IETF Logo Mail Archive

Re: [tram] Review of TURNbis-11

Brandon Williams <brandon.williams@akamai.com> Fri, 09 March 2018 21:21 UTC

Return-Path: <brandon.williams@akamai.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 593E6124F57 for <tram@ietfa.amsl.com>; Fri, 9 Mar 2018 13:21:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PvoaJEdUDOuE for <tram@ietfa.amsl.com>; Fri, 9 Mar 2018 13:21:37 -0800 (PST)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 785E31270FC for <tram@ietf.org>; Fri, 9 Mar 2018 13:21:37 -0800 (PST)
Received: from pps.filterd (m0122332.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w29LHS3r015834; Fri, 9 Mar 2018 21:21:36 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=subject : to : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=jan2016.eng; bh=91WfFK3PgFcmg7j+Nyuq3hxxnO3WcsOeWJPT2vj9brc=; b=gJEbngj1hy1hVGxzzUEizO9k2cqG8pPO+HRlbl7LUGPSPLCKaJsfZyOFEZzEI1+axbn6 M1BvO/2vFsPnynzlr6ED7KBGiliZ79B5KQiZwedgyQ8ur49mTas6iUY+XTnQILH5y0wI LvVmB9qbvi4HyNK/x2NdPHrzInGW5fQSrQ4W9lv67w/Mo0ms0v/BMVVfDhS7iiDWX5xK yq8EoI/QegNqRooVupUGrf1E8jQy7cBQDzqlchJkI7smuKy/27ki1QMlb0jGauYo116C ggzwTY5P6mdl1/l56CeLX04RU8dzRjKTSannQ5vrXZ9iFGhbJrI3bEljjAIVdA+EKXgk IA==
Received: from prod-mail-ppoint3 ([96.6.114.86]) by mx0a-00190b01.pphosted.com with ESMTP id 2gj42mtjqj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 09 Mar 2018 21:21:36 +0000
Received: from pps.filterd (prod-mail-ppoint3.akamai.com [127.0.0.1]) by prod-mail-ppoint3.akamai.com (8.16.0.21/8.16.0.21) with SMTP id w29LL2OR008927; Fri, 9 Mar 2018 16:21:35 -0500
Received: from prod-mail-relay15.akamai.com ([172.27.17.40]) by prod-mail-ppoint3.akamai.com with ESMTP id 2gfqx1hhgn-1; Fri, 09 Mar 2018 16:21:35 -0500
Received: from [172.28.118.62] (bowill.kendall.corp.akamai.com [172.28.118.62]) by prod-mail-relay15.akamai.com (Postfix) with ESMTP id D8E7D20067; Fri, 9 Mar 2018 21:21:34 +0000 (GMT)
To: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>, Marc Petit-Huguenin <petithug@acm.org>, "tram@ietf.org" <tram@ietf.org>
References: <325ddd79-ef98-c8ce-de50-1ef3878cd433@acm.org> <DM5PR16MB17882606F7602CEE66009903EAF20@DM5PR16MB1788.namprd16.prod.outlook.com> <c7716d08-f265-9ce9-ed2a-513ea0ddade6@acm.org> <DM5PR16MB1788777DA4671DD256BBE230EAF20@DM5PR16MB1788.namprd16.prod.outlook.com> <d496aa92-6c68-53f4-efca-34ac2880cfbc@acm.org> <BN6PR16MB14253E401210DF0235668335EADB0@BN6PR16MB1425.namprd16.prod.outlook.com>
From: Brandon Williams <brandon.williams@akamai.com>
Message-ID: <90a0b73d-b441-5275-147f-a1449ed46989@akamai.com>
Date: Fri, 09 Mar 2018 16:21:31 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <BN6PR16MB14253E401210DF0235668335EADB0@BN6PR16MB1425.namprd16.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-03-09_11:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803090253
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-03-09_11:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803090252
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/1eo_08yjv6AA9LWBOdp58hKwYWg>
Subject: Re: [tram] Review of TURNbis-11
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Mar 2018 21:21:39 -0000

Hi Marc,

Does the fix look OK to you now?

