IETF Logo Mail Archive

Re: [tram] Review of TURNbis-11

Marc Petit-Huguenin <petithug@acm.org> Sun, 11 March 2018 13:30 UTC

Return-Path: <petithug@acm.org>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58983126D05 for <tram@ietfa.amsl.com>; Sun, 11 Mar 2018 06:30:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.442
X-Spam-Level:
X-Spam-Status: No, score=-0.442 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L9xSyLEmbHuR for <tram@ietfa.amsl.com>; Sun, 11 Mar 2018 06:29:58 -0700 (PDT)
Received: from implementers.org (unknown [92.243.22.217]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48EAA124217 for <tram@ietf.org>; Sun, 11 Mar 2018 06:29:58 -0700 (PDT)
Received: from [IPv6:2601:648:8301:730f:ac0b:c7cc:59a:561f] (unknown [IPv6:2601:648:8301:730f:ac0b:c7cc:59a:561f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id 5ADB6AE8D9; Sun, 11 Mar 2018 14:29:56 +0100 (CET)
To: Brandon Williams <brandon.williams@akamai.com>, "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>, "tram@ietf.org" <tram@ietf.org>
References: <325ddd79-ef98-c8ce-de50-1ef3878cd433@acm.org> <DM5PR16MB17882606F7602CEE66009903EAF20@DM5PR16MB1788.namprd16.prod.outlook.com> <c7716d08-f265-9ce9-ed2a-513ea0ddade6@acm.org> <DM5PR16MB1788777DA4671DD256BBE230EAF20@DM5PR16MB1788.namprd16.prod.outlook.com> <d496aa92-6c68-53f4-efca-34ac2880cfbc@acm.org> <BN6PR16MB14253E401210DF0235668335EADB0@BN6PR16MB1425.namprd16.prod.outlook.com> <90a0b73d-b441-5275-147f-a1449ed46989@akamai.com>
From: Marc Petit-Huguenin <petithug@acm.org>
Message-ID: <a20f120b-acc7-12f4-7f44-273bc2ad2fa9@acm.org>
Date: Sun, 11 Mar 2018 06:29:54 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <90a0b73d-b441-5275-147f-a1449ed46989@akamai.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="htskh29k3aRmAlab8JvQDqluZlQH33hOO"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/3D_roX_OuRwoEJhY1pMEHZliyRk>
Subject: Re: [tram] Review of TURNbis-11
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Mar 2018 13:30:00 -0000

On 03/09/2018 01:21 PM, Brandon Williams wrote:
> Hi Marc,
> 
> Does the fix look OK to you now?

Yes, thanks.

