IETF Logo Mail Archive

Re: [rtcweb] WG Last Call for draft-ietf-rtcweb-stun-consent-freshness

Martin Thomson <martin.thomson@gmail.com> Fri, 22 August 2014 17:13 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9E621A0681 for <rtcweb@ietfa.amsl.com>; Fri, 22 Aug 2014 10:13:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OLqD_YdlTJ5p for <rtcweb@ietfa.amsl.com>; Fri, 22 Aug 2014 10:13:53 -0700 (PDT)
Received: from mail-wi0-x232.google.com (mail-wi0-x232.google.com [IPv6:2a00:1450:400c:c05::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C3601A06A1 for <rtcweb@ietf.org>; Fri, 22 Aug 2014 10:13:30 -0700 (PDT)
Received: by mail-wi0-f178.google.com with SMTP id hi2so10215889wib.11 for <rtcweb@ietf.org>; Fri, 22 Aug 2014 10:13:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=6FsYv7lYPnxbE/MF/lmv2YLXMvCxrWcb8LMecRj6wvU=; b=hcIQmjtx55hkKd1lqmFZ26CyQHSR8CRxvMuEBVgUlCG4UdFkg+JRC8Mb/NMuVe4MHI 3ePC+gTIZZekLzTYNhGDN8GfdORu0vFviTTX65Q1kcQ4PJ4AOdky6x0xf8FTEWtpsZax X77aG2sSysp7urBu5QxziofXi9zhnq8mdtB+0hzuoJH1SVlmIvenplCxKKSZ8qqfIWPj pgvdUVem/Lwd7RRmLaxyMo630PSlzbJ2W1LOmLuBoBDyGuZ1QwkW+wSbRI6p3yIK477x qRnZ5jLKuUnrMf+qUw0kFd7jZgU05W2S7vgAg/0gYlY210/zVts3Uy1GUW5GE9HMh/A3 9jbg==
MIME-Version: 1.0
X-Received: by 10.180.104.42 with SMTP id gb10mr29941278wib.65.1408727608907; Fri, 22 Aug 2014 10:13:28 -0700 (PDT)
Received: by 10.194.6.229 with HTTP; Fri, 22 Aug 2014 10:13:28 -0700 (PDT)
In-Reply-To: <CAKz0y8z_oBf2efavfOLgzqE1R8sZstefZ1tvwwJLkhRskXZERQ@mail.gmail.com>
References: <CA+9kkMCZT1XW4LLaJ4Nq2DbrxD59cYnjLo5JXn9fjEb8pyamaQ@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D41CDC3@ESESSMB209.ericsson.se> <CAKz0y8zycsyr9m4BA=-8xOaWkU+Sog5Mbz7K-oN3woqi++mVzg@mail.gmail.com> <53F451CF.10705@alvestrand.no> <001b01cfbc94$fccd5310$f667f930$@co.in> <CAKz0y8zNM3rc3XC6JqrK+d4hXiT5TomhNM+W2twg0+-83-pFow@mail.gmail.com> <CABkgnnUnfB5bskH4zWRfBMdHbSoqftV5Fo_GEXoLt9XCH9Tt_w@mail.gmail.com> <CAD5OKxsT9Vdm0=tjk9WsLAH4ekbAizgyjm--168TrOf8UAYGZw@mail.gmail.com> <CABkgnnXUpibu8kWYmbJJJT2J3RNGXFV8LbceLijgG0U-pGY2xQ@mail.gmail.com> <CAKz0y8z_oBf2efavfOLgzqE1R8sZstefZ1tvwwJLkhRskXZERQ@mail.gmail.com>
Date: Fri, 22 Aug 2014 10:13:28 -0700
Message-ID: <CABkgnnWQeiFREedN_gw=-N0wAWcwKETJOeeXr=6Fr4t1ru0YVQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Muthu Arul Mozhi Perumal <muthu.arul@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/duU18Sp7JP9iH-glENZ-wcEb_lQ
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] WG Last Call for draft-ietf-rtcweb-stun-consent-freshness
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Aug 2014 17:13:55 -0000

On 21 August 2014 22:25, Muthu Arul Mozhi Perumal <muthu.arul@gmail.com> wrote:
> ICE-lite entities don't even perform connectivity checks. Requiring they
> perform consent freshness doesn't seem to make sense to me (of course, we
> can come up with a new spec ICE-lite-with-consent, but that's a different
> problem).

I never suggested that.  What I suggested was that they SHOULD be
performing consent checks.  The fact that they don't is what I would
term a "legacy requirement".  I don't think that we should be
extending this exception to any other entities.

The only reason that ICE-lite gets away with not sending checks is
that it trusts both the signaling entities and its peers.  That's
dangerous.  We interoperate with ICE-lite only because doing otherwise
would exclude more entities than we are willing to exclude.

The current text is fine.  It opens a minimal hole that acknowledges
the existence of the bad actors, but doesn't attempt to bestow any
kind of validity or legitimacy on them.

v2.23.0 | Report a Bug | By Email