IETF Logo Mail Archive

Re: [tram] Sharing nonces across allocations - allowed?

Jonathan Lennox <jonathan@vidyo.com> Wed, 19 February 2014 19:47 UTC

Return-Path: <jonathan@vidyo.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D58E41A0167 for <tram@ietfa.amsl.com>; Wed, 19 Feb 2014 11:47:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.131
X-Spam-Level:
X-Spam-Status: No, score=-1.131 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_SORBS_WEB=0.77, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FY6-F7Ks_mTV for <tram@ietfa.amsl.com>; Wed, 19 Feb 2014 11:47:26 -0800 (PST)
Received: from server209.appriver.com (server209f.appriver.com [8.31.233.121]) by ietfa.amsl.com (Postfix) with ESMTP id D2AE21A0135 for <tram@ietf.org>; Wed, 19 Feb 2014 11:47:25 -0800 (PST)
X-Note-AR-ScanTimeLocal: 2/19/2014 2:47:22 PM
X-Policy: GLOBAL - vidyo.com
X-Policy: GLOBAL - vidyo.com
X-Primary: jonathan@vidyo.com
X-Note: This Email was scanned by AppRiver SecureTide
X-Virus-Scan: V-
X-Note-SnifferID: 0
X-Note: TCH-CT/SI:0-126/SG:2 2/19/2014 2:47:19 PM
X-GBUdb-Analysis: 0, 162.209.16.214, Ugly c=0.80444 p=-0.952769 Source White
X-Signature-Violations: 0-0-0-4762-c
X-Note-419: 0 ms. Fail:0 Chk:1345 of 1345 total
X-Note: SCH-CT/SI:0-1345/SG:1 2/19/2014 2:47:09 PM
X-Note: Spam Tests Failed:
X-Country-Path: ->UNITED STATES->LOCAL
X-Note-Sending-IP: 162.209.16.214
X-Note-Reverse-DNS:
X-Note-Return-Path: jonathan@vidyo.com
X-Note: User Rule Hits:
X-Note: Global Rule Hits: G327 G328 G329 G330 G334 G335 G445
X-Note: Encrypt Rule Hits:
X-Note: Mail Class: VALID
X-Note: Headers Injected
Received: from [162.209.16.214] (HELO mail.vidyo.com) by server209.appriver.com (CommuniGate Pro SMTP 6.0.2) with ESMTPS id 99349546; Wed, 19 Feb 2014 14:47:22 -0500
Received: from 492132-EXCH1.vidyo.com ([fe80::50:56ff:fe85:4f77]) by 492133-EXCH2.vidyo.com ([fe80::50:56ff:fe85:6b62%13]) with mapi id 14.03.0146.000; Wed, 19 Feb 2014 13:47:21 -0600
From: Jonathan Lennox <jonathan@vidyo.com>
To: Simon Perreault <simon.perreault@viagenie.ca>
Thread-Topic: [tram] Sharing nonces across allocations - allowed?
Thread-Index: AQHPLZklI/mstGT3gUGmj+XPt51ctZq9UNsAgAAPVoA=
Date: Wed, 19 Feb 2014 19:47:21 +0000
Message-ID: <268FF716-1A3F-49F5-871A-9DBAB7BED28F@vidyo.com>
References: <5391AB6A-72FD-4DF0-B258-CA38AEB2E722@vidyo.com> <5304FD6C.2010907@viagenie.ca>
In-Reply-To: <5304FD6C.2010907@viagenie.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [160.79.219.114]
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <E92B079F6F9DA246B443D3C2E85DAB7B@vidyo.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tram/NA918Ix-GAJN9YOt9GSFPagYopM
Cc: "tram@ietf.org" <tram@ietf.org>
Subject: Re: [tram] Sharing nonces across allocations - allowed?
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Feb 2014 19:47:28 -0000

On Feb 19, 2014, at 1:52 PM, Simon Perreault <simon.perreault@viagenie.ca> wrote:

> Le 2014-02-19 12:36, Jonathan Lennox a écrit :
>> Since it says that a client identifies a server by hostname or IP address, I interpreted this to mean that the client SHOULD use the nonce established in setting up one allocation to authenticate itself for other allocations on the same server.
> 
> Well, your client may try it, in an attempt to save a round-trip, but it
> still has no idea for how long a nonce is going to be valid. The server
> has absolute authority to declare a nonce stale whenever it wants, and
> the client must be ready for it.

Sure, absolutely.

> There's also this:
> 
>   For each allocation, the server SHOULD generate a new
>   random nonce when the allocation is first attempted following the
>   randomness recommendations in [RFC4086]
> 
> I suppose it could be interpreted either way, but I understand the above
> to mean that previous nonces are expired when the new one is generated.

That also makes sense to me.

>> Relatedly: what should a server do when presented with a nonce it's never before encountered?
> 
> Servers are not required to remember the nonces they generate. They can
> use HMAC magic to detect invalid/expired nonces. (FWIW, that's what our
> server, Numb, does.)
> 
> I suppose we could define a new "invalid nonce" error code in STUN-bis.
> However, there would no point to doing that unless it resulted in
> different client behaviour.

Right, I think this should be the 438; I can’t think of any reason to want client behavior to be different for expired nonces and invalid nonces.  (And, as you say, the server can’t always distinguish them.)  But right now the spec only says what to do for expired nonces.

v2.23.0 | Report a Bug | By Email