Thanks,
--Brandon

On 03/04/2018 07:50 AM, Konda, Tirumaleswar Reddy wrote:
> Thanks Marc, fixed the discrepancy.
> 
> -Tiru
> 
>> -----Original Message-----
>> From: Marc Petit-Huguenin [mailto:petithug@acm.org]
>> Sent: Saturday, March 3, 2018 3:04 AM
>> To: Konda, Tirumaleswar Reddy
>> <TirumaleswarReddy_Konda@McAfee.com>; tram@ietf.org
>> Subject: Re: [tram] Review of TURNbis-11
>>
>> As suggested by Brandon, I reviewed turnbis-14 for the modifications agreed
>> on below, and found one discrepancy.  See inline.
>>
>> On 02/09/2018 05:45 AM, Konda, Tirumaleswar Reddy wrote:
>>>> -----Original Message-----
>>>> From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Marc Petit-
>>>> Huguenin
>>>> Sent: Friday, February 9, 2018 6:54 PM
>>>> To: Konda, Tirumaleswar Reddy
>>>> <TirumaleswarReddy_Konda@McAfee.com>; tram@ietf.org
>>>> Subject: Re: [tram] Review of TURNbis-11
>>>>
>>>> Hi,
>>>>
>>>> My responses inline.
>>>>
>>>> On 02/09/2018 03:53 AM, Konda, Tirumaleswar Reddy wrote:
>>>>> Hi Marc,
>>>>>
>>>>> Please see inline
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Marc Petit-
>>>>>> Huguenin
>>>>>> Sent: Sunday, October 22, 2017 10:16 PM
>>>>>> To: tram@ietf.org
>>>>>> Subject: [tram] Review of TURNbis-11
>>>>>>
>>>>>> This is the second part of my review of TURNbis-11, i.e. everything
>>>>>> but the dual allocation part.
>>>>>>
>>>>>> - Section 2.1, last paragraph:
>>>>>>
>>>>>> May be a reference to RFC 5764 and RFC 7983 can be useful here.
>>>>>> Same in section 4, second paragraph and following.  Same at the
>>>>>> beginning of section 11.  Again in section 11.6 (if multiplexed,
>>>>>> the message in the reserved range is not necessarily discarded).
>>>>>
>>>>> Even if the same host transport address is used for other protocols,
>>>> incoming packets to the TURN channel can be identified by just
>>>> examining the source address of the packet.
>>>>> May be I am missing something, I did not get a problem ?
>>>>
>>>> It was just an attempt to make TURN implementers aware of the demux
>>>> issues.
>>>
>>> Got it, added the following line:
>>> The algorithm of demultiplexing packets received from multiple
>>> protocols is discussed in [RFC7983].
>>>
>>>>
>>>>>
>>>>>>
>>>>>> - Section 2.2, first paragraph:
>>>>>>
>>>>>> I think that an informative reference to RFC 7635 may be useful
>>>>>> there, as alternative to the STUN authentication mechanism.
>>>>>
>>>>> Yes, updated.
>>>>>
>>>>>>
>>>>>> - Section 2.9:
>>>>>>
>>>>>> The whole 2.9 section and subsections looks normative and so should
>>>>>> be moved after section 3, perhaps on their own top level section.
>>>>>
>>>>> Done.
>>>>>
>>>>>>
>>>>>> - Section 4, 4th paragraph:
>>>>>>
>>>>>> I would replace "For each allocation..." by "For each Allocate
>>>>>> request...", because of the dual allocation feature.
>>>>>
>>>>> Fixed.
>>>>>
>>>>>>
>>>>>> - Section 4, 12th paragraph:
>>>>>>
>>>>>> Should make clear clear that UDP covers also DTLS.
>>>>>
>>>>> Yes, updated.
>>
>> I cannot find this update in turn-14.
>>
>>>>>
>>>>>>
