IETF Logo Mail Archive

Re: [tram] Last Call: <draft-ietf-tram-alpn-06.txt> (Application Layer Protocol Negotiation (ALPN) labels for Session Traversal Utilities for NAT (STUN) Usages) to Proposed Standard

"Prashanth Patil (praspati)" <praspati@cisco.com> Mon, 27 October 2014 14:22 UTC

Return-Path: <praspati@cisco.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91B471ACD1C for <tram@ietfa.amsl.com>; Mon, 27 Oct 2014 07:22:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.51
X-Spam-Level:
X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1OlpVQHEMFSL for <tram@ietfa.amsl.com>; Mon, 27 Oct 2014 07:21:59 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E8141A00A3 for <tram@ietf.org>; Mon, 27 Oct 2014 07:21:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10857; q=dns/txt; s=iport; t=1414419719; x=1415629319; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=moOScV4UgClpEedByYKE//FwNe17JGiCgWXdKKstAkQ=; b=Fd++p2YWH54DCpIglkncLkH+Ibn0icGLBz84fLrG+fc2o1Z5TAg5LxJ4 aWjoNzHqotdR5h47Hn/Oddj7w8HCJ28R75HK1eRy0Nv+od6fRmPZ1eGbO s/jQaprgDQyDZoq5Vk2rzEri82exw0u8a0wxDvHvA6CLO6huuWLYJXpWC Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhoFAOdTTlStJA2G/2dsb2JhbABcgkhGVFgEzTIBC4dLAoEaFgF9hAIBAQEDAQEBAWsLBQsCAQgRAwECJAQHIQYLFAkIAgQBDQUJiCMDCQkNxFINhjgBAQEBAQEBAQEBAQEBAQEBAQEBAQEXjj4QgikRB4RLBY9pgh6ESIUBghGBMTyNZIJdhACCNIFEbAGBR4EDAQEB
X-IronPort-AV: E=Sophos;i="5.04,796,1406592000"; d="scan'208,217";a="363665130"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by rcdn-iport-9.cisco.com with ESMTP; 27 Oct 2014 14:21:58 +0000
Received: from xhc-rcd-x11.cisco.com (xhc-rcd-x11.cisco.com [173.37.183.85]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id s9RELwxr024747 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 27 Oct 2014 14:21:58 GMT
Received: from xmb-rcd-x07.cisco.com ([169.254.7.56]) by xhc-rcd-x11.cisco.com ([173.37.183.85]) with mapi id 14.03.0195.001; Mon, 27 Oct 2014 09:21:58 -0500
From: "Prashanth Patil (praspati)" <praspati@cisco.com>
To: Spencer Dawkins <spencerdawkins.ietf@gmail.com>, "agl@imperialviolet.org" <agl@imperialviolet.org>, Simon Perreault <sperreault@jive.com>
Thread-Topic: [tram] Last Call: <draft-ietf-tram-alpn-06.txt> (Application Layer Protocol Negotiation (ALPN) labels for Session Traversal Utilities for NAT (STUN) Usages) to Proposed Standard
Thread-Index: AQHP8e966bhsJ/XP+EuLC8ncvRqiO5xErtwA
Date: Mon, 27 Oct 2014 14:21:57 +0000
Message-ID: <D07452A3.558E7%praspati@cisco.com>
References: <D06419B6.51618%praspati@cisco.com> <544E51DC.1010908@gmail.com>
In-Reply-To: <544E51DC.1010908@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.4.140807
x-originating-ip: [10.65.36.132]
Content-Type: multipart/alternative; boundary="_000_D07452A3558E7praspaticiscocom_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tram/86YD6NIIIQbXZ_kON8hseBsR3Yo
Cc: "tram@ietf.org" <tram@ietf.org>
Subject: Re: [tram] Last Call: <draft-ietf-tram-alpn-06.txt> (Application Layer Protocol Negotiation (ALPN) labels for Session Traversal Utilities for NAT (STUN) Usages) to Proposed Standard
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Oct 2014 14:22:02 -0000

Hi Spencer,
Yes, a middle box could still use ALPN identifiers to make policy decisions. But that’s true with any ALPN identifier and not specific to identifiers defined in this draft.

-Prashanth

From: Spencer Dawkins <spencerdawkins.ietf@gmail.com<mailto:spencerdawkins.ietf@gmail.com>>
Date: Monday, October 27, 2014 7:38 PM
To: Prashanth Patil <praspati@cisco.com<mailto:praspati@cisco.com>>, "agl@imperialviolet.org<mailto:agl@imperialviolet.org>" <agl@imperialviolet.org<mailto:agl@imperialviolet.org>>, Simon Perreault <sperreault@jive.com<mailto:sperreault@jive.com>>
Cc: "tram@ietf.org<mailto:tram@ietf.org>" <tram@ietf.org<mailto:tram@ietf.org>>
Subject: Re: [tram] Last Call: <draft-ietf-tram-alpn-06.txt> (Application Layer Protocol Negotiation (ALPN) labels for Session Traversal Utilities for NAT (STUN) Usages) to Proposed Standard

On 10/15/2014 02:01 AM, Prashanth Patil (praspati) wrote:

Hi Adam,
The concerning use cases described in the draft were to indicate that the new ALPN identifiers could also be considered for WebRTC firewall traversal (as pointed out in http://tools.ietf.org/html/draft-hutton-rtcweb-nat-firewall-considerations-03#section-4.2).
End to end identifier negotiation is still the goal of this draft i.e. to negotiate the use of stun and its usages.
We'll remove these use cases and stick to end to end negotiation.

Sorry for chiming in late. I saw this exchange when it happened, but I'm still thinking about it.

I understood Adam's point to be "the draft says you can use ALPN labels to do something we don't think people should do", and Prashanth's response to be "we'll make sure the draft doesn't say that".

That might be the right action.

What finally sunk in for me, was that changing the draft so that it doesn't include those use cases, doesn't prevent anyone from doing what Adam doesn't think should be done, does it?

Would it be better to point out this concern in the draft, and perhaps explain why this is discouraged?

That's not a suggestion that you should do that. It's an honest question.

Thanks,

Spencer, as your more alert AD ...


-Prashanth
> On Thu, Oct 9, 2014 at 15:41, Adam Langley <agl@imperialviolet.org><mailto:agl@imperialviolet.org> wrote:

>> Is your concern specific to TRAM's proposed use of ALPN, or does it apply to
>> ALPN in general?

> In general I think the IETF should be promoting the end-to-end
> principle. My concern is specifically about TRAM implicitly endorsing
> the idea that the network should be applying policy like that.

> (There's also a fair amount of irony in that fact that the second
> example suggests ALPN be used to get around the fact that networks
> often discriminate based on TCP port numbers, and the first example is
> suggesting that networks do exactly the same thing to ALPN
> identifiers.)

> Cheers

> AGL



_______________________________________________
tram mailing list
tram@ietf.org<mailto:tram@ietf.org>https://www.ietf.org/mailman/listinfo/tram

v2.23.0 | Report a Bug | By Email