Re: [rtcweb] Consent Freshness: Some suggestions for editorial clarifications
Christer Holmberg <christer.holmberg@ericsson.com> Thu, 25 September 2014 10:25 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B03801A6F6F for <rtcweb@ietfa.amsl.com>; Thu, 25 Sep 2014 03:25:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z9Qx1M6eHXHs for <rtcweb@ietfa.amsl.com>; Thu, 25 Sep 2014 03:25:21 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F3F91A6F62 for <rtcweb@ietf.org>; Thu, 25 Sep 2014 03:25:20 -0700 (PDT)
X-AuditID: c1b4fb3a-f79da6d0000008c7-07-5423ed8e18dd
Received: from ESESSHC015.ericsson.se (Unknown_Domain [153.88.253.124]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id D5.20.02247.E8DE3245; Thu, 25 Sep 2014 12:25:18 +0200 (CEST)
Received: from ESESSMB209.ericsson.se ([169.254.9.136]) by ESESSHC015.ericsson.se ([153.88.183.63]) with mapi id 14.03.0174.001; Thu, 25 Sep 2014 12:25:18 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Muthu Arul Mozhi Perumal <muthu.arul@gmail.com>
Thread-Topic: [rtcweb] Consent Freshness: Some suggestions for editorial clarifications
Thread-Index: AQHP2JlcIxJbv+HLeEKRM6mVcFFd6ZwRhFJw///tWoCAACur8P//5I0AgAAhrGA=
Date: Thu, 25 Sep 2014 10:25:17 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D45A4DC@ESESSMB209.ericsson.se>
References: <7594FB04B1934943A5C02806D1A2204B1D44E72A@ESESSMB209.ericsson.se> <CAKz0y8xB6VaJtcABPhyP2FMr13_ZGZNFzafaUs590ym2T5OPyA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D45A186@ESESSMB209.ericsson.se> <CAKz0y8x624Pwib+1Mxj9eOW2ACB55agfTXewp=YybRFiFzhKrA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D45A403@ESESSMB209.ericsson.se> <CAKz0y8yo+B-3fv-LpjhRTgLq5_-ouLkOJbnGeQ0CR3efMDvWjw@mail.gmail.com>
In-Reply-To: <CAKz0y8yo+B-3fv-LpjhRTgLq5_-ouLkOJbnGeQ0CR3efMDvWjw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.154]
Content-Type: multipart/alternative; boundary="_000_7594FB04B1934943A5C02806D1A2204B1D45A4DCESESSMB209erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmphkeLIzCtJLcpLzFFi42KZGfG3RrfvrXKIwYuLGhZ/NvtZrP3Xzu7A 5LFz1l12jyVLfjIFMEVx2aSk5mSWpRbp2yVwZbz85V/w5gFTxeEJTg2MF64zdTFyckgImEgs 2zobyhaTuHBvPVsXIxeHkMBRRolL1/czQzhLGCUunv/E0sXIwcEmYCHR/U8bpEFEwFhiS8sv VhCbWUBd4s7ic+wgtrBAhMSZiQvYIWoiJWYu38wMYftJPNzdCmazCKhKLOs9DdbLK+ArsXVe F9TiVcwS28+9YQRJcAoEStxavp4FxGYEuu77qTVMEMvEJW49mQ91tYDEkj3nmSFsUYmXj/+x QthKEotuf4aqz5e4+v8EI8QyQYmTM5+wTGAUnYVk1CwkZbOQlM0CeplZQFNi/S59iBJFiSnd D9khbA2J1jlz2ZHFFzCyr2IULU4tLs5NNzLSSy3KTC4uzs/Ty0st2cQIjLaDW35b7WA8+Nzx EKMAB6MSD69CuXKIEGtiWXFl7iFGaQ4WJXHehefmBQsJpCeWpGanphakFsUXleakFh9iZOLg lGpg5L08daZN9OHdTcttlQKLRa0TkpLnOkx51CR3V+P4ilbLN9s2bhBeuIdjSf+jWZMubjIo mXiTdWNNGXv7leXhrJJpfO69N41Pmgn81LgrdEYnTHHPMmefC7kV/rdfHXvxf//DrKemsat6 0m4I/D2hGxa+aEHPbk9bo3eLkqLam0u+b81L2u9josRSnJFoqMVcVJwIAIe21ACXAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/ixvu5rYNU9fUBhv5giNkMyVHQ1I
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Consent Freshness: Some suggestions for editorial clarifications
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Sep 2014 10:25:23 -0000
Hi,
The reason for 30 seconds is the following:
As we know, the sender needs to receive at least one response to a request sent within the last 30 seconds, or the consent expires.
Assume you send a STUN request at time X, another one at time X+n etc.
Now, within the 30 seconds, assume the only response (all other requests/responses get lost in the network) you get is to the request you sent at time X, and you receive it 28 seconds after you sent the request.
