Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Wed, 15 April 2015 16:09 UTC
Return-Path: <tireddy@cisco.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E14061B2CDF for <tram@ietfa.amsl.com>; Wed, 15 Apr 2015 09:09:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lBl5ey_zdCuA for <tram@ietfa.amsl.com>; Wed, 15 Apr 2015 09:09:02 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01BFC1B2CD8 for <tram@ietf.org>; Wed, 15 Apr 2015 09:09:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3840; q=dns/txt; s=iport; t=1429114142; x=1430323742; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=ENbTQpGqdtXDEy+ze5fcLNjYC9w2UwdcZxTe8bUaBJM=; b=cAUyGBPWLLPNmJzHS9+Y5uK4IMIOtrWSwG4rAkoq3AGPGYhP2n5pzoS2 2WVKkAsOQ4pr3sQ0KbjtU51HuQF+Se1HRzW8+pZEfnOTCV+u8i+ftXt9X P+fv0YaskaND7536iFlJB27kRQJULSu8l90581XSmFM0ri4FO9Xb1lsxl c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BVBQDJiy5V/4cNJK1cgwxSXAXEd4I0CoYDAoE7TAEBAQEBAX6EIAEBAQMBAQEBNy0HEAcGAQgRBAEBAQoUBQQoBgsUCQkBBAESCBOHewMJCA2/UA2FKwEBAQEBAQEBAQEBAQEBAQEBAQEBARMEiyuCSIFpGj6DEYEWBZEOg3mES5ABhjsigjOBPG+BRH8BAQE
X-IronPort-AV: E=Sophos;i="5.11,582,1422921600"; d="scan'208";a="412444519"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by rcdn-iport-2.cisco.com with ESMTP; 15 Apr 2015 16:09:01 +0000
Received: from xhc-rcd-x02.cisco.com (xhc-rcd-x02.cisco.com [173.37.183.76]) by alln-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id t3FG919C027335 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 15 Apr 2015 16:09:01 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.220]) by xhc-rcd-x02.cisco.com ([173.37.183.76]) with mapi id 14.03.0195.001; Wed, 15 Apr 2015 11:09:00 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: Brandon Williams <brandon.williams@akamai.com>, "tram@ietf.org" <tram@ietf.org>
Thread-Topic: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
Thread-Index: AdB3louUjzyHQog6Snaz2q2+zUT+kQ==
Date: Wed, 15 Apr 2015 16:09:00 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A4120E570@xmb-rcd-x10.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.73.110]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tram/8JvwQpPa5waFHtD3yS4J0Gb7egU>
Subject: Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2015 16:09:04 -0000
> -----Original Message----- > From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Brandon Williams > Sent: Tuesday, April 14, 2015 6:07 PM > To: tram@ietf.org > Subject: Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third- > party-authz-13: (with DISCUSS and COMMENT) > > I don't think OOB communication b/w the STUN and auth servers is a > solution to the problem of wanting to provide additional details in the > token. It defeats a large part of the purpose of moving to a token model in > the first place, which was to avoid the need for these two servers to have to > communicate directly with each other. The size of the metadata will determine if in-band or OOB is required. > > I agree with Martin that it would be useful to have the capability to > communicate additional information in the token, and I don't recall that it > was decided that the token wouldn't have this capability (unless by decided > you mean there wasn't enough interest in the discussion). Yes, there was not enough interest in the discussion. -Tiru > I don't agree that > this would necessarily be bad for interoperability, provided that individual > bits of additional information are never required to be present or required > to be understood if they are present. > A list of TLVs at the end of the data space would not be particularly difficult > to support. > > I don't feel strongly enough about providing such a mechanism to push for > it, but I would be supportive if someone else does. > > --Brandon > > On 04/14/2015 02:02 AM, Tirumaleswar Reddy (tireddy) wrote: > >> -----Original Message----- > >> From: Oleg Moskalenko [mailto:mom040267@gmail.com] > >> Sent: Tuesday, April 14, 2015 10:57 AM > >> To: Martin Thomson > >> Cc: Tirumaleswar Reddy (tireddy); tram-chairs@ietf.org; > >> tram@ietf.org; Brandon Williams; rlb@ipv.sx; Salz, Rich; Stephen > >> Farrell > >> (stephen.farrell@cs.tcd.ie) > >> Subject: Re: [tram] Stephen Farrell's Discuss on > >> draft-ietf-tram-turn-third- > >> party-authz-13: (with DISCUSS and COMMENT) > >> > >> On Mon, Apr 13, 2015 at 11:17 AM, Martin Thomson > >> <martin.thomson@gmail.com> wrote: > >>> > >>> Section 4 doesn't permit any additional information to be carried in > >>> the token. Therefore, the STUN/TURN server is unable to apply any > >>> additional policies that the authorization server might impose, such > >>> as limits on the length of the session, the number of ports > >>> allocated, or the bandwidth that is allocated. (Or whatever we > >>> might later conceive of.) > >> > >> I believe that extra token information is a very very bad idea - it > >> kills the whole interoperability thing in the draft. If we are adding "extra" > >> information to the token, we can as well just kill the draft and tell > >> the STUN server developers "do whatever you want, secure the stuff > >> somehow, we do not care". > > > > It was discussed in the WG and decision was not to carry any extra token > information so as to keep the token size small. In future an out-of-band > communication mechanism b/w STUN and authorization server to exchange > the token related metadata can be defined similar to the OAuth 2.0 Token > Introspection method defined in https://tools.ietf.org/html/draft-ietf-oauth- > introspection-07. > > > > -Tiru > > _______________________________________________ > > tram mailing list > > tram@ietf.org > > https://www.ietf.org/mailman/listinfo/tram > > > > -- > Brandon Williams; Senior Principal Software Engineer Emerging Products > Engineering; Akamai Technologies Inc. > > _______________________________________________ > tram mailing list > tram@ietf.org > https://www.ietf.org/mailman/listinfo/tram
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- [tram] Stephen Farrell's Discuss on draft-ietf-tr… Stephen Farrell
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Spencer Dawkins at IETF
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Spencer Dawkins at IETF
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich