Re: [rtcweb] [BEHAVE] Fwd: New Version Notification for draft-uberti-behave-turn-rest-00.txt

Kaiduan Xie <kaiduanx@gmail.com> Fri, 26 July 2013 13:42 UTC

Return-Path: <kaiduanx@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29E1421F88FB; Fri, 26 Jul 2013 06:42:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dT2J9XPfMX6F; Fri, 26 Jul 2013 06:42:58 -0700 (PDT)
Received: from mail-we0-x22e.google.com (mail-we0-x22e.google.com [IPv6:2a00:1450:400c:c03::22e]) by ietfa.amsl.com (Postfix) with ESMTP id DFED921F8793; Fri, 26 Jul 2013 06:42:57 -0700 (PDT)
Received: by mail-we0-f174.google.com with SMTP id q54so1852693wes.5 for <multiple recipients>; Fri, 26 Jul 2013 06:42:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=th49Cr7NJWQ55YHFYkmT+pyoT5QPwLLqV+wzVVw8mIY=; b=Su75fsqClNA/bBWLrmlw7U3URsb+aJxi32n+3/x10k+fvDMn4sfVHcO30NlcSM5NyL gCq/20Fs/zNGAT+jhul64xSLp1FQBn9FO50H1DXuTdv/Wt1Kiwq+nTi2yCL4d36R6tQa REyaAErT9FpHhSY+e/iE5KigIdHlef5qvibdjos3wiVjycoSrxY6WXRDJIV+yoX31HaF gGBK2crKRNhIyP06ND0ZaTd6dccjgdU1XywBVpMub26tmw8KMEz1YX7p41Wq97NoYVDW kpBr5X6gjN15CKX8xGehgXEMmxMAh03YGOalMfiIL657YPBWMf3YqP5uSCcF9kpux/fO y5EQ==
MIME-Version: 1.0
X-Received: by 10.180.211.171 with SMTP id nd11mr5796542wic.17.1374846177031; Fri, 26 Jul 2013 06:42:57 -0700 (PDT)
Received: by 10.216.248.194 with HTTP; Fri, 26 Jul 2013 06:42:56 -0700 (PDT)
In-Reply-To: <CALDtMrJGK1Lo6TEjJi-UMGn=ucJGpASJ0BEAV+r7SxhtZwdFBQ@mail.gmail.com>
References: <20130715214906.5314.83583.idtracker@ietfa.amsl.com> <CALe60zBA_unaQekMkKwKwKNRPbJjECAtJ9bAV=fv6V6Mdfon6Q@mail.gmail.com> <CAOJ7v-2WGi_fD9mVx+dtZBo+X4-sXxXZFek9mt2cAmrqFCyYMg@mail.gmail.com> <CAJWm+fGBDec_66WMBVhsv5TD8hVzDoOtd5CGs7xAHZqkYtDGBg@mail.gmail.com> <51E70106.8060100@goodadvice.pages.de> <CAJWm+fGUEH43bgR1j56qea3+uSVQ63myr1tZkrdYRGEmBw=zew@mail.gmail.com> <CAOJ7v-2wzEQXSMPM4bnGW5_0ciDf9VuY1nb2xp=Wbqe0Rq5yZA@mail.gmail.com> <CAJWm+fE1G2r0TcUAcZUVCP0WRSC35JFBdZ-oMqJfAykhNExqyA@mail.gmail.com> <51ED9318.6000003@nostrum.com> <51ED9A3C.4060307@goodadvice.pages.de> <CALDtMrLFoqE9HrDdCa6iT64EiRV-wZ+apuwAuxmV6boyQoPrzQ@mail.gmail.com> <CAOJ7v-09uwKvpU8S0KRRdDn_kU6LqK45kYSAkA5ZAEBt3j9b=w@mail.gmail.com> <CAJWm+fHwnKCyO+tof-B1i4NbN9AUX-e1ThVtOiONmctO3ZEXAA@mail.gmail.com> <CALDtMrLR6-jANG=k3K+5XPEgx8Y0sQ085WcwX=GxTYi-7a9j9Q@mail.gmail.com> <CAJWm+fGM1hNNnzj+LRgObKYGf=C0RXebEFpEjG4pn463NM6P+Q@mail.gmail.com> <CALDtMrJGK1Lo6TEjJi-UMGn=ucJGpASJ0BEAV+r7SxhtZwdFBQ@mail.gmail.com>
Date: Fri, 26 Jul 2013 09:42:56 -0400
Message-ID: <CACKRbQf2FER=OcDWHgW70LJHD5FQ3vNcwqyAg4kTq4ZBmzmt=A@mail.gmail.com>
From: Kaiduan Xie <kaiduanx@gmail.com>
To: Oleg Moskalenko <mom040267@gmail.com>
Content-Type: multipart/alternative; boundary="001a11c3850000c0fa04e26a52cb"
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>, behave <behave@ietf.org>
Subject: Re: [rtcweb] [BEHAVE] Fwd: New Version Notification for draft-uberti-behave-turn-rest-00.txt
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jul 2013 13:42:59 -0000

Justin,

I recommend you to put a note into the draft to state the following two
points,

1) The user name and password are generated by the web server instead of
the TURN server.

2) There is no communication channel required between web server and TURN
server.

>From the title (TURN Server REST API) and the text, it is easy to
misunderstand that TURN server processes the HTTP POST request.

Thanks,

/Kaiduan

On Wed, Jul 24, 2013 at 10:06 AM, Oleg Moskalenko <mom040267@gmail.com>wrote:

> Thank you for the new link.
>
> I checked the new version of the draft and I personally see no problem in
> the text. There is no proprietary software requirements in the draft. It
> simply defines the logic how the TURN server and web server can organize
> the temporary password generation, without imposing any proprietary
> requirements and specs on the software. It is mentioning a possible
> communication channel between web server and TURN server without defining
> any specs and as it is written that channel is not required. As it is
> written, I do not think that it has to be separated into two pieces - it is
> a single solid logical functionality definition.
>
> Thanks
> Oleg
>
>
> On Wed, Jul 24, 2013 at 1:46 AM, Rajmohan Banavi <rajmohanbanavi@gmail.com
> > wrote:
>
>> This is the draft (BEHAVE WG) I am referring to -
>> http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00
>>
>>
>>> This is not the case. It is not the TURN server who generates the
>>> credentials. The web server must generate the temporary password, and to be
>>> able to do that the web server must have the shared secret - the same as
>>> TURN server has. How they share the same shared secret I'd leave outside
>>> the proposed specs.
>>>
>>> OK fine.
>>
>>
>>> It is rather clear - the web server takes the shared secret and it
>>> generates the temporary password for long-term TURN credentials. The TURN
>>> server can reproduce that generation process and obtain the same temporary
>>> password - because the TURN server knows the same shared secret as the web
>>> server.
>>>
>>
>> OK fine.
>>
>> Thanks,
>> Rajmohan
>>
>
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>
>