But it is unlikely that someone will buffer the response for 28 sec. If the connectivity was lost for so long, the response to the first request would have also got lost..
Unlikely, yes. But, if it happens, and consent expires (because the sender did not wait for 30 seconds), who to blame?
The sender will say “you buffered the response too long”, and the receiver will say “you did get the response within 30 seconds”.
I am trying to avoid such situations, because both parties will say that they implement the draft correctly.
Of course, if you send a request at time X, and another one at time X+N, if you get a response to the X+N request you can terminate the state for the X request also.
So, in reality, I doubt there will be cases where the state lives for 30 seconds.
Regards,
Christer
Therefore, unless you wait for the response 30 seconds, consent will expire – EVEN if you did receive a response within 30 seconds.
I do agree it very likely won’t happen in real life, but our state machines etc should be able to handle the “worst case” scenario.
Regards,
Christer
From: Muthu Arul Mozhi Perumal [mailto:muthu.arul@gmail.com<mailto:muthu.arul@gmail.com>]
Sent: 25 September 2014 12:22
To: Christer Holmberg
Cc: rtcweb@ietf.org<mailto:rtcweb@ietf.org>
Subject: Re: [rtcweb] Consent Freshness: Some suggestions for editorial clarifications
On Thu, Sep 25, 2014 at 2:02 PM, Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>> wrote:
Hi,
Based on feedback I receive from implementers, there are a couple of clarifications I think would be useful in the consent freshness draft.
Q1:
-----
As STUN binding requests for consent are sent unreliably, and are not re-transmitted, I think it would be useful to have some explicit text saying that individual requests (and/or their associated responses) may get lost in the network, and that a sender must be prepared that a response to such requestmay never arrive.
It may be obvious to us, but maybe not as clear to the first-time reader of the draft.
Q2:
-----
Section 4.1 says:
“That is, if a valid STUN binding response corresponding to one of the STUN requests sent in the last 30 seconds
has not been received from the remote peer's Transport Address, the endpoint MUST cease transmission on that 5-tuple.”
First, I suggest the following clarification:
s/”to one of the STUN requests sent in the last 30 seconds”/”to one of the STUN requests (not necessarily the last one) sent in the last 30 seconds”.
Second, there is no explicit text on for how long the client keeps the STUN transaction alive, i.e. for how long it waits for the response.
I assume that, after 30 seconds, the client does not need to maintain state and wait for the response anymore.
My understanding is that the sender doesn't need remember the request for 30 sec, instead it needs to remember it only for RTT duration. If a matching response is received within that duration you have a 'hit'. If there is no 'hit' over the last 30 sec, consent expires.
I agree this isn't clear in the current version.
How do you calculate the RTT? Based on previous transactions?
I should have said smoothed RTT. I believe that is what STUN and TCP currently use.
What if, for whatever reason, the roundtrip for a STUN binding request/response takes longer that previously? You would discard the response.
Yes, but that shouldn't a problem for consent I think, because only if there was no 'hit' over the last 30 sec would consent expire.
I think it is much more clear the specify a time. 30 seconds is a good value, because if it takes longer the response is “unvalid” anyway.
I am okay with a fixed duration instead of a smoothed RTT. However, 30 sec looks too long to me to remember the request, holding unnecessary resources (we just need one matching response over the last 30 sec).
The other question is, do we really need to specify the duration to achieve interoperability here? I though Martin's opinion was that isn't needed to achieve interoperability, but I could have misread one of those discussions..
Muthu
Regards,
Christer
I think it would be useful to explicitly indicate that, and also say that responses that are received after that time must be discarded.
Thanks!
Regards,
Christer
_______________________________________________
rtcweb mailing list
rtcweb@ietf.org<mailto:rtcweb@ietf.org>
https://www.ietf.org/mailman/listinfo/rtcweb
- [rtcweb] Consent Freshness: Some suggestions for … Christer Holmberg
- Re: [rtcweb] Consent Freshness: Some suggestions … Ram Mohan R (rmohanr)
- Re: [rtcweb] Consent Freshness: Some suggestions … Christer Holmberg
- Re: [rtcweb] Consent Freshness: Some suggestions … Muthu Arul Mozhi Perumal
- Re: [rtcweb] Consent Freshness: Some suggestions … Christer Holmberg
- Re: [rtcweb] Consent Freshness: Some suggestions … Muthu Arul Mozhi Perumal
- Re: [rtcweb] Consent Freshness: Some suggestions … Christer Holmberg
- Re: [rtcweb] Consent Freshness: Some suggestions … Muthu Arul Mozhi Perumal
- Re: [rtcweb] Consent Freshness: Some suggestions … Christer Holmberg
- Re: [rtcweb] Consent Freshness: Some suggestions … Harald Alvestrand
- Re: [rtcweb] Consent Freshness: Some suggestions … Christer Holmberg
- Re: [rtcweb] Consent Freshness: Some suggestions … Makaraju, Maridi Raju (Raju)