Re: [rtcweb] Benjamin Kaduk's No Objection on draft-ietf-rtcweb-ip-handling-11: (with COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Sat, 09 March 2019 18:27 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D49E3130EC7; Sat, 9 Mar 2019 10:27:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U1aBaX2m_Gtu; Sat, 9 Mar 2019 10:27:26 -0800 (PST)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-eopbgr820139.outbound.protection.outlook.com [40.107.82.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A68B7130E63; Sat, 9 Mar 2019 10:27:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=N1odL2k1+OdOelSrYddGbyJVeFjWkv382FkOI8Fm5Mw=; b=IU/tTkv6DQFs69hqI6rvhYHdhSg8udaor4339p3tJuR3ChZBnkZ+sqiouYUZB2tETLXa3+35Aa1QoOQhIJs91Te3H76aHtW0e20U//2jFWEHbK/WuljrnhFARG3pZUDbU28FNl8VTjjl0mQmew2O4c+t07dzybTjCZmJAYUAdls=
Received: from DM5PR0101CA0005.prod.exchangelabs.com (2603:10b6:4:28::18) by CY1PR01MB2012.prod.exchangelabs.com (2a01:111:e400:c60e::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.20; Sat, 9 Mar 2019 18:27:22 +0000
Received: from BY2NAM03FT012.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e4a::202) by DM5PR0101CA0005.outlook.office365.com (2603:10b6:4:28::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.18 via Frontend Transport; Sat, 9 Mar 2019 18:27:22 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by BY2NAM03FT012.mail.protection.outlook.com (10.152.84.235) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.19 via Frontend Transport; Sat, 9 Mar 2019 18:27:22 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x29IRIfV013492 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 9 Mar 2019 13:27:20 -0500
Date: Sat, 9 Mar 2019 12:27:18 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Justin Uberti <juberti=40google.com@dmarc.ietf.org>
CC: <draft-ietf-rtcweb-ip-handling@ietf.org>, RTCWeb IETF <rtcweb@ietf.org>, The IESG <iesg@ietf.org>, <rtcweb-chairs@ietf.org>
Message-ID: <20190309182718.GL9824@kduck.mit.edu>
References: <155192710483.13718.15164609638438627437.idtracker@ietfa.amsl.com> <CAOJ7v-3Va9fH1swO43-caGrGqYHo9fyvbLmwL__GEkSED=9ZcA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAOJ7v-3Va9fH1swO43-caGrGqYHo9fyvbLmwL__GEkSED=9ZcA@mail.gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(396003)(39860400002)(376002)(136003)(346002)(2980300002)(199004)(189003)(97756001)(305945005)(8676002)(47776003)(106466001)(55016002)(486006)(66574012)(966005)(246002)(1076003)(6306002)(88552002)(8936002)(36906005)(4326008)(2906002)(26826003)(356004)(76176011)(104016004)(426003)(446003)(5660300002)(86362001)(53546011)(16586007)(316002)(53416004)(956004)(58126008)(476003)(106002)(33656002)(186003)(11346002)(786003)(229853002)(26005)(75432002)(478600001)(50466002)(54906003)(46406003)(23726003)(7696005)(6246003)(336012)(126002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR01MB2012; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; A:1; MX:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 7b4c3e0d-4403-44df-c807-08d6a4bcdf33
