Re: [rtcweb] URI schemes for TURN and STUN
Marc Petit-Huguenin <petithug@acm.org> Tue, 01 November 2011 20:50 UTC
Return-Path: <petithug@acm.org>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9314A11E81EE; Tue, 1 Nov 2011 13:50:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.563
X-Spam-Level:
X-Spam-Status: No, score=-102.563 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N5Xb9RXNGt8X; Tue, 1 Nov 2011 13:50:45 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id 75B2911E80B0; Tue, 1 Nov 2011 13:50:34 -0700 (PDT)
Received: from [IPv6:2001:470:1f05:616:213:d4ff:fe04:3e08] (shalmaneser.org [IPv6:2001:470:1f05:616:213:d4ff:fe04:3e08]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client CN "petithug", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id 95516204AD; Tue, 1 Nov 2011 20:41:39 +0000 (UTC)
Message-ID: <4EB05B90.10808@acm.org>
Date: Tue, 01 Nov 2011 13:50:24 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.23) Gecko/20111010 Iceowl/1.0b2 Icedove/3.1.15
MIME-Version: 1.0
To: Harald Alvestrand <harald@alvestrand.no>
References: <4EAC6BF4.2000604@alvestrand.no> <CALiegf=f4kFzyDLWK+Y5vbuCEJFXX590+VuZ4bbnHZnvX0CoBA@mail.gmail.com> <4EAC8AE0.3020307@acm.org> <4EACD558.1050003@alvestrand.no> <4EAE157F.5020901@it.aoyama.ac.jp> <4EAEB76B.9090304@acm.org> <8B0C4061-D362-4DFE-9677-7E64515A6E1C@network-heretics.com> <4EAF9391.5040209@it.aoyama.ac.jp> <4EB05A23.3060101@alvestrand.no>
In-Reply-To: <4EB05A23.3060101@alvestrand.no>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Cc: Ned Freed <ned.freed@mrochek.com>, Keith Moore <moore@network-heretics.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>, Keith Moore <moore@cs.utk.edu>, Behave WG <behave@ietf.org>
Subject: Re: [rtcweb] URI schemes for TURN and STUN
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2011 20:50:45 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/01/2011 01:44 PM, Harald Alvestrand wrote: > Top-posting a general principle, detailed comment at the bottom.... > > For all URI schemes, I think the URI needs to contain all the information you > need in order to make contact with the service; you can't negotiate until you've > made contact. > (the process may involve things like "resolve through a resolution mechanism > like DNS" or "get authorization tokens from somewhere else"). > > In the case of TURN, you need to distinguish between TCP, UDP and TLS, and you > need to make that determination before you send the first packet. That means the > distinguishing information between those three things belongs in the URL; I > don't think the scheme is a good place to encode it. > > On 10/31/2011 11:37 PM, "Martin J. Dürst" wrote: >> >> >> On 2011/11/01 0:33, Keith Moore wrote: >>> >>> On Oct 31, 2011, at 10:57 AM, Marc Petit-Huguenin wrote: >>> >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Hi Martin, >>>> >>>> So I understand Roy's email as saying in fact the opposite of what Harald said, >>>> i.e. that using an "s" suffix to signify security is a good thing. >>>> >>>> What is your opinion on defining a generic scheme suffix (i.e. "+s" or "+sec") >>>> that would indicate a well defined set of security properties that could apply >>>> to any scheme, (vs the current "s" suffix where security properties has to be >>>> defined scheme by scheme)? >>> >>> >>> There is no "well defined set of security properties that could apply to any >>> scheme". Security properties necessarily vary depending on the way a >>> resource is used, the threat model, and so forth. >> >> Here I agree with Keith. >> >>> Also, the idea that there should be a "secure" bit in a URI scheme, to >>> distinguish it from the "insecure" form of a URL, doesn't make much sense. >>> You always want to use the best security that's available. >> >> You always want the best security