IETF Logo Mail Archive

Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples

Iñaki Baz Castillo <ibc@aliax.net> Thu, 05 March 2015 10:53 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DAED1B2BD0 for <rtcweb@ietfa.amsl.com>; Thu, 5 Mar 2015 02:53:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.678
X-Spam-Level:
X-Spam-Status: No, score=-1.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Puu66_4W-JAj for <rtcweb@ietfa.amsl.com>; Thu, 5 Mar 2015 02:53:23 -0800 (PST)
Received: from mail-qg0-f48.google.com (mail-qg0-f48.google.com [209.85.192.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BBEF11B2BD5 for <rtcweb@ietf.org>; Thu, 5 Mar 2015 02:53:23 -0800 (PST)
Received: by qgfh3 with SMTP id h3so4441896qgf.13 for <rtcweb@ietf.org>; Thu, 05 Mar 2015 02:53:23 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=g8rrFTpwWMB4Cbbx+aqaSN4FjUhiyfex0lYVmFD8wKA=; b=dH0iWN0ffsfhh4lwUjG77iyue/IDs0ANG4HXRBK0tAlGVFTi2dum76JvTUP/IwpIQS hsRrOqcQ44dwICIaKBC1dI0k/5Zvs9AVaZbrkOntF0XUEtOLM7J8eU5hD9Lx4Qk39T95 4yyDK9YX4NaWhg2s9BBZ9G1R0Xpci11dtM6MMURctjI/9RU+vhI7sZ+7w/HgwhYJrHEg 0819J2tmkNP3yzO0VSwvIE93xQPBKr2oCJuHreMnDTWnkSr61hLFDvXZ90ePYqFcDBjz B98K05ZWubJ2th02NJt0s+hjJltLHCpFsJM9N58+8NgiInJ5Ts5YEpMvzXRo7in2fL5g uT1w==
X-Gm-Message-State: ALoCoQlTMKP+X73FDVR+SfX3kyMdpoipuyJW5seQEIL70ikKnqSUiHt8arT4TI/dxtGYamoi02G0
X-Received: by 10.229.26.135 with SMTP id e7mr7603487qcc.5.1425552803043; Thu, 05 Mar 2015 02:53:23 -0800 (PST)
MIME-Version: 1.0
Received: by 10.96.200.4 with HTTP; Thu, 5 Mar 2015 02:53:02 -0800 (PST)
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B1D728297@ESESSMB209.ericsson.se>
References: <54F74B02.1070902@jive.com> <CAD5OKxs8JYG3-Vvndi59ZrdPE7UTj22ozD4tcWTHgzWrHv=q7Q@mail.gmail.com> <54F756B2.60408@jive.com> <7594FB04B1934943A5C02806D1A2204B1D726AD8@ESESSMB209.ericsson.se> <CAD5OKxu7py3HbrFjxTDZS5ECFzx7vd=wpjve-gT6gWwksjEu+g@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D726B71@ESESSMB209.ericsson.se> <CABcZeBO1O6sA8MqvWkCDu3RPLz5-P2G65Us28i0baOavDnRT7Q@mail.gmail.com> <CAD5OKxuWCdgMR5Kxjv9BSwZ3Jm9kGXx9Pi-9FrfsnuQZ_91jAA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D726DC1@ESESSMB209.ericsson.se> <CALiegfkipJhsy7-40+=d9xMUf4RJGdn3_fABL3NN2KuFNvS2BA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D727570@ESESSMB209.ericsson.se> <CALiegfmfvz3NWSjcovGBytiOTbR6kFfyh0vx5cXoMJtytfGzRA@mail.gmail.com> <CAD5OKxsu3D0xHY-zYbDu1hyH_+4=3mWDvW2i98WCVZ+29BpKCw@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B1D728297@ESESSMB209.ericsson.se>
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Thu, 05 Mar 2015 11:53:02 +0100
Message-ID: <CALiegf=uPN+g546Ucv9s89z14cUTEme55y7B1siXZe97yj7Lig@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/qIY-_mK_qE-oaCiR_Db1jnLRiYQ>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] DTLS, DTLS-SRTP, and 5-tuples
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2015 10:53:28 -0000

2015-03-05 11:30 GMT+01:00 Christer Holmberg <christer.holmberg@ericsson.com>:
>>When was it agreed that DTLS ClientHello can be sent before the
>> connectivity check succeeded? I understand >that this will increase the
>> connection setup time, but I though that no data should be sent before the
>> >connectivity check response (consent) from the remote party.
>
>
>
> And, if the ClientHello reaches the server BEFORE the connectivity check
> STUN, how does the server know that it is associated with a given “virtual
> connection”?

It just ignores it. Client retransmissions will fix that.

Anyhow, I'm sorry but I no longer remember whether DTLS (which is just
media from the ICE point of view) can be sent before receiving the
STUN response or not. From the point of view of the peer performing
aggressive ICE nomination, it is sending USE-CANDIDATE Binding
requests so I can understand that it assumes a "valid-pair" (even if
it's not replied/confirmed yet by the remote) so media can begin (and
DTLS is just media).

I have to re-check.


-- 
Iñaki Baz Castillo
<ibc@aliax.net>

v2.23.0 | Report a Bug | By Email