>>>>>> - Section 6.1, 2nd paragraph:
>>>>>>
>>>>>> If the port is multiplexed with other protocols (RTP, WebRtc,
>>>>>> etc..) then it has to reuse an existing socket.  The document should
>> explain this.
>>>>>
>>>>> It's already covered in Section 2.1 (last paragraph).
>>>>>
>>>>>>
>>>>>> - Section 6.2, 3th paragraph:
>>>>>>
>>>>>> Is it time to recommend DTLS instead of UDP?  In that case we need
>>>>>> to make DTLS mandatory in section 4 paragraph 11 (and I support
>>>>>> that
>>>> change).
>>>>>
>>>>> No, DTLS has both advantages (e.g. dictionary attack)  and
>>>>> disadvantages
>>>> (e.g. double encryption of application data).
>>>>
>>>> OK.
>>>>
>>>>>
>>>>>>
>>>>>> - Section 6.4, second bullet:
>>>>>>
>>>>>> Replace "...SRV procedures)." with "...DNS resolution procedures)."
>>>>>
>>>>> Any specific reason for the replacement ?
>>>>
>>>> This is to not exclude NPATR procedures (RFC 5928).
>>>
>>> Updated second bullet.
>>>
>>> Cheers,
>>> -Tiru
>>>
>>>>
>>>>>
>>>>>>
>>>>>> - Sections 14, 15 and 16:
>>>>>>
>>>>>> These are no longer new methods and attributes.  See also the next
>>>>>> comment.
>>>>>
>>>>> Fixed.
>>>>>
>>>>>>
>>>>>> - Section 19:
>>>>>>
>>>>>> Here you need to update the existing methods, attributes and error
>>>>>> code so the IANA registries point to the RFC-to-be, then you
>>>>>> request allocation for the new attributes.  See section 17 of
>>>>>> STUNbis on a way to do that (that was done following a discussion
>>>>>> with the IANA
>>>> representative at an IETF meeting).
>>>>>
>>>>> Thanks, updated draft.
>>>>>
>>>>>>
>>>>>> Note that ICMP should be comprehension-mandatory, not optional, as
>>>> we
>>>>>> do not want an old client to reject a Data indication with an ICMP
>> attribute.
>>>>>
>>>>> If the indication contains unknown comprehension-required
>>>>> attributes, the
>>>> behavior is the indication is discarded and processing ceases.
>>>>>
>>>>>>
>>>>>> Also, I do not know what this SendErr method is.
>>>>>
>>>>> Removed SendErr (stale entry from a previous version of the draft).
>>>>>
>>>>>>
>>>>>>
>>>>>> Nits
>>>>>> ----
>>>>>>
>>>>>> Section 1:
>>>>>>
>>>>>> s/connection to the Internet ./connection to the Internet./
>>>>>>
>>>>>> Section 2.4, first paragraph:
>>>>>>
>>>>>> The text switches between the words "mechanisms" and "way".
>> Choose
>>>>>> one.
>>>>>>
>>>>>> Section 6.2, item 8:
>>>>>>
>>>>>> s/ADDITIONAL- ADDRESS-FAMILY/ADDITIONAL-ADDRESS-FAMILY/
>>>>>>
>>>>>> Section 12.1, "Preferred Behavior"
>>>>>>
>>>>>> s/Label Field[RFC3697]/Label Field [RFC3697]/
>>>>>>
>>>>>> Section 21:
>>>>>>
>>>>>> s/ADDRESS-ERRR-CODE/ADDRESS-ERR-CODE/
>>>>>>
>>>>>> Section 22:
>>>>>>
>>>>>> s/orginal/original/
>>>>>
>>>>> Thanks, fixed all above nits.
>>>>>
>>
>> --
>> Marc Petit-Huguenin
>> Email: marc@petit-huguenin.org
>> Blog: https://marc.petit-huguenin.org
>> Profile: https://www.linkedin.com/in/petithug
> 
> _______________________________________________
> tram mailing list
> tram@ietf.org
> https://www.ietf.org/mailman/listinfo/tram
>

v2.23.0 | Report a Bug | By Email