Re: [rtcweb] Review of draft-ietf-rtcweb-stun-consent-freshness

"Ram Mohan R (rmohanr)" <rmohanr@cisco.com> Fri, 11 April 2014 10:16 UTC

Return-Path: <rmohanr@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 717011A05C3 for <rtcweb@ietfa.amsl.com>; Fri, 11 Apr 2014 03:16:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.373
X-Spam-Level:
X-Spam-Status: No, score=-8.373 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WNpfcN9ai8Nq for <rtcweb@ietfa.amsl.com>; Fri, 11 Apr 2014 03:16:02 -0700 (PDT)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) by ietfa.amsl.com (Postfix) with ESMTP id BF30D1A0573 for <rtcweb@ietf.org>; Fri, 11 Apr 2014 03:16:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2563; q=dns/txt; s=iport; t=1397211361; x=1398420961; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=e4lQEKBwcco2cm19yPZV5KlDsr9wOMHNYs+YmmS0OUQ=; b=AoY1/v/afUXIwU7tDzsfvqlpto9JtKzMylwQwU2JehSpjzeUdCEuCtfx Xr2p51EKXwptUK4Eitpc97DMlQfuw7qVAZ1nPjO91KyT/ZZ30QXNdBdHU N7YDpSx25XKIjPDYYptPA2spUsLAuD8TOzE5DbG75FPQBdnTk5+eQR6Wo 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhIFADzAR1OtJV2d/2dsb2JhbABZgwaBEsREgRsWdIIlAQEBBDpPAgEIEQMBAh8QIREdCAIEARIbh00DEcUlDYZjF4xTgiCEOASWcoFujHOFT4MxgWkkHg
X-IronPort-AV: E=Sophos;i="4.97,841,1389744000"; d="scan'208";a="34905880"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by alln-iport-3.cisco.com with ESMTP; 11 Apr 2014 10:16:00 +0000
Received: from xhc-rcd-x13.cisco.com (xhc-rcd-x13.cisco.com [173.37.183.87]) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id s3BAG19w016028 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 11 Apr 2014 10:16:01 GMT
Received: from xmb-aln-x05.cisco.com ([169.254.11.219]) by xhc-rcd-x13.cisco.com ([173.37.183.87]) with mapi id 14.03.0123.003; Fri, 11 Apr 2014 05:16:00 -0500
From: "Ram Mohan R (rmohanr)" <rmohanr@cisco.com>
To: "rtcweb@ietf.org" <rtcweb@ietf.org>, Oleg Moskalenko <mom040267@gmail.com>
Thread-Topic: [rtcweb] Review of draft-ietf-rtcweb-stun-consent-freshness
Thread-Index: AQHPU9ox18KS0rN1tEWX369fwer6hpsM5mAA
Date: Fri, 11 Apr 2014 10:16:00 +0000
Message-ID: <CF6DB4D8.87B95%rmohanr@cisco.com>
References: <CA+9kkMBqnJbpSBr9SQN_zSRr41=eaQ096sr9TTSAJ5LC7hZO-g@mail.gmail.com> <CF6B175D.86EC5%rmohanr@cisco.com>
In-Reply-To: <CF6B175D.86EC5%rmohanr@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.9.131030
x-originating-ip: [173.39.64.63]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <2B665FCD3E45FF40BA4640005BE9EEB3@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/piqUhLENhV19P6psy5OwsfBn8Ws
Subject: Re: [rtcweb] Review of draft-ietf-rtcweb-stun-consent-freshness
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Apr 2014 10:16:07 -0000

Hi Ted,

Thanks for forwarding the feedback from Oleg. Please see inline for answers


>
>
>From:  Ted Hardie <ted.ietf@gmail.com>
>Date:  Monday, 7 April 2014 11:50 pm
>To:  "rtcweb@ietf.org" <rtcweb@ietf.org>rg>, Oleg Moskalenko
><mom040267@gmail.com>
>Subject:  [rtcweb] Review of draft-ietf-rtcweb-stun-consent-freshness
>
>
>Howdy,
>
>
>The chairs recently asked for a review
>draft-ietf-rtcweb-stun-consent-freshness; Oleg was kind enough to do one.
>Below is the review.
>
>regards,
>
>Ted
>
>
>
>On Fri, Apr 4, 2014 at 12:40 AM, Oleg Moskalenko <mom040267@gmail.com>
>wrote:
>Hi Ted
>
>
>I went through the document and I have two things to comment:
>
>
>1) This document defines a "voluntary" pattern of the browser behavior.
>Nothing stops the determined attacker from taking the WebRTC code and
>creating a malicious client application that ignores all proposed
>connectivity checks. May be it is worth mentioning
> in the "Security Considerations" section.

Agree. A malicious browser that does not conform to this spec can do any
thing. I am not sure if we really any text to be added for that in the
draft.

>
>
>2) I have a feeling that the document is written with somewhat optimistic
>idea about the modern IP network qualities. The proposed timeouts are
>probably too small. I am hearing from our TURN server users that in modern
>Wi Fi public networks that's common to
> observe a freeze the IP traffic for several seconds. After that "freeze"
>the connectivity is restored. The users do not want the connection to be
>broken during that time - they want the video screen frozen, temporary. I
>had to make adjustments to the TURN
> server in our recent versions so that it does not disconnects the
>sessions too quickly under those conditions (when TCP is used). I have a
>feeling that you may have the same complains that the browser stops
>transmission in public Wi Fi networks too quickly.
> I'd suggest to review the wording of the proposal (like re-transmission
>after 500 ms and 15 secs timeout) to make it more tolerant for the bad IP
>networks (which are surprisingly are rather common).

Agree. We had revised a lot of text in the solution description section of
the draft (draft-ietf-rtcweb-stun-consent-freshness-02).
The text now is very generic and does not assume any specific timer
values. Please review the latest text and let us know if that looks ok.

Regards,
Ram

>
>
>Overall, I think that this proposal is very useful.
>
>
>Best regards,
>Oleg
>