IETF Logo Mail Archive

[rtcweb] AD evaluation: draft-ietf-rtcweb-stun-consent-freshness-11

Alissa Cooper <alissa@cooperw.in> Fri, 01 May 2015 00:32 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6048F1B2F34 for <rtcweb@ietfa.amsl.com>; Thu, 30 Apr 2015 17:32:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sU0dqK27ydAo for <rtcweb@ietfa.amsl.com>; Thu, 30 Apr 2015 17:32:00 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CCBC11B2F33 for <rtcweb@ietf.org>; Thu, 30 Apr 2015 17:32:00 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 44F5F20CE5 for <rtcweb@ietf.org>; Thu, 30 Apr 2015 20:32:00 -0400 (EDT)
Received: from frontend1 ([10.202.2.160]) by compute3.internal (MEProxy); Thu, 30 Apr 2015 20:32:00 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=cooperw.in; h= content-transfer-encoding:content-type:date:from:message-id :mime-version:subject:to:x-sasl-enc:x-sasl-enc; s=mesmtp; bh=8xn WXmdBDk3hdW/PQgFS9bzj3gw=; b=I8mbYooNKh57npox9syl85yBohEUk1sNCum 3rPGWTXwfdPESZhLRvHXT2unbaku2aMxrQHNDUYtugK066rlUm+WGLJ8wWRqEcUS 8XbFmj+sQd0ExSLsnwP0boAFdEWM10yJTPABVMAIVGiKIvnFfTlBhDDqZGvMf/yg kBlkkFHg=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-sasl-enc :x-sasl-enc; s=smtpout; bh=8xnWXmdBDk3hdW/PQgFS9bzj3gw=; b=KF0wX xwvULXMA0bSOcLHWZ57ZaZ6KBWEAdLAXpsED5+mV24+ywSDv6NnLbjDK8VEKzRCH cDHYkJoa9PRHoBHoUinx95uVXyAdJBs9/JYdzFznshEKkdUetmS1MsJoH+qrJe3K NsLUC60k6N7Cp8758SJGamF8+CbtWUzTEkgAv4=
X-Sasl-enc: +sK2O/1CrTPvYp+aYeHtpLSBQN8p5zsepkJGGe+33QcE 1430440319
Received: from sjc-alcoop-8817.cisco.com (unknown [128.107.241.183]) by mail.messagingengine.com (Postfix) with ESMTPA id A8C68C00015 for <rtcweb@ietf.org>; Thu, 30 Apr 2015 20:31:59 -0400 (EDT)
From: Alissa Cooper <alissa@cooperw.in>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Message-Id: <3B27E16C-2AD7-427B-864C-741F38575B97@cooperw.in>
Date: Thu, 30 Apr 2015 17:32:06 -0700
To: rtcweb@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/Z4vFz4k8xhxtfhkTuHwYRUpeQMI>
Subject: [rtcweb] AD evaluation: draft-ietf-rtcweb-stun-consent-freshness-11
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 May 2015 00:32:02 -0000

I have reviewed draft-ietf-rtcweb-stun-consent-freshness-11 in preparation for IETF LC. The document is in good shape and I will request the last call shortly. I have a couple of questions I’d like to discuss while the last call is ongoing, though. I’m not entirely caught up on mailing list traffic so apologies if these questions/comments have already been discussed.

Section 4.1:
"An endpoint that is not sending any application data does not need to
   maintain consent.  However, failure to send could cause any NAT or
   firewall mappings for the flow to expire.  Furthermore, having one
   peer unable to send is detrimental to many protocols."

It sounds like the unstated implication here is that if you are such an endpoint, you should keep doing consent checks anyway to maintain consent. Should that be stated explicitly, or am I misunderstanding?

Section 7:
The normative MAY here seems odd. It seems like this section could be replaced with:

"The W3C specification [cite] may provide an API hook that generates an event when consent has expired for a given 5-tuple, meaning that transmission of data has ceased.  This could indicate what application data is affected, such as media or data channels.”

Alissa

v2.23.0 | Report a Bug | By Email