IETF Logo Mail Archive

Re: [tram] [Tsv-art] Tsvart last call review of draft-ietf-tram-turnbis-25

Joe Touch <touch@strayalpha.com> Wed, 26 June 2019 15:25 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B4AA12004D; Wed, 26 Jun 2019 08:25:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.22
X-Spam-Level:
X-Spam-Status: No, score=-1.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PFS7wTouUfv4; Wed, 26 Jun 2019 08:25:55 -0700 (PDT)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACF22120074; Wed, 26 Jun 2019 08:25:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id: Content-Transfer-Encoding:Cc:Date:In-Reply-To:From:Subject:Mime-Version: Content-Type:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=DYqkjZNtlBtusnJlbSCHlREXv2xrx9Y0N0gUFhd4Nhs=; b=WYYJGDwRh9oK4qgWtv0XP2Syn 5HKRJq6voNCtpqlGB8qvh1isXn2MtTmI3ewBaIJ74tusO9qfwPxJwDvbGQcdHu51GKwL0RQ0iu9b/ iHzA+gr7olqldY3lMGuBEVvWB5GS0mgoc1T0dxf2rY8SbhcP2x81I1YfF0866r/9n+YY5JdjP0Gy7 Ry42jWHkc+WBGGgxbOGi05LkvqPdgVKo+e3WdC/z4ORhVN7obgTLhaVf60/klfivF42fRoSRRqRd4 cLkmWEaudSqTG2AZbyg7IxOl4ZMGa9bsvw0Sh2kk/TeLUm8ApJL7BhiVlxG/BHZl0dviltRKcuQ9z 3IC8XTPhQ==;
Received: from cpe-172-250-240-132.socal.res.rr.com ([172.250.240.132]:55271 helo=[192.168.1.77]) by server217.web-hosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from <touch@strayalpha.com>) id 1hg9nc-000m3b-Bf; Wed, 26 Jun 2019 11:25:43 -0400
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Joe Touch <touch@strayalpha.com>
In-Reply-To: <20190626133736.GA18345@kduck.mit.edu>
Date: Wed, 26 Jun 2019 08:25:27 -0700
Cc: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@mcafee.com>, Magnus Westerlund <magnus.westerlund@ericsson.com>, "tsv-art@ietf.org" <tsv-art@ietf.org>, "draft-ietf-tram-turnbis.all@ietf.org" <draft-ietf-tram-turnbis.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "brandon.williams@akamai.com" <brandon.williams@akamai.com>, "tram@ietf.org" <tram@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <D71AB55C-8658-4E64-93D8-D983B92E99DE@strayalpha.com>
References: <edcd66c2-0dfb-8f89-d6a3-53482c433d4e@strayalpha.com> <DM5PR16MB17057CCD4D2543D84254EFD1EAEB0@DM5PR16MB1705.namprd16.prod.outlook.com> <HE1PR0701MB2522DCB2459055A6319C439B95EA0@HE1PR0701MB2522.eurprd07.prod.outlook.com> <DM5PR16MB1705E3EF8260B456A9B02C10EAEA0@DM5PR16MB1705.namprd16.prod.outlook.com> <HE1PR0701MB2522C0A1063877D45985619795EA0@HE1PR0701MB2522.eurprd07.prod.outlook.com> <BD41AC2D-3925-4E11-B1EC-AD24680376AE@strayalpha.com> <DM5PR16MB1705F636477B6234FEA35A04EAE50@DM5PR16MB1705.namprd16.prod.outlook.com> <20190624233637.GF48838@kduck.mit.edu> <HE1PR0701MB25224C8F0585C940B8DBFFF695E30@HE1PR0701MB2522.eurprd07.prod.outlook.com> <DM5PR16MB17058A3EEC90267BA9A6458DEAE20@DM5PR16MB1705.namprd16.prod.outlook.com> <20190626133736.GA18345@kduck.mit.edu>
To: Benjamin Kaduk <kaduk@mit.edu>
X-Mailer: Apple Mail (2.3445.9.1)
X-OutGoing-Spam-Status: No, score=-0.5
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/cAloQaGwUOh5rJQOQuE7hcEZppw>
Subject: Re: [tram] [Tsv-art] Tsvart last call review of draft-ietf-tram-turnbis-25
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jun 2019 15:25:57 -0000

Minor suggestions:

> On Jun 26, 2019, at 6:37 AM, Benjamin Kaduk <kaduk@mit.edu> wrote:
> 
> On Wed, Jun 26, 2019 at 10:32:48AM +0000, Konda, Tirumaleswar Reddy wrote:
>> As per the suggestion from Magnus, modified text as follows:
>> 
>> TCP connection between the TURN client and server can use TCP-AO [RFC5925] but UDP does not provide a similar type of authentication until UDP supports
>> authentication option.  

(an equivalent? a similar?) and cite draft-ietf-tsvwg-udp-options

>> If TCP-AO would be used between TURN client and server, it would not change the end-to-end security properties of

Even if both TCP-AO and UDP authentication were both used between...

>> the UDP payload being relayed.
>>  Therefore applications using TURN will need to secure their application data end-to-end appropriately, e.g.  SRTP for RTP applications. 

Joe

v2.23.0 | Report a Bug | By Email