IETF Logo Mail Archive

Re: [rtcweb] AD evaluation: draft-ietf-rtcweb-stun-consent-freshness-11

Bernard Aboba <bernard.aboba@gmail.com> Fri, 01 May 2015 18:44 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C53F1ACD4C for <rtcweb@ietfa.amsl.com>; Fri, 1 May 2015 11:44:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lTsRjnm-bgLr for <rtcweb@ietfa.amsl.com>; Fri, 1 May 2015 11:44:23 -0700 (PDT)
Received: from mail-wi0-x22d.google.com (mail-wi0-x22d.google.com [IPv6:2a00:1450:400c:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E4161A8902 for <rtcweb@ietf.org>; Fri, 1 May 2015 11:44:22 -0700 (PDT)
Received: by widdi4 with SMTP id di4so60561007wid.0 for <rtcweb@ietf.org>; Fri, 01 May 2015 11:44:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=1XGy4tVtrFVC91a58xT8Gy6+t7ku/RCpm74/SnHreN4=; b=gBMSWiDlbkSgooIh9/3H7v/SOfx1pp7Xxn4qBwqusRpjqUqjX6TGwuH24b+7dslbtx A7EJsN1rchQ18VRZkI2bPAU+m9LlsMhGgzx9t1jOvNoMrYg/RuglgPhG9ynYGU7cKwjP N8sARRMtVwna+rGIXfLh3g9VwclRphrBUmMSKF9QwOK6aTmVw3X3ORijEE2rzuYG+e/k ZeALrVR5R8UcumoXQtPEgy/0idQU0n6uVWbxDFVd8hpblTf8nt4Mlbp2AI1TQvs8br3b bw3RT5kl4To8aSD3/GRyr5FOIJ4HPlwfVX3C40is7vyd+IU551KcCZh+pGc9eEaMXfsj 5L9w==
X-Received: by 10.180.82.41 with SMTP id f9mr16221031wiy.48.1430505861392; Fri, 01 May 2015 11:44:21 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.27.54.16 with HTTP; Fri, 1 May 2015 11:44:01 -0700 (PDT)
In-Reply-To: <3B27E16C-2AD7-427B-864C-741F38575B97@cooperw.in>
References: <3B27E16C-2AD7-427B-864C-741F38575B97@cooperw.in>
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Fri, 01 May 2015 14:44:01 -0400
Message-ID: <CAOW+2dsk-3W8rgx9OfRcT+mEDd0W7H8ssUyUukUdfU1oGDfBhQ@mail.gmail.com>
To: "rtcweb@ietf.org" <rtcweb@ietf.org>
Content-Type: multipart/alternative; boundary="f46d041826e6b7adce0515099929"
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/ziiFPTnBd-jtA7jE2U7yNYPHym8>
Subject: Re: [rtcweb] AD evaluation: draft-ietf-rtcweb-stun-consent-freshness-11
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 May 2015 18:44:27 -0000

I did notice one other odd thing though, in Section 4.1:

   Consent expires after 30 seconds.  That is, if a valid STUN binding
response
   corresponding to any STUN request sent in the last 30 seconds has not
   been received from the remote peer's transport address, the endpoint
   MUST cease transmission on that 5-tuple.  STUN consent responses
   received after consent expiry do not re-establish consent, and may be
   discarded or cause an ICMP error....

   After consent is lost for any reason, the same ICE credentials MUST
   NOT be used on the affected 5-tuple again.  That means that a new
   session, or an ICE restart, is needed to obtain consent to send.

[BA] I am curious about the reasons behind this text.  Is there a security
vulnerability that this addresses?  From a transport point of view, 30
second outages are quite possible on the Internet due to routing transients
and so will introduce some brittleness, effectively requiring an ICE
restart (with attendant re-gathering).  As a counter-example, congestion
controlled protocols such as TCP do not give up this quickly.  So I'm
wondering if this is taking on a function better handled in circuit
breakers/congestion control specifications.

On Thu, Apr 30, 2015 at 8:32 PM, Alissa Cooper <alissa@cooperw.in> wrote:

> I have reviewed draft-ietf-rtcweb-stun-consent-freshness-11 in preparation
> for IETF LC. The document is in good shape and I will request the last call
> shortly. I have a couple of questions I’d like to discuss while the last
> call is ongoing, though. I’m not entirely caught up on mailing list traffic
> so apologies if these questions/comments have already been discussed.
>
> Section 4.1:
> "An endpoint that is not sending any application data does not need to
>    maintain consent.  However, failure to send could cause any NAT or
>    firewall mappings for the flow to expire.  Furthermore, having one
>    peer unable to send is detrimental to many protocols."
>
> It sounds like the unstated implication here is that if you are such an
> endpoint, you should keep doing consent checks anyway to maintain consent.
> Should that be stated explicitly, or am I misunderstanding?
>
> Section 7:
> The normative MAY here seems odd. It seems like this section could be
> replaced with:
>
> "The W3C specification [cite] may provide an API hook that generates an
> event when consent has expired for a given 5-tuple, meaning that
> transmission of data has ceased.  This could indicate what application data
> is affected, such as media or data channels.”
>
> Alissa
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>

v2.23.0 | Report a Bug | By Email