Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-consent-freshness-08.txt - Some additional questions
Christer Holmberg <christer.holmberg@ericsson.com> Thu, 20 November 2014 16:47 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0E371A1AD3 for <rtcweb@ietfa.amsl.com>; Thu, 20 Nov 2014 08:47:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gSbO6dIldmjD for <rtcweb@ietfa.amsl.com>; Thu, 20 Nov 2014 08:47:32 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 005F01A07BC for <rtcweb@ietf.org>; Thu, 20 Nov 2014 08:47:31 -0800 (PST)
X-AuditID: c1b4fb25-f791c6d00000617b-af-546e1b228c97
Received: from ESESSHC017.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 5D.83.24955.22B1E645; Thu, 20 Nov 2014 17:47:30 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.126]) by ESESSHC017.ericsson.se ([153.88.183.69]) with mapi id 14.03.0174.001; Thu, 20 Nov 2014 17:47:29 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: "Ram Mohan R (rmohanr)" <rmohanr@cisco.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Thread-Topic: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-consent-freshness-08.txt - Some additional questions
Thread-Index: Ac/yEUlFgzg9keX0RtqfGQOICUeeIwMelQGAAS/qitAASiGsAAAa/iqg
Date: Thu, 20 Nov 2014 16:47:28 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D52C653@ESESSMB209.ericsson.se>
References: <7594FB04B1934943A5C02806D1A2204B1D4CE861@ESESSMB209.ericsson.se> <D0898477.19024%rmohanr@cisco.com> <7594FB04B1934943A5C02806D1A2204B1D525F52@ESESSMB209.ericsson.se> <D0936AAE.19A4C%rmohanr@cisco.com>
In-Reply-To: <D0936AAE.19A4C%rmohanr@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.154]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrALMWRmVeSWpSXmKPExsUyM+Jvja6SdF6IwZ/vAhbLu3YwWqz9187u wOQx5fdGVo8lS34yBTBFcdmkpOZklqUW6dslcGWcapQvuCteMe3pIfYGxibhLkZODgkBE4k1 nffYIGwxiQv31gPZXBxCAkcYJRb1XGWHcJYwSnRsns/cxcjBwSZgIdH9TxukQUQgTGL6iQUs ILawQL5E69FJ7BDxAonTDWcYIWw3iY+LDoEtYBFQlbh45QVYDa+Ar8TRH/3MEPNvM0psvNjA BDKfU0Bf4vAJC5AaRqCDvp9awwRiMwuIS9x6Mp8J4lABiSV7zjND2KISLx//Y4WwlSQW3f4M Va8jsWD3JzYIW1ti2cLXzBB7BSVOznzCMoFRdBaSsbOQtMxC0jILScsCRpZVjKLFqcVJuelG xnqpRZnJxcX5eXp5qSWbGIFRcnDLb9UdjJffOB5iFOBgVOLhNYjMDRFiTSwrrsw9xCjNwaIk zrvw3LxgIYH0xJLU7NTUgtSi+KLSnNTiQ4xMHJxSDYwTfklxdCZmMK/dpNhZb7jEnfvx/hOF dXO6/UxmHGO60buqxz3WosE5SKvT9lYSz2y+DY8LcrfYCtQeObzjxPaic107vziEvDu33fCo +KTJu+xjl1+44LGPpa9626ouAZXmZaGGJXtSYyb7HznSZCUgv+XDTs+mp+fj/7HnOv0Xsfsw r2Kb10YlluKMREMt5qLiRABO7BV1cwIAAA==
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/fFGy0M6uQintUzUfXtM7qXWkIvQ
Subject: Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-consent-freshness-08.txt - Some additional questions
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Nov 2014 16:47:35 -0000
Hi Ram, >>>>Q2: >>>>----- >>>> >>>>If consent expires, and I stop sending application data, will I still >>>>send STUN keep-alives etc, to keep the candidate pair, NAT bindings >>>>etc alive? >>>> >>>>There IS text saying:> >>>> >>>> "An endpoint that is not sending any application data does not need to >>>> maintain consent. However, the endpoint needs to ensure its NAT or >>>> firewall mappings persist which can be done using keepalive or other >>>> techniques (see Section 10 of [RFC5245] and see [RFC6263])." >>>> >>>>However, that seems to be more related to cases where I don't intend >>>>to send application data to begin with. >>>> >>>>So, perhaps the text above can be modified, to clarify that >>>>keepalives etc will still be sent if consent expires. >>> >>> >>> Applications can continues to do what they were doing as part of >>>STUN/ICE (like sending STUN binding indications for NAT/FW keepalives >>>or whatever). If some application wants to act on Consent expiry and >>>do some thing it can do so however such a thing is not in the scope of >>>this draft. So IMO this is outside scope of this draft and is a >>>application policy. >> >>Below (Q3) you say that ICE restart would be required after consent >>expiration, so I guess that means that one should NOT send keep-alives >>etc. >> >> >>>>Q3: >>>>----- >>>> >>>>Section 4.1. says: >>>> >>>> "If the endpoint wants to send application data, it needs to first >>>> obtain consent if its consent has expired." >>>> >>>>If my consent has expired, is the a time period before I can try to >>>>obtain consent again? Can I just continue sending STUN binding >>>>requests even if my consent expires, and wait to obtain consent again? >>> >>> After consent fails, browser notifies the java script and there >>> should be no mechanism available for java script to again tell the >>> browser to start all over again (consider a malicious java script); >>> IMO consent can be only be re-started with ICE-restart. >> >> First, Consent can be used by other devices than browsers :) > > Sure. Agree > >>Second, IF ICE-restart is required, I think the draft should state so. >> >>Third: IF ICE-restart is required, then I don't think keep-alives etc >>would be needed once consent expires (see Q2 above). > > I take back that. It should not be ICE-restart I guess, since as per the explanation in > http://tools.ietf.org/html/rfc5245#section-9.1.1.1 for ICE-restart an endpoint may > continue to send media on previously selected 5-tuple which is not the case here. > In our case once Consent fails we just stop sending media on that 5-tuple. > I guess brand new media session is required and the application has to do offer/answer > and do ICE again for that tuple. If we go by that no Keepalives are needed. We can add some text for that. See my reply to Martin's e-mail. Regards, Christer
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Christer Holmberg
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Ram Mohan R (rmohanr)
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Christer Holmberg
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Ram Mohan R (rmohanr)
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Martin Thomson
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Christer Holmberg
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Christer Holmberg
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Martin Thomson
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Martin Thomson
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Christer Holmberg
- Re: [rtcweb] I-D Action: draft-ietf-rtcweb-stun-c… Ram Mohan R (rmohanr)