IETF Logo Mail Archive

Re: [rtcweb] WG Last Call for draft-ietf-rtcweb-stun-consent-freshness

Roman Shpount <roman@telurix.com> Fri, 22 August 2014 13:37 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A4251A03E1 for <rtcweb@ietfa.amsl.com>; Fri, 22 Aug 2014 06:37:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nWszK9iw6Tlj for <rtcweb@ietfa.amsl.com>; Fri, 22 Aug 2014 06:37:14 -0700 (PDT)
Received: from mail-we0-f173.google.com (mail-we0-f173.google.com [74.125.82.173]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A4671A03E3 for <rtcweb@ietf.org>; Fri, 22 Aug 2014 06:37:14 -0700 (PDT)
Received: by mail-we0-f173.google.com with SMTP id q58so10706424wes.4 for <rtcweb@ietf.org>; Fri, 22 Aug 2014 06:37:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=3vMHYASA/COqg4vVmVcwcUkHjJZdjvEXsIhtvQbIbcg=; b=kdxcTXUcLblqxFv/TDCtvTws5M4ZUbtZqwdNqDsaLHVfNCVSSgGdBGc6KITdaK3dbm A2SlXeHUkW6ODC3cPYvEIY+lxvAQCN5UAeCv81AJkbyQEpNAdLKQmMxuZh4KBCBKocRW Btp7njJfwrtMYVkNuQcXqb0OnhXYvFO/HDM/Sp95kSAtrQybHpAFt8ZMpUTg8DBXSSzH O+loswpd0sxj25hsqHqchMo/dusb4ponoZHz6E+14mSC5yTD6sSJcjeUzo1HBeWH/SXg svskwSQu0cUs6WkdcgOI8SK6J2OPtwD9+8RweahB2AcI9vcASvxAa13Jkpnx3rrDKOy6 nGqg==
X-Gm-Message-State: ALoCoQnAbiavcGPySWJZM7ClxI6BAJZ04Oea1j8qyEJj4jb5mSLq0Kk65qHw5FjDyl1vJ2ZdRhIy
X-Received: by 10.180.211.172 with SMTP id nd12mr10798818wic.74.1408714632901; Fri, 22 Aug 2014 06:37:12 -0700 (PDT)
Received: from mail-we0-f179.google.com (mail-we0-f179.google.com [74.125.82.179]) by mx.google.com with ESMTPSA id pl7sm11774930wjc.43.2014.08.22.06.37.11 for <rtcweb@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 22 Aug 2014 06:37:11 -0700 (PDT)
Received: by mail-we0-f179.google.com with SMTP id u57so10741899wes.10 for <rtcweb@ietf.org>; Fri, 22 Aug 2014 06:37:11 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.180.80.105 with SMTP id q9mr29421643wix.39.1408714631653; Fri, 22 Aug 2014 06:37:11 -0700 (PDT)
Received: by 10.216.20.7 with HTTP; Fri, 22 Aug 2014 06:37:11 -0700 (PDT)
In-Reply-To: <CAKz0y8z_oBf2efavfOLgzqE1R8sZstefZ1tvwwJLkhRskXZERQ@mail.gmail.com>
References: <CA+9kkMCZT1XW4LLaJ4Nq2DbrxD59cYnjLo5JXn9fjEb8pyamaQ@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D41CDC3@ESESSMB209.ericsson.se> <CAKz0y8zycsyr9m4BA=-8xOaWkU+Sog5Mbz7K-oN3woqi++mVzg@mail.gmail.com> <53F451CF.10705@alvestrand.no> <001b01cfbc94$fccd5310$f667f930$@co.in> <CAKz0y8zNM3rc3XC6JqrK+d4hXiT5TomhNM+W2twg0+-83-pFow@mail.gmail.com> <CABkgnnUnfB5bskH4zWRfBMdHbSoqftV5Fo_GEXoLt9XCH9Tt_w@mail.gmail.com> <CAD5OKxsT9Vdm0=tjk9WsLAH4ekbAizgyjm--168TrOf8UAYGZw@mail.gmail.com> <CABkgnnXUpibu8kWYmbJJJT2J3RNGXFV8LbceLijgG0U-pGY2xQ@mail.gmail.com> <CAKz0y8z_oBf2efavfOLgzqE1R8sZstefZ1tvwwJLkhRskXZERQ@mail.gmail.com>
Date: Fri, 22 Aug 2014 09:37:11 -0400
Message-ID: <CAD5OKxsSqA=cki_fSaqAPP0GXCv_kHr6571C+K9ze4ceHCGYdQ@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Muthu Arul Mozhi Perumal <muthu.arul@gmail.com>
Content-Type: multipart/alternative; boundary="f46d04428e3e35b13c050137efbc"
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/SdzMn_LU92KiS0cRLbKnMMaRc_E
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] WG Last Call for draft-ietf-rtcweb-stun-consent-freshness
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Aug 2014 13:37:16 -0000

On Fri, Aug 22, 2014 at 1:25 AM, Muthu Arul Mozhi Perumal <
muthu.arul@gmail.com> wrote:

> draft-ietf-rtcweb-stun-consent-freshness is about making the WebRTC
> browser more secure. It however allows an RTP endpoint (that also does ICE)
> to use the mechanism to make it more secure or compute RTT or carry network
> information or whatever. However, requiring every RTP endpoint perform it
> seems asking too much.
>
> My take:
> WebRTC browser - MUST
> WebRTC devide - SHOULD
> Other RTP entities (including WebRTC gateway) - MAY
>
>
 I would say that all full ICE endpoint interworking with WebRTC MUST
implement consent freshness. ICE-LITE will not implement, but MUST respond
(unless someone defines it, but once you start sending STUN request you
might as well do full ICE, so I do not see much point in it). And to
conclude strongly encourage full ICE implementation for security and other
reasons.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email