[rtcweb] consent freshness [was RE: STUN for keep-alive]
"Dan Wing" <dwing@cisco.com> Mon, 19 September 2011 15:07 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29BEE21F8BE8 for <rtcweb@ietfa.amsl.com>; Mon, 19 Sep 2011 08:07:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.152
X-Spam-Level:
X-Spam-Status: No, score=-103.152 tagged_above=-999 required=5 tests=[AWL=-0.553, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TpdT2hYdTl9I for <rtcweb@ietfa.amsl.com>; Mon, 19 Sep 2011 08:07:17 -0700 (PDT)
Received: from mtv-iport-2.cisco.com (mtv-iport-2.cisco.com [173.36.130.13]) by ietfa.amsl.com (Postfix) with ESMTP id A0A3521F8BF7 for <rtcweb@ietf.org>; Mon, 19 Sep 2011 08:07:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=dwing@cisco.com; l=3002; q=dns/txt; s=iport; t=1316444981; x=1317654581; h=from:to:cc:references:in-reply-to:subject:date: message-id:mime-version:content-transfer-encoding; bh=377aEAnClwJ10xUIwBwDskF4D0LltT9N4QXL+QOMFVI=; b=LLXxCrJWA4BStyewAvbZPVJzjIAr3ZT35WTL4zs+msEOXPiJA+uVEW0k SCkH5IxucBXn4n4kfqtMYy5SaJkb0+XCGbxCQz0Q6kjCmYV0HSTDQ03Xo U7eWhOG+4oQLBEFb3mbS/ddVWvgRtMl24TBPkfrJIfowdoaR1oVEuywrV E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApcAADxad06rRDoI/2dsb2JhbABCmEKBbIx7d4FTAQEBAQMICgEXED8MAQMCGAIEAQEBJwcZIwoJCAEBBAESCxefBwGdZ4Z4BIdvnSc
X-IronPort-AV: E=Sophos;i="4.68,405,1312156800"; d="scan'208";a="2969599"
Received: from mtv-core-3.cisco.com ([171.68.58.8]) by mtv-iport-2.cisco.com with ESMTP; 19 Sep 2011 15:09:41 +0000
Received: from dwingWS ([10.32.240.194]) by mtv-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id p8JF9eX2010327; Mon, 19 Sep 2011 15:09:40 GMT
From: Dan Wing <dwing@cisco.com>
To: 'Harald Alvestrand' <harald@alvestrand.no>, 'Eric Rescorla' <ekr@rtfm.com>
References: <7F2072F1E0DE894DA4B517B93C6A05852233EDB21D@ESESSCMS0356.eemea.ericsson.se> <1D062974A4845E4D8A343C653804920206648CB0@XMB-BGL-414.cisco.com> <7F2072F1E0DE894DA4B517B93C6A05852233EDB264@ESESSCMS0356.eemea.ericsson.se> <1D062974A4845E4D8A343C653804920206648CEB@XMB-BGL-414.cisco.com> <7F2072F1E0DE894DA4B517B93C6A05852233EDB2F0@ESESSCMS0356.eemea.ericsson.se> <1D062974A4845E4D8A343C653804920206648D0F@XMB-BGL-414.cisco.com> <7F2072F1E0DE894DA4B517B93C6A05852233EDB3E5@ESESSCMS0356.eemea.ericsson.se> <4E70D2E6.1000809@alvestrand.no> <CABcZeBORi5NLSsztnMfkwL43p9oKG9mi6e1WWOaiafAO_DpTVg@mail.gmail.com> <7F2072F1E0DE894DA4B517B93C6A05852233D45FA3@ESESSCMS0356.eemea.ericsson.se> <CABcZeBO9hUSYZhLrcfbaK9HLGXq-q1EvqWOy6-gAN5xom6Z2-A@mail.gmail.com> <092401cc749b$8fd64940$af82dbc0$@com> <CABcZeBPgRD6kb2gg=m9NckSa1wrzwzJS6527nYqFG34b0cjfgQ@mail.gmail.com> <4E765E4A.3050801@alvestrand.no>
In-Reply-To: <4E765E4A.3050801@alvestrand.no>
Date: Mon, 19 Sep 2011 08:09:41 -0700
Message-ID: <0ced01cc76de$28731630$79594290$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Acx2R2qXVdoY0v75RAi4W657Pzj1QQAldyUA
Content-Language: en-us
Cc: rtcweb@ietf.org
Subject: [rtcweb] consent freshness [was RE: STUN for keep-alive]
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Sep 2011 15:07:20 -0000
> -----Original Message----- > From: Harald Alvestrand [mailto:harald@alvestrand.no] > Sent: Sunday, September 18, 2011 2:11 PM > To: Eric Rescorla > Cc: Dan Wing; rtcweb@ietf.org > Subject: Re: [rtcweb] STUN for keep-alive > > On 09/16/2011 08:30 PM, Eric Rescorla wrote: > > On Fri, Sep 16, 2011 at 11:07 AM, Dan Wing<dwing@cisco.com> wrote: > >>> -----Original Message----- > >>> From: rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] On > >>> Behalf Of Eric Rescorla > >>> Sent: Wednesday, September 14, 2011 10:32 AM > >>> To: Christer Holmberg > >>> Cc: rtcweb@ietf.org > >>> Subject: Re: [rtcweb] STUN for keep-alive > >>> > >>> On Wed, Sep 14, 2011 at 10:20 AM, Christer Holmberg > >>> <christer.holmberg@ericsson.com> wrote: > >>>> Hi, > >>>> > >>>>> One new concern in this context is maintaining the consent > freshness. > >>>>> The browser needs to be sure that the recipient of traffic is > stil > >>> responding in a way that can't be forged. It's likely RTCP provides > >>> this (though we'd need to analyze to be sure) but perhaps better > would > >>> be to mandate STUN checks > >>>>> at enough frequency that you get some sort of level of > freshness.... > >>> maybe every 2 minutes or something. > >>>> Please note that the STUN keep-alives are implemented using STUN > >>> indication messages, so there are no replies (nor does the receiver > >>> perform an authentication check). > >>> > >>> > >>> Oh... I had forgotten that.... that's not good. > >> The RTCP receiver reports should be adequate for 'consent > freshness', no? > >> If I still like receiving the traffic, I'll report that I'm > receiving it. > >> If I have crashed or disconnected or am not listening on that port, > I won't. > > I believe so, though I'd have to make sure there's enough entropy. > And of course > > some implementations may not do RTCP... > Depending on RTCP seems less uncomfortable with SRTP than with > plaintext > RTCP. > I don't think we want to support RTCP-less applicaitons; if saying "no" > to them helps them not occur (it