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600127)(711020)(4605104)(4608103)(4709054)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060); SRVR:CY1PR01MB2012;
X-MS-TrafficTypeDiagnostic: CY1PR01MB2012:
X-MS-Exchange-PUrlCount: 2
X-Microsoft-Exchange-Diagnostics: 1; CY1PR01MB2012; 20:wg3SyVmNZU5h9W7vP7742Cz23lT0D1ezTIYv+vZs0PpnXRtWw6CsFzmV5MiguriHAjs1kAGtwqbJ47hguDkjjzV95zzEcKmg/UPDSChlD2VwzAGp7qRblX+EsIxX82nfd6TjViCIaA8Ms1DP0z09HTfz4FMGyG0NV98uVKuTfQRv1w0dnJOd11oYet1vhPQTOmg3zcCK5FreMpg63aOkujxznFRFwTXvenQm91kMewaNDhTOYcNeRwQQWHKcRlatwhBdloZ91LOGhZwbq2DydF3AOAoqa0SUVU2e5xXClahwlNLZ8mX5AaFyX9F+r1714JEnHS3YRmuezCvhrvWOg0Air5or/C3f4/RSBzsJyYPUVPSZJcUi+vbkz+apDfORXsKjulwK7B83h8CpffhDaFRKwSmvqiGzCXOx0z7YJO2YQl0GFMpnm+zlFQHnTzCXvYIn41FcCseP5G2wRlaRVmVLPcJc8DGBL/ugADPw5N4QF2w5WZ0OV7XMfz3IYpDomVn8XyZFiDRBF6fORpOoY2/lbQrerUti9Qva1f92pUkRlNUJxoqcQi6IH7o9+bVTmw56zyC2HgX3U4J+DNqIivyKkCL5BnrdJyi3dctR8b4=
X-Microsoft-Antispam-PRVS: <CY1PR01MB20125576348E401B991BB359A04E0@CY1PR01MB2012.prod.exchangelabs.com>
X-Forefront-PRVS: 0971922F40
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY1PR01MB2012; 23:OyZFXkSa00tevY0n/X36KFnOBuyGPcNSTsFm5B+k9?= =?us-ascii?Q?35lPr1lEcN72+mrTG8ub645m1ilkrbD+rckQPoNq3ZBUBwRfEeOAtlyOcTXU?= =?us-ascii?Q?CdoU2xWQyI8a8ZKTa1HVWLbBs/zLh7heL2wnStz0HYZKzLqcloCabtfgOY/7?= =?us-ascii?Q?wOsFVU9fsnN+Lj0wDVUiAic5cTM7Kjbd5wzJ/J44F1vB1Z8/et5rgHouolqn?= =?us-ascii?Q?EHiG0McHV3PzmD8alIfb9Pv9sjCv52jGMv8amP0BoHGB8lLc0injS8/mqycd?= =?us-ascii?Q?dY2AS2xalI3oSlQAnLB0RZdhb8gqtlKo5dmT6p5DPcAFuLqD5a0hht6su8zW?= =?us-ascii?Q?saX/ZO0FD+zoK0RMY/kmljmOe4eY99CEInG2AkOXv7xJwr7kCwzmWgHziUsd?= =?us-ascii?Q?xzKQJAb9hc1+eGfxBkkklxdOeHdTUzv97uEmH7hu2Hjfo8pbIrZXe517xoiJ?= =?us-ascii?Q?ch5/8YAsufzjrtCJHkpjJWS4sDX2L4/cnQGYIOj4MJnJXdo3Wi7WhPHnIoLZ?= =?us-ascii?Q?InrPYJioHyHCUCbfD4hVe6SJQmhwvNnaDdUFU7aucw0F/8JZ+Xkw4HIuJNsx?= =?us-ascii?Q?Woddggsw+Ym141TRcMUE/g6CpGVliyPU68KAH3siuAawHPtdliSZgTXJXHVd?= =?us-ascii?Q?oLglGGDzMgNoT3x8fgohhqzaHcRGeQuo9cg/5NqZ33gbJan89IwnIHvAt7Ex?= =?us-ascii?Q?cC3EZBquDCjjKKUgU1H8Sg/HLvvlASwDQ76KT15eKGbfBF2WT9R1cxeMA7Ab?= =?us-ascii?Q?JwJ1rjLP6n/FvY8UeuivjdJ8NPSQ6lLgd/xh0ZouIpprOf8zUXP6ReMpRRQs?= =?us-ascii?Q?2fh/+/Z7dnKmqEmVAXt6t93ECl5HFhq5P7XP5RrOIt1oBH1eWZnVu3z7sXeo?= =?us-ascii?Q?gEeTjeEOUlfiuEz35h3vmEIP+rEmidGQ+Mjv0LPH69z9wuIhCqhnEb2W1V2M?= =?us-ascii?Q?n+Pj9gfT5Y/6V9WXmgHcLgIooNM00NEaRLlgsQ7ow9R4mAkV8qkOdrxBSKMo?= =?us-ascii?Q?gbHLtXx0G8FiYVGZdya5SOwCzczr+TJVo43FK6uXN6sx+aPtmGIp4/KI541B?= =?us-ascii?Q?/nUWQxTR/fvim+k6ygFpnwZIIE5lS0pLqkodXyoi94l9lwMfagH2i8Fm2VoI?= =?us-ascii?Q?a7QfAvPckQU0hm8n5Sp7ExfeszOtudBMMFpXV8zvh8eiRrv3ztkqIoQ1sMOg?= =?us-ascii?Q?rXMMMqfWsz/BdE5iwG0fATq+GSy0xT9hZSa+280QTqOawUwESIGtVaDBR1N8?= =?us-ascii?Q?nODsFJkTd81ac9/Ha4=3D?=
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 67X7rVY9kVPOi4tSWQoH07Nee7bacH1i4M1JwareCBr735dGWfSUOpVA9ufDQaCbuMt0RWUqg9gC6FIkynE6glll+qoZLx2h/7vAcTLVq2P2SWpaZTB5GkjgU+/keNJ1CSwf+5X2P/IADuRvg6eTrUtlWahslgZMdbikD+ijR40VX8DMnuyoCPlw9UjSnzpjGB+e9Jo/pNXwPWZsp2Zi53hE79HHmQTBuSIewJoycJT3GBhQ0KT1WMWgOhcOK87XVBcgOfUJ0doNm8R63OPhWkxiDSfNDoeNb6Uj2C3Mvvk3Sooz2nV2riWJT15DMreGVyquyDts35GkKTrW44N0gZEdjU4Lut7Fddh4uNNoOV6ZPK6zD6PH8A3GhrcSbBDZWqmUQ+CF3YfDGEc/ttxv6yevTPfmSjV/KUAQmtkWPnQ=