you're willing to pay for. >> >>> You don't want that to depend on the URI scheme. >> >> Ideally not, but in actual operation, it made a lot of sense for HTTP as Roy >> has explained. > I think it made a lot of sense because the port 443 convention meant that you > had to know whether or not to use SSL had to be known before you sent the SYN > packet. > Well, same thing for TURN, as a different default port is used when TLS is used (3478 for TURN over UDP and TCP, and 5349 for TURN over TLS). - -- Marc Petit-Huguenin Personal email: marc@petit-huguenin.org Professional email: petithug@acm.org Blog: http://blog.marc.petit-huguenin.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk6wW48ACgkQ9RoMZyVa61fPKQCfTLUElFx97Pz8XwQHwkJmJNCh kiEAn3Ew6/LOxc816VpuMWk5hFfKzi5y =c0vN -----END PGP SIGNATURE-----
- Re: [rtcweb] URI schemes for TURN and STUN Martin J. Dürst
- Re: [rtcweb] URI schemes for TURN and STUN Harald Alvestrand
- [rtcweb] URI schemes for TURN and STUN Harald Alvestrand
- Re: [rtcweb] URI schemes for TURN and STUN Iñaki Baz Castillo
- Re: [rtcweb] URI schemes for TURN and STUN Marc Petit-Huguenin
- Re: [rtcweb] URI schemes for TURN and STUN Iñaki Baz Castillo
- Re: [rtcweb] URI schemes for TURN and STUN Eric Rescorla
- Re: [rtcweb] URI schemes for TURN and STUN Martin J. Dürst
- Re: [rtcweb] URI schemes for TURN and STUN Cullen Jennings
- Re: [rtcweb] URI schemes for TURN and STUN Bernard Aboba
- Re: [rtcweb] URI schemes for TURN and STUN Marc Petit-Huguenin
- Re: [rtcweb] URI schemes for TURN and STUN Martin J. Dürst
- Re: [rtcweb] URI schemes for TURN and STUN Magnus Westerlund
- Re: [rtcweb] URI schemes for TURN and STUN Marc Petit-Huguenin
- Re: [rtcweb] URI schemes for TURN and STUN Harald Alvestrand
- Re: [rtcweb] URI schemes for TURN and STUN Keith Moore
- Re: [rtcweb] URI schemes for TURN and STUN Keith Moore
- Re: [rtcweb] URI schemes for TURN and STUN Keith Moore
- Re: [rtcweb] URI schemes for TURN and STUN Eric Rescorla
- Re: [rtcweb] URI schemes for TURN and STUN Eric Rescorla
- Re: [rtcweb] URI schemes for TURN and STUN Eric Rescorla
- Re: [rtcweb] URI schemes for TURN and STUN Keith Moore
- Re: [rtcweb] URI schemes for TURN and STUN Keith Moore
- Re: [rtcweb] URI schemes for TURN and STUN Ned Freed
- Re: [rtcweb] URI schemes for TURN and STUN Eric Rescorla
- Re: [rtcweb] URI schemes for TURN and STUN Dan Wing
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Marc Petit-Huguenin
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Dan Wing
- Re: [rtcweb] URI schemes for TURN and STUN Eric Rescorla
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Marc Petit-Huguenin
- Re: [rtcweb] URI schemes for TURN and STUN Dan Wing
- Re: [rtcweb] URI schemes for TURN and STUN Harald Alvestrand
- Re: [rtcweb] URI schemes for TURN and STUN Eric Rescorla
- Re: [rtcweb] URI schemes for TURN and STUN Gonzalo Salgueiro
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Marc Petit-Huguenin
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Gonzalo Salgueiro
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Marc Petit-Huguenin
- Re: [rtcweb] URI schemes for TURN and STUN Eric Rescorla
- Re: [rtcweb] URI schemes for TURN and STUN Bjoern Hoehrmann
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Harald Alvestrand
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Harald Alvestrand
- Re: [rtcweb] URI schemes for TURN and STUN Harald Alvestrand
- Re: [rtcweb] URI schemes for TURN and STUN Iñaki Baz Castillo
- Re: [rtcweb] URI schemes for TURN and STUN Harald Alvestrand
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Marc Petit-Huguenin
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Marc Petit-Huguenin
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Gonzalo Salgueiro
- Re: [rtcweb] [BEHAVE] URI schemes for TURN and ST… Tina TSOU