doesn't always help...) (Case in point: RTCP has long been a requirement for RTP, but implementation was still skipped by Cisco, and probably others.) I don't know how much entropy Eric was looking for. RTCP receiver reports only echo back the SSRC, which is 32 bits and is going to be static for the duration of each RTP session (yes, SSRC collision could make it change. But that is atypical.) STUN request/response echoes back the 96-bit transaction id, which changes as often as the requestor likes (typically each new STUN transaction). Which would someone skip -- skip sending/implementing RTCP for consent freshness, or skip sending/implementing STUN request/response for consent freshness? The STUN request/response is also additional data, whereas RTCP is something that is "already being sent" (thus the consent freshness isn't adding more bits on the wire). -d
- [rtcweb] STUN for keep-alive Christer Holmberg
- Re: [rtcweb] STUN for keep-alive Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] STUN for keep-alive Christer Holmberg
- Re: [rtcweb] STUN for keep-alive Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] STUN for keep-alive Christer Holmberg
- Re: [rtcweb] STUN for keep-alive Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] STUN for keep-alive Christer Holmberg
- Re: [rtcweb] STUN for keep-alive Jonathan Lennox
- Re: [rtcweb] STUN for keep-alive Randell Jesup
- Re: [rtcweb] STUN for keep-alive sisalem
- Re: [rtcweb] STUN for keep-alive Magnus Westerlund
- Re: [rtcweb] STUN for keep-alive Harald Alvestrand
- Re: [rtcweb] STUN for keep-alive Eric Rescorla
- Re: [rtcweb] STUN for keep-alive Christer Holmberg
- Re: [rtcweb] STUN for keep-alive Göran Eriksson AP
- Re: [rtcweb] STUN for keep-alive Eric Rescorla
- Re: [rtcweb] STUN for keep-alive Dan Wing
- Re: [rtcweb] STUN for keep-alive Dan Wing
- Re: [rtcweb] STUN for keep-alive Dzonatas Sol
- Re: [rtcweb] STUN for keep-alive Eric Rescorla
- Re: [rtcweb] STUN for keep-alive Dan Wing
- Re: [rtcweb] STUN for keep-alive Dzonatas Sol
- Re: [rtcweb] STUN for keep-alive Harald Alvestrand
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Olle E. Johansson
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Olle E. Johansson
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] STUN for keep-alive Magnus Westerlund
- [rtcweb] consent freshness [was RE: STUN for keep… Dan Wing
- Re: [rtcweb] consent freshness [was RE: STUN for … Magnus Westerlund
- Re: [rtcweb] consent freshness [was RE: STUN for … Dan Wing
- Re: [rtcweb] consent freshness [was RE: STUN for … Eric Rescorla
- Re: [rtcweb] consent freshness [was RE: STUN for … Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] STUN for keep-alive Randell Jesup
- Re: [rtcweb] consent freshness [was RE: STUN for … Magnus Westerlund
- Re: [rtcweb] STUN for keep-alive Magnus Westerlund
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Iñaki Baz Castillo
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Magnus Westerlund
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Magnus Westerlund
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Colin Perkins
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Iñaki Baz Castillo
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Colin Perkins
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Magnus Westerlund
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Iñaki Baz Castillo
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Iñaki Baz Castillo
- Re: [rtcweb] consent freshness [was RE: STUN for … Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Magnus Westerlund
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Magnus Westerlund
- Re: [rtcweb] consent freshness [was RE: STUN for … Magnus Westerlund
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] consent freshness [was RE: STUN for … Muthu Arul Mozhi Perumal (mperumal)
- Re: [rtcweb] consent freshness [was RE: STUN for … Randell Jesup
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Magnus Westerlund
- Re: [rtcweb] consent freshness [was RE: STUN for … Magnus Westerlund
- Re: [rtcweb] consent freshness [was RE: STUN for … Randell Jesup
- Re: [rtcweb] STUN for keep-alive Cullen Jennings
- Re: [rtcweb] STUN for keep-alive Michael Tüxen
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Hadriel Kaplan
- Re: [rtcweb] consent freshness [was RE: STUN for … Magnus Westerlund
- Re: [rtcweb] consent freshness [was RE: STUN for … Harald Alvestrand
- Re: [rtcweb] consent freshness [was RE: STUN for … Stefan Håkansson LK
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Olle E. Johansson
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Iñaki Baz Castillo
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Harald Alvestrand
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Iñaki Baz Castillo
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Harald Alvestrand
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Iñaki Baz Castillo
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Harald Alvestrand
- Re: [rtcweb] STUN for keep-alive - RTCP-less appl… Iñaki Baz Castillo