> 
> Thanks,
> --Brandon
> 
> On 03/04/2018 07:50 AM, Konda, Tirumaleswar Reddy wrote:
>> Thanks Marc, fixed the discrepancy.
>>
>> -Tiru
>>
>>> -----Original Message-----
>>> From: Marc Petit-Huguenin [mailto:petithug@acm.org]
>>> Sent: Saturday, March 3, 2018 3:04 AM
>>> To: Konda, Tirumaleswar Reddy
>>> <TirumaleswarReddy_Konda@McAfee.com>; tram@ietf.org
>>> Subject: Re: [tram] Review of TURNbis-11
>>>
>>> As suggested by Brandon, I reviewed turnbis-14 for the modifications agreed
>>> on below, and found one discrepancy.  See inline.
>>>
>>> On 02/09/2018 05:45 AM, Konda, Tirumaleswar Reddy wrote:
>>>>> -----Original Message-----
>>>>> From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Marc Petit-
>>>>> Huguenin
>>>>> Sent: Friday, February 9, 2018 6:54 PM
>>>>> To: Konda, Tirumaleswar Reddy
>>>>> <TirumaleswarReddy_Konda@McAfee.com>; tram@ietf.org
>>>>> Subject: Re: [tram] Review of TURNbis-11
>>>>>
>>>>> Hi,
>>>>>
>>>>> My responses inline.
>>>>>
>>>>> On 02/09/2018 03:53 AM, Konda, Tirumaleswar Reddy wrote:
>>>>>> Hi Marc,
>>>>>>
>>>>>> Please see inline
>>>>>>
>>>>>>> -----Original Message-----
>>>>>>> From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Marc Petit-
>>>>>>> Huguenin
>>>>>>> Sent: Sunday, October 22, 2017 10:16 PM
>>>>>>> To: tram@ietf.org
>>>>>>> Subject: [tram] Review of TURNbis-11
>>>>>>>
>>>>>>> This is the second part of my review of TURNbis-11, i.e. everything
>>>>>>> but the dual allocation part.
>>>>>>>
>>>>>>> - Section 2.1, last paragraph:
>>>>>>>
>>>>>>> May be a reference to RFC 5764 and RFC 7983 can be useful here.
>>>>>>> Same in section 4, second paragraph and following.  Same at the
>>>>>>> beginning of section 11.  Again in section 11.6 (if multiplexed,
>>>>>>> the message in the reserved range is not necessarily discarded).
>>>>>>
>>>>>> Even if the same host transport address is used for other protocols,
>>>>> incoming packets to the TURN channel can be identified by just
>>>>> examining the source address of the packet.
>>>>>> May be I am missing something, I did not get a problem ?
>>>>>
>>>>> It was just an attempt to make TURN implementers aware of the demux
>>>>> issues.
>>>>
>>>> Got it, added the following line:
>>>> The algorithm of demultiplexing packets received from multiple
>>>> protocols is discussed in [RFC7983].
>>>>
>>>>>
>>>>>>
>>>>>>>
>>>>>>> - Section 2.2, first paragraph:
>>>>>>>
>>>>>>> I think that an informative reference to RFC 7635 may be useful
>>>>>>> there, as alternative to the STUN authentication mechanism.
>>>>>>
>>>>>> Yes, updated.
>>>>>>
>>>>>>>
>>>>>>> - Section 2.9:
>>>>>>>
>>>>>>> The whole 2.9 section and subsections looks normative and so should
>>>>>>> be moved after section 3, perhaps on their own top level section.
>>>>>>
>>>>>> Done.
>>>>>>
>>>>>>>
>>>>>>> - Section 4, 4th paragraph:
>>>>>>>
>>>>>>> I would replace "For each allocation..." by "For each Allocate
>>>>>>> request...", because of the dual allocation feature.
>>>>>>
>>>>>> Fixed.
>>>>>>
>>>>>>>
>>>>>>> - Section 4, 12th paragraph:
>>>>>>>
>>>>>>> Should make clear clear that UDP covers also DTLS.
>>>>>>
>>>>>> Yes, updated.
>>>
>>> I cannot find this update in turn-14.
>>>
>>>>>>
>>>>>>>
>>>>>>> - Section 6.1, 2nd paragraph:
>>>>>>>
>>>>>>> If the port is multiplexed with other protocols (RTP, WebRtc,
>>>>>>> etc..) then it has to reuse an existing socket.  The document should
>>> explain this.
>>>>>>
>>>>>> It's already covered in Section 2.1 (last paragraph).
>>>>>>
>>>>>>>
>>>>>>> - Section 6.2, 3th paragraph:
>>>>>>>
>>>>>>> Is it time to recommend DTLS instead of UDP?  In that case we need
>>>>>>> to make DTLS mandatory in section 4 paragraph 11 (and I support
>>>>>>> that
>>>>> change).
>>>>>>
>>>>>> No, DTLS has both advantages (e.g. dictionary attack)  and
>>>>>> disadvantages
>>>>> (e.g. double encryption of application data).
>>>>>
>>>>> OK.
>>>>>
>>>>>>
>>>>>>>
>>>>>>> - Section 6.4, second bullet:
>>>>>>>
>>>>>>> Replace "...SRV procedures)." with "...DNS resolution procedures)."
>>>>>>
>>>>>> Any specific reason for the replacement ?
>>>>>
>>>>> This is to not exclude NPATR procedures (RFC 5928).
>>>>
>>>> Updated second bullet.
>>>>
>>>> Cheers,
>>>> -Tiru
>>>>
>>>>>
>>>>>>
>>>>>>>
>>>>>>> - Sections 14, 15 and 16:
>>>>>>>
>>>>>>> These are no longer new methods and attributes.  See also the next
>>>>>>> comment.
>>>>>>
>>>>>> Fixed.
>>>>>>
>>>>>>>
>>>>>>> - Section 19:
>>>>>>>
>>>>>>> Here you need to update the existing methods, attributes and error
>>>>>>> code so the IANA registries point to the RFC-to-be, then you
>>>>>>> request allocation for the new attributes.  See section 17 of
>>>>>>> STUNbis on a way to do that (that was done following a discussion
>>>>>>> with the IANA
>>>>> representative at an IETF meeting).
>>>>>>
>>>>>> Thanks, updated draft.
>>>>>>
>>>>>>>
>>>>>>> Note that ICMP should be comprehension-mandatory, not optional, as
>>>>> we
>>>>>>> do not want an old client to reject a Data indication with an ICMP
>>> attribute.
>>>>>>
>>>>>> If the indication contains unknown comprehension-required
>>>>>> attributes, the
>>>>> behavior is the indication is discarded and processing ceases.
>>>>>>
>>>>>>>
>>>>>>> Also, I do not know what this SendErr method is.
>>>>>>
>>>>>> Removed SendErr (stale entry from a previous version of the draft).
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Nits
>>>>>>> ----
>>>>>>>
>>>>>>> Section 1:
>>>>>>>
>>>>>>> s/connection to the Internet ./connection to the Internet./
>>>>>>>
>>>>>>> Section 2.4, first paragraph:
>>>>>>>
>>>>>>> The text switches between the words "mechanisms" and "way".
>>> Choose
>>>>>>> one.
>>>>>>>
>>>>>>> Section 6.2, item 8:
>>>>>>>
>>>>>>> s/ADDITIONAL- ADDRESS-FAMILY/ADDITIONAL-ADDRESS-FAMILY/
>>>>>>>
>>>>>>> Section 12.1, "Preferred Behavior"
>>>>>>>
>>>>>>> s/Label Field[RFC3697]/Label Field [RFC3697]/
>>>>>>>
>>>>>>> Section 21:
>>>>>>>
>>>>>>> s/ADDRESS-ERRR-CODE/ADDRESS-ERR-CODE/
>>>>>>>
>>>>>>> Section 22:
>>>>>>>
>>>>>>> s/orginal/original/
>>>>>>
>>>>>> Thanks, fixed all above nits.
>>>>>>



-- 
Marc Petit-Huguenin
Email: marc@petit-huguenin.org
Blog: https://marc.petit-huguenin.org
Profile: https://www.linkedin.com/in/petithug

v2.23.0 | Report a Bug | By Email