Re: [tram] [Tsv-art] Tsvart last call review of draft-ietf-tram-turnbis-25
Benjamin Kaduk <kaduk@mit.edu> Mon, 24 June 2019 23:36 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53E7A12010F; Mon, 24 Jun 2019 16:36:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TGNd8urztvKo; Mon, 24 Jun 2019 16:36:52 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8476A120058; Mon, 24 Jun 2019 16:36:52 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x5ONacSR015675 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 24 Jun 2019 19:36:41 -0400
Date: Mon, 24 Jun 2019 18:36:38 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@mcafee.com>
Cc: Joe Touch <touch@strayalpha.com>, Magnus Westerlund <magnus.westerlund@ericsson.com>, "tsv-art@ietf.org" <tsv-art@ietf.org>, "draft-ietf-tram-turnbis.all@ietf.org" <draft-ietf-tram-turnbis.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, Brandon Williams <brandon.williams@akamai.com>, "tram@ietf.org" <tram@ietf.org>
Message-ID: <20190624233637.GF48838@kduck.mit.edu>
References: <DM5PR16MB170564C0438321CC3FDD0ACFEAEF0@DM5PR16MB1705.namprd16.prod.outlook.com> <4C41A2BC-0CBC-42D5-B313-22F9A9D51F6E@strayalpha.com> <DM5PR16MB1705874C023145D26DCB58E6EAEE0@DM5PR16MB1705.namprd16.prod.outlook.com> <edcd66c2-0dfb-8f89-d6a3-53482c433d4e@strayalpha.com> <DM5PR16MB17057CCD4D2543D84254EFD1EAEB0@DM5PR16MB1705.namprd16.prod.outlook.com> <HE1PR0701MB2522DCB2459055A6319C439B95EA0@HE1PR0701MB2522.eurprd07.prod.outlook.com> <DM5PR16MB1705E3EF8260B456A9B02C10EAEA0@DM5PR16MB1705.namprd16.prod.outlook.com> <HE1PR0701MB2522C0A1063877D45985619795EA0@HE1PR0701MB2522.eurprd07.prod.outlook.com> <BD41AC2D-3925-4E11-B1EC-AD24680376AE@strayalpha.com> <DM5PR16MB1705F636477B6234FEA35A04EAE50@DM5PR16MB1705.namprd16.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <DM5PR16MB1705F636477B6234FEA35A04EAE50@DM5PR16MB1705.namprd16.prod.outlook.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/Sv-lrTYU2uHaATBWzp9fqY8GXJM>
Subject: Re: [tram] [Tsv-art] Tsvart last call review of draft-ietf-tram-turnbis-25
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jun 2019 23:36:54 -0000
Sorry to jump in and hijack the middle of a different thread, but... On Wed, Jun 19, 2019 at 01:24:42PM +0000, Konda, Tirumaleswar Reddy wrote: > Hi Joe, > > I have added the following lines to address your comment: > > TCP multi-path [RFC6824] is not supported by this version of TURN > because TCP multi-path is not used by both SIP and WebRTC protocols > [RFC7478] for media and non-media data. If the TCP connection > between the TURN client and server uses TCP-AO [RFC5925] or TLS, the > client must secure application data (e.g. using SRTP) to provide > confidentially, message authentication and replay protection to > protect the application data relayed from the server to the peer > using UDP. Attacker attempting to spoof in fake data is discussed in ... this kind of cross-layer security requirement ("if you were using TCP-layer protection, now you have to impose a requirement on the application protocol (stack) at a higher layer") has been quite problematic in the past when attempted for other protocols. Consider this early warning that it will get a careful security area review during IESG evaluation, if not sooner. Being very specific about which component of the system has what requirements under which conditions would be helpful, as a start. -Ben > Section 20.1.4. Note that TCP-AO option obsoletes TCP MD5 option. > Unlike UDP, TCP without the TCP Fast Open extension [RFC7413] does > not support 0-RTT session resumption. The TCP user timeout [RFC5482] > equivalent for application data relayed by the TURN is the use of RTP > control protocol (RTCP). As a reminder, RTCP is a fundamental and > integral part of RTP.
- [tram] Tsvart last call review of draft-ietf-tram… Joseph Touch via Datatracker
- Re: [tram] Tsvart last call review of draft-ietf-… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Magnus Westerlund
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Brandon Williams
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Magnus Westerlund
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Magnus Westerlund
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Benjamin Kaduk
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Magnus Westerlund
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Benjamin Kaduk
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Konda, Tirumaleswar Reddy
- Re: [tram] [Tsv-art] Tsvart last call review of d… Magnus Westerlund
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch
- Re: [tram] [Tsv-art] Tsvart last call review of d… Joe Touch