Re: [rtcweb] Transports: RFC 4941 support?

Ted Hardie <ted.ietf@gmail.com> Thu, 20 March 2014 20:56 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 160681A07EF for <rtcweb@ietfa.amsl.com>; Thu, 20 Mar 2014 13:56:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ub_MF3r_1Mc1 for <rtcweb@ietfa.amsl.com>; Thu, 20 Mar 2014 13:56:14 -0700 (PDT)
Received: from mail-ig0-x229.google.com (mail-ig0-x229.google.com [IPv6:2607:f8b0:4001:c05::229]) by ietfa.amsl.com (Postfix) with ESMTP id 2106D1A08BD for <rtcweb@ietf.org>; Thu, 20 Mar 2014 13:56:14 -0700 (PDT)
Received: by mail-ig0-f169.google.com with SMTP id h18so18398835igc.0 for <rtcweb@ietf.org>; Thu, 20 Mar 2014 13:56:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=TApEPG7ez5Z7tXUuw3gCqdAnU8ZlNdJCXzZ+ChaFdEg=; b=GqAaI82BkimqcNuHmjX10jA0kkd2xD505IpTFoBn7bWnl1m+/gVgw/AalQQtucQTh5 tQ/kxrBe5MJGVtfSSlpFul0l93AL7wi4DNAjF+oS2uzv7C9aV4m+Yt5XyMshIQeJPmSP er55x/Y02XwH6IQdWWbOWAlMbtt11gITPgg1DS3k6t8Ya5pljgTzsJ8/LtUWRmS6ZIL3 VGOvhxdW1vNPZgIoU9SgjklrPUeUf0yrpKGLd6+w429rdHk7HasH5EKma99dp10N6ZLT P5mIi+aS5Wk+Tc27sPPJFAU5fGifzExbICvOOHUChtcclFlP/8ij0x2xr1DPjFsuNApO i5DA==
MIME-Version: 1.0
X-Received: by 10.50.83.38 with SMTP id n6mr33146144igy.30.1395348964983; Thu, 20 Mar 2014 13:56:04 -0700 (PDT)
Received: by 10.42.237.206 with HTTP; Thu, 20 Mar 2014 13:56:04 -0700 (PDT)
In-Reply-To: <444DE75E-BF07-4C6F-91B1-CF57DC67FBA3@cisco.com>
References: <CAOJ7v-0Hw0NFs_avsB2Z8do21BCws2LRZSeSh6HP0t455SPXyw@mail.gmail.com> <B6836FFA-867A-4CBF-9855-D265425EC5E1@cisco.com> <CAOqqYVE=i2L7FxGgKuV0DVaaxYOPnxzSEbDoq0_4Tqapna575g@mail.gmail.com> <CD747481-EBDA-4FFC-A31D-618E6E217420@cisco.com> <5329B617.2070001@alvestrand.no> <17885A74-50A3-49E3-8C54-E53C55019C73@cisco.com> <CAOJ7v-0Dx4Owam7NzXqs6ALPi+ps9gKbmFK9=Zu5eBr9yHYgKg@mail.gmail.com> <444DE75E-BF07-4C6F-91B1-CF57DC67FBA3@cisco.com>
Date: Thu, 20 Mar 2014 13:56:04 -0700
Message-ID: <CA+9kkMD5jG-w7ahHLsUX9QMSkSMArS4Wz7ZYOucAZWkrmz5YsQ@mail.gmail.com>
From: Ted Hardie <ted.ietf@gmail.com>
To: Dan Wing <dwing@cisco.com>
Content-Type: multipart/alternative; boundary=089e010d97f8654c8304f50fff5c
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/PxMu9TutHZsziv2TRvG8QrBhxCA
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Transports: RFC 4941 support?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Mar 2014 20:56:16 -0000

On Thu, Mar 20, 2014 at 10:07 AM, Dan Wing <dwing@cisco.com> wrote:

>
> On Mar 20, 2014, at 9:34 AM, Justin Uberti <juberti@google.com> wrote:
>
>
>
>
>
> So perhaps:
>>    "An RTCWEB implementation SHOULD prefer to use temporary addresses
>> [RFC4941] where host and network policy permit [RFC6724]."
>> ?
>>
>
> I think it needs to be stronger than that - something like
> "where
> 
> host and network policy permit, RTCWEB implementations SHOULD gather IPv6
> temporary addresses and SHOULD NOT gather non-temporary addresses".
>
> Preferring to use temporary addresses is probably not sufficient to
> prevent linkage, since you will have connectivity checks from the
> non-temporary addresses. (i.e. an eavesdropper listening over an extended
> period of time could determine calls are from the same endpoint)
>
>
> Agreed.  I like your suggested wording.
>
> -d
>
>
>
So, I note that in this case where a non-temporary IPv6 address is present
and  no temporary IPv6 address is present, this appears to push IPv6 out of
the gathered list completely.  If I have that right, then my view as an
individual is that this is the wrong result.  It will either force the use
of IPv4 addresses which are just as linkable as IPv6 non-temporary
addresses or rely on NATs to get the non-linkability (and provide us all
the other subtle joys of NAT).

As a friendly amendment, may I suggest "Where both non-temporary and
temporary addresses are present and host and network policy permit, RTCWEB
implementations SHOULD gather IPv6 temporary addresses and SHOULD NOT
gather non-temporary addresses"?

I also confess to a suspicion that Harald's view is the most
sensible--having a separate policy for this application either won't happen
or doesn't make much sense.  But if we have one, I'd prefer one that
doesn't shove IPv6 out the door completely if the host doesn't use
temporary addresses.

regards,

Ted