IETF Logo Mail Archive

Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)

"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Wed, 22 April 2015 02:25 UTC

Return-Path: <tireddy@cisco.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D9F61B30A3 for <tram@ietfa.amsl.com>; Tue, 21 Apr 2015 19:25:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pVe9TiA4zddw for <tram@ietfa.amsl.com>; Tue, 21 Apr 2015 19:25:48 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A34451B30A0 for <tram@ietf.org>; Tue, 21 Apr 2015 19:25:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2011; q=dns/txt; s=iport; t=1429669549; x=1430879149; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=cKlE/TaDoRaFcKwExwaQlnmZu74s6Lt9UAPs3EdEvpY=; b=lpTMtyRo4NDLMnQSQcU3Ro4hrn5RdNLVpo9kBM+1Ae0xXNhXtWMCd/8C TMXrolau8gnlH5oaw/+O57bkD7HAhXL16fjwrON3Fz1R+8+gsEhm4KnnR /1AooEZVw18rUd1BeC6oRyiAkYyXxGjUTecjO4mKYMze4w3Pzqk5dy130 M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BZBABoBTdV/5NdJa1RCoMMUlwFxTRmCYFFCoYEAoE4OBQBAQEBAQEBfYQgAQEBAwEBAQE3NBAHBAIBCBEEAQEBChQFBAcnCxQJCAEBBAESCBOICAgNy1YBAQEBAQEBAQEBAQEBAQEBAQEBAQETBIs3hCcsOAaDEYEWBZEzn1Yigh4ZgTxvgUSBAAEBAQ
X-IronPort-AV: E=Sophos;i="5.11,620,1422921600"; d="scan'208";a="143367986"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by alln-iport-2.cisco.com with ESMTP; 22 Apr 2015 02:25:48 +0000
Received: from xhc-rcd-x11.cisco.com (xhc-rcd-x11.cisco.com [173.37.183.85]) by rcdn-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id t3M2Plw0008806 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 22 Apr 2015 02:25:47 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.220]) by xhc-rcd-x11.cisco.com ([173.37.183.85]) with mapi id 14.03.0195.001; Tue, 21 Apr 2015 21:25:47 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: Brandon Williams <brandon.williams@akamai.com>, "tram@ietf.org" <tram@ietf.org>
Thread-Topic: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
Thread-Index: AdB3louUjzyHQog6Snaz2q2+zUT+kQE9tGmAAATBqZA=
Date: Wed, 22 Apr 2015 02:25:46 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A412146CB@xmb-rcd-x10.cisco.com>
References: <913383AAA69FF945B8F946018B75898A4120E570@xmb-rcd-x10.cisco.com> <55369AFB.4050907@akamai.com>
In-Reply-To: <55369AFB.4050907@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.50.120]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tram/Yx9Ys5lHaFSscKrFTXyvQCVxj0c>
Subject: Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Apr 2015 02:25:50 -0000

> -----Original Message-----
> From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Brandon Williams
> Sent: Wednesday, April 22, 2015 12:16 AM
> To: tram@ietf.org
> Subject: Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-
> party-authz-13: (with DISCUSS and COMMENT)
> 
> On 04/15/2015 12:09 PM, Tirumaleswar Reddy (tireddy) wrote:
> >> -----Original Message-----
> >> From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Brandon
> >> Williams
> >> Sent: Tuesday, April 14, 2015 6:07 PM
> >>
> >> I don't think OOB communication b/w the STUN and auth servers is a
> >> solution to the problem of wanting to provide additional details in
> >> the token. It defeats a large part of the purpose of moving to a
> >> token model in the first place, which was to avoid the need for these
> >> two servers to have to communicate directly with each other.
> >
> > The size of the metadata will determine if in-band or OOB is required.
> 
> The point is that OOB direct communication between the STUN and auth
> servers is not even an option for many 3rd party auth use cases. 

We have to first identify the metadata, the problems it solves, it's format, if we want to support both proprietary and standard TLV, how to handle cases if metadata is large and could cause fragmentation of request, OOB verses in-band communication etc. All the above work requires a separate draft.

> Also, if we
> don't provide a mechanism now then I think it may hurt interop to do so
> later, since servers that don't understand the extra information won't know
> how to handle it.

One possible way could be add an opaque field at the end of the encrypted_block for future enhancements.

-Tiru

> 
> --Brandon
> 
> --
> Brandon Williams; Chief Architect
> Cloud Networking; Akamai Technologies Inc.
> 
> _______________________________________________
> tram mailing list
> tram@ietf.org
> https://www.ietf.org/mailman/listinfo/tram

v2.23.0 | Report a Bug | By Email