IETF Logo Mail Archive

Re: [rtcweb] Review of draft-ietf-rtcweb-stun-consent-freshness

Christer Holmberg <christer.holmberg@ericsson.com> Fri, 22 May 2015 08:47 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 786361B29E6; Fri, 22 May 2015 01:47:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fj1FNYYMTpOz; Fri, 22 May 2015 01:47:21 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B7911B29E1; Fri, 22 May 2015 01:47:19 -0700 (PDT)
X-AuditID: c1b4fb25-f79b66d000001131-69-555eed1521e6
Received: from ESESSHC015.ericsson.se (Unknown_Domain [153.88.253.125]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id F6.77.04401.51DEE555; Fri, 22 May 2015 10:47:18 +0200 (CEST)
Received: from ESESSMB209.ericsson.se ([169.254.9.71]) by ESESSHC015.ericsson.se ([153.88.183.63]) with mapi id 14.03.0210.002; Fri, 22 May 2015 10:47:17 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Bernard Aboba <bernard.aboba@gmail.com>
Thread-Topic: [rtcweb] Review of draft-ietf-rtcweb-stun-consent-freshness
Thread-Index: AQHQk1ePQtH0SmDHm02NITW7o6QoRZ2G7maAgABv25D///AbgIAAYOrA
Date: Fri, 22 May 2015 08:47:16 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D82B694@ESESSMB209.ericsson.se>
References: <CAOW+2dsv8CVpaKoBsUvc5MGh2s3xD2J5NiXPAnFUMOhYqSmjzQ@mail.gmail.com> <CABkgnnWgpSYDjRQpk16Z0mCLietUcK1dSiNL-Y+jmFCpqan4Gg@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D82B0F3@ESESSMB209.ericsson.se> <CAOW+2dvzE2emRPdn6_zeTZLb4+v_Urg7u50byunrccnnQ=1FpQ@mail.gmail.com>
In-Reply-To: <CAOW+2dvzE2emRPdn6_zeTZLb4+v_Urg7u50byunrccnnQ=1FpQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.154]
Content-Type: multipart/alternative; boundary="_000_7594FB04B1934943A5C02806D1A2204B1D82B694ESESSMB209erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupnkeLIzCtJLcpLzFFi42KZGfG3VlfsbVyowbVTLBYb9v1ntpjxZyKz xbUz/xgt1v5rZ3dg8dg56y67x5IlP5kCmKK4bFJSczLLUov07RK4Mt6sespecKqHsWLhv+fs DYwvOhi7GDk5JARMJP4vmA9li0lcuLeeDcQWEjjKKPH3R0wXIxeQvZhR4t+MK6xdjBwcbAIW Et3/tEFqRAS0Jfq+7WMCsZkF8iRmnmwF6xUW8JCYcvsSM0SNp8T7bTdYIWw3ieWzr7GBjGER UJX4dSATJMwr4CvxYe8mZohVi5gkpsyYDVbPKRAo0XruPNgcRqDbvp9aA7VLXOLWk/lMEDcL SCzZA1EjISAq8fLxP1YIW0li0e3PUPX5Eg2n2lkhlglKnJz5hGUCo+gsJKNmISmbhaRsFtCp zAKaEut36UOUKEpM6X7IDmFrSLTOmcuOLL6AkX0Vo2hxanFSbrqRsV5qUWZycXF+nl5easkm RmAMHtzyW3UH4+U3jocYBTgYlXh4HxyNCxViTSwrrsw9xCjNwaIkzuvZFRIqJJCeWJKanZpa kFoUX1Sak1p8iJGJg1OqgTH6mffH2S3HK7/M2mvAdDsjwvrr0hl2diyz5k65/1DWVnbD+YsV RTP0th8L7HT77Xvlx575i22FQnef4P5UV/+++HOdSHo2t/GETyc6vY5k71wqtP8yy/HHi7wm xbP0pr0OrUkXb4z3/neL8++GY1NF6wWWZUtvTV99WfZSZvWBRH4F27LfoYJKLMUZiYZazEXF iQAxyIngogIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/TXqZhlZXO9rvUQleaNipiJK8tQ0>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>, The IESG <iesg@ietf.org>
Subject: Re: [rtcweb] Review of draft-ietf-rtcweb-stun-consent-freshness
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 May 2015 08:47:23 -0000

Hi,

>>"A while ago, we agreed that consent does not need to be maintained on candidate pairs that aren't currently used."
>
>[BA] If the specification were to say that consent is required once media is sent, then this would logically follow.

Or, WHILE media is sent :) Because, if you stop sending media on a pair (e.g. because you switch to another pair), you can also stop doing consent, but that doesn’t mean consent will be lost.

>>That should not be seen as lost consent (i.e. if the UA wants to start sending data on the candidate pair it should not have to do ICE >>restart or create a  new session).
>
>[BA] I agree. As long as it can obtain consent on the new pair (without having to update the ufrag/pwd), it should be fine.

It could even be an old pair, on which the UA previously sent media, but then switched to another pair (for whatever reason).

>>So, consent is lost if the UA sends consent requests, and does not receive a response.
>
>[BA] Consent is lost for that candidate pair, and that pair alone.

Correct.

>If connectivity checks are being done on an unused candidate pair (as advocated in Justin's nombis draft), the
>consent mechanism does not apply until media is sent on that pair.  So you can't revoke consent on a candidate
>pair if media isn't being sent on the pair.

Correct.

Of course, if you want to maintain the pair, you still have to send keep-alives, but that’s a separate story :)

Regards,

Christer



On Thu, May 21, 2015 at 8:55 PM, Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>> wrote:
Hi,

...

>> After consent is lost for any reason, the same ICE credentials MUST
>> NOT be used on the affected 5-tuple again. That means that a new
>> session, or an ICE restart, is needed to obtain consent to send.
>>
>> [BA] The second sentence does not follow from the first. RFC 5245
>> enables sending of media once a successful ICE connectivity check has been received.
>> If multiple successful candidate pairs have been identified, why
>> should failure of consent on one candidate pair require an ICE restart
>> if another operational candidate pair exists?
>
>... is needed to obtain consent to send *on that candidate pair*.
>
>There was a long discussion about this point, the conclusion of which was "use it or lose it".  This captures that >conclusion.  I can't remember the details of the discussion, but I think that it wasn't a security concern but a >robustness one.

A while ago, we agreed that consent does not need to be maintained on candidate pairs that aren't currently used. That should not be seen as lost consent (i.e. if the UA wants to start sending data on the candidate pair it should not have to do ICE restart or create a  new session).

So, consent is lost if the UA sends consent requests, and does not receive a response. Consent is NOT lost if the UA stops sending consent requests (and therefor obviously will not receive a response).

Perhaps that is clear in the draft, but if people have a different understanding it may need to be clarified :)

Regards,

Christer

v2.23.0 | Report a Bug | By Email