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Mar 2019 18:27:22.1100 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 7b4c3e0d-4403-44df-c807-08d6a4bcdf33
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR01MB2012
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/RH_jZbvmHX18FxMNqxpzmS8Gp2s>
Subject: Re: [rtcweb] Benjamin Kaduk's No Objection on draft-ietf-rtcweb-ip-handling-11: (with COMMENT)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Mar 2019 18:27:29 -0000

On Thu, Mar 07, 2019 at 03:37:17PM -0800, Justin Uberti wrote:
> On Thu, Mar 7, 2019 at 1:49 AM Datatracker on behalf of Benjamin Kaduk <
> noreply@ietf.org>; wrote:
> 
> > Benjamin Kaduk has entered the following ballot position for
> > draft-ietf-rtcweb-ip-handling-11: No Objection
> >
> > When responding, please keep the subject line intact and reply to all
> > email addresses included in the To and CC lines. (Feel free to cut this
> > introductory paragraph, however.)
> >
> >
> > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> > for more information about IESG DISCUSS and COMMENT positions.
> >
> >
> > The document, along with other ballot positions, can be found here:
> > https://datatracker.ietf.org/doc/draft-ietf-rtcweb-ip-handling/
> >
> >
> >
> > ----------------------------------------------------------------------
> > COMMENT:
> > ----------------------------------------------------------------------
> >
> > I agree with Ben about the STUN/TURN normativity.
> >
> > Section 5.1
> >
> >    2.  By default, WebRTC should be able to negotiate direct peer-to-
> >        peer connections between endpoints (i.e., without traversing a
> >        NAT or relay server).  [...]
> >
> > I'm not sure how to interpret "be able to", here, with respect to
> > "without traversing a NAT", since if one endpoint is behind a NAT w.r.t.
> > the public Internet, that's not possible.
> >
> 
> There is an implicit "where possible" here. The specific scenario is for
> two devices behind the same NAT who could communicate directly if only they
> knew each others' addresses; in this case, a direct connection should be
> possible, which implies that there needs to be some way for the two sides
> to share their machine addresses. Naturally, devices behind different NATs
> will not be able to do this.

Maybe we can think about tighter wording to use here.  I'm not sure if just
using "hairpin NAT" instead of "NAT" would be (1) correct and (2) good
enough; we could also make the "where possible" explicit instead of
implicit.  But I don't feel a need to have a say in the final wording --
that can be between you and the responsible AD.

-Benjamin

> 
> > Section 5.2
> >
> >    Mode 1 MUST only be used when user consent has been provided.  The
> >    details of this consent are left to the implementation; one potential
> >    mechanism is to tie this consent to getUserMedia consent.
> >
> > nit: we may not have left a big enough breadcrumb trail for the reader
> > to find "getUserMedia consent".
> >
> 
> Noted.