prevented - a > > > >>primary intent appears to be to resisting off-path attacks. > > > > > > We will add the following line to Security Considerations section. > > > > > > NEW: > > > > > > Consent requires 96 bits transaction ID to be uniformly and randomly > > > chosen from the interval 0 .. 2**96-1, and be cryptographically strong. > > > This is good enough security against an off-path attacker replaying > > > old STUN consent responses. > > > > > > > > > > > > >> > > > >> -- Minor Issues -- > > > >> > > > >> [3] In Section 1, please explain what ICE-lite is. A suitable > > > >> reference should suffice. > > > > > > Yes we will add reference to RFC5245 that describes ICE-lite > > > > > > > > > > > > >> > > > >> [4] In Section 4.1, please explain or provide a reference for > > > >>what "paced" > > > >> means in "paced STUN connectivity checks or responses." > > > > > > Pacing is explained in the same section below. Let us know if this > > > is not sufficient/not clear. > > > <snip> > > > To prevent expiry of consent, a STUN binding request can be sent > > > periodically. To prevent synchronization of consent checks, each > > > interval MUST be randomized from between 0.8 and 1.2 times the > basic > > > period. Implementations SHOULD set a default interval of 5 seconds, > > > resulting in a period between checks of 4 to 6 seconds. > > > </snip> > > > > > > > > > > > > >> > > > >> -- Nits/Editorial Comments -- > > > >> > > > >> The SRTP paragraph in Section 8 (Security Considerations) feels > > > >>out of place > > > >> - this looks like design rationale material that would be better > > > >>located in Section 3. > > > > > > Okay, will move this paragraph to Section 3. > > > > > > > > > > > > >> > > > >> idnits 2.13.02 found an unused reference: > > > >> > > > >> == Unused Reference: 'I-D.ietf-rtcweb-overview' is defined on > > > >>line 320, but > > > >> no explicit reference was found in the text > > > >> > > > >> That reference is likely to be useful to address the absence of > > > >>discussion of applicability (major issue [1], above). > > > > > > This reference is not needed. Once we add applicability section we > > > will reference rtcweb-security-arch draft. > > > > > > >> > > > >> --- Selected RFC 5706 Appendix A Q&A for OPS-Dir review --- > > > >> > > > >> This mechanism is an incremental modification to the STUN and ICE > > > >>protocols, and can be implemented by one party to a communication > > > >>session; ordinary response generation behavior (already required) > > > >>reflects the cryptographically strong STUN transaction IDs on > > > >>which the mechanism is based. As a result, the mechanism can be > > > >>deployed at one end of a two-party communication session without > > > >>impact on the other party. This is implied by section 3 of the > > > >>draft, but would be useful to state explicitly. > > > > > > We will add a new applicability section proposed above and also > > > modified para 3 of Intro to make it clearer that this draft does not > > > change ICE procedures. Please let us know if this solves the comment > above. > > > > > > > > > >> [A.1.1 - deployment] > > > >> > > > >> The mechanism has been defined to limit the amount of added > > > >>traffic and to shut down unwanted traffic, plus contains a > > > >>facility to desynchronize independent users of this protocol. > > > >>Some rationale should be added for the choice of the 30 second > > > >>timeout period. > > > > > > 30 second timeout period was selected so that consent checks could > > > be sent between 7 to 5 times (to handle packet loss). > > > > > > > > > >> [A.1.5 - network impact] > > > >> > > > >> There is an obvious fault condition, namely that consent is lost > > > >>or revoked causing immediate cessation of traffic. While the > > > >>details depend on the environment in which this mechanism is > > > >>used, it'd be helpful to add a sentence or two on reporting of > > > >>the state of STUN consent-based connectivity and how that > > > >>reporting should or may relate to reporting of the state of other > > > >>forms of connectivity (e.g., TCP, SRTP/SRTCP) that are mentioned > > > >>in this draft. > > > > > > We specifically discussed in WG about how applications should handle > > > changes in Consent and it was decided to keep it outside the scope > > > of this draft. Para 3 of introduction already has a text that says the same. > > > There can be many possibilities if consent is lost or failed > > > depending on what the application wants. > > > > > > > > > >> [A.1.8 - fault and threshold conditions] > > > >> > > > >> This mechanism is a simple extension to existing protocols, and > > > >>should fit into existing configuration and management for those > > > >>protocols. [A.1.9 - configuration, A.2 - Management (in general)] > > > >> > > > >> It might be useful to mention the utility of tracking frequency > > > >>and duration of loss and re-establishment of consent-based > > > >>connectivity, as such information has operational value. In > > > >>particular, a discussion of how a server could infer loss of > > > >>connectivity with a client that is using this mechanism might be > > > >>useful to add, as the operational concerns may be more > > > >>significant for servers and related networks than clients. [A.2.2 > > > >>- management information, A.2.3 - fault management]. > > > > > > This again seems some thing outside the scope of this draft as it is > > > trying to specify application behavior. Is there some thing that you > > > want us to add in the draft for this? > > > > > > Regards, > > > Ram > > > > > > >> > > > >> The primary operational impact of this protocol should be > > > >>reduction in unwanted traffic, which is a benefit - the consent > > > >>check traffic added by this protocol should not have significant > > > >>impacts. The writeup indicates that implementers have reviewed > > > >>the draft and implementations are in progress. [A.3 - > > > >>Documentation] > > > >> > > > >> Thanks, > > > >> --David > > > >> ---------------------------------------------------- > > > >> David L. Black, Distinguished Engineer EMC Corporation, 176 South > > > >> St., Hopkinton, MA 01748 > > > >> +1 (508) 293-7953 FAX: +1 (508) 293-7786 > > > >> david.black@emc.com Mobile: +1 (978) 394-7754 > > > >> ---------------------------------------------------- > > > >> > > > >> > > > >> > > > > > > > >
- [rtcweb] OPS-Dir review of draft-ietf-rtcweb-stun… Black, David
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… joel jaeggli
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Ram Mohan R (rmohanr)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Black, David
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Black, David
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Harald Alvestrand
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Harald Alvestrand
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Martin Thomson
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Black, David
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Ted Hardie
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Christer Holmberg
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Christer Holmberg
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Ram Mohan R (rmohanr)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Ram Mohan R (rmohanr)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Black, David
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Black, David
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Harald Alvestrand
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Bernard Aboba
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Christer Holmberg
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Ram Mohan R (rmohanr)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Christer Holmberg
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Muthu Arul Mozhi Perumal
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] OPS-Dir review of draft-ietf-rtcweb-… Black, David