Re: [tram] Genart telechat review of draft-ietf-tram-stunbis-16

worley@ariadne.com (Dale R. Worley) Fri, 04 May 2018 01:32 UTC

Return-Path: <worley@alum.mit.edu>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0073512DA06 for <tram@ietfa.amsl.com>; Thu, 3 May 2018 18:32:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.685
X-Spam-Level:
X-Spam-Status: No, score=-1.685 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1-6sJyQZWUpX for <tram@ietfa.amsl.com>; Thu, 3 May 2018 18:32:39 -0700 (PDT)
Received: from resqmta-ch2-10v.sys.comcast.net (resqmta-ch2-10v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA10B12D93E for <tram@ietf.org>; Thu, 3 May 2018 18:32:39 -0700 (PDT)
Received: from resomta-ch2-14v.sys.comcast.net ([69.252.207.110]) by resqmta-ch2-10v.sys.comcast.net with ESMTP id EP0WfU0lx8Vr2EPaQfKyc2; Fri, 04 May 2018 01:32:38 +0000
Received: from hobgoblin.ariadne.com ([IPv6:2601:192:4603:9471:222:fbff:fe91:d396]) by resomta-ch2-14v.sys.comcast.net with ESMTPA id EPaPfJHnp1FLWEPaPf1S9n; Fri, 04 May 2018 01:32:38 +0000
Received: from hobgoblin.ariadne.com (hobgoblin.ariadne.com [127.0.0.1]) by hobgoblin.ariadne.com (8.14.7/8.14.7) with ESMTP id w441WaSv010906; Thu, 3 May 2018 21:32:36 -0400
Received: (from worley@localhost) by hobgoblin.ariadne.com (8.14.7/8.14.7/Submit) id w441WZix010890; Thu, 3 May 2018 21:32:35 -0400
X-Authentication-Warning: hobgoblin.ariadne.com: worley set sender to worley@alum.mit.edu using -f
From: worley@ariadne.com (Dale R. Worley)
To: Marc Petit-Huguenin <marc@petit-huguenin.org>
Cc: gen-art@ietf.org, draft-ietf-tram-stunbis.all@ietf.org, ietf@ietf.org, tram@ietf.org
In-Reply-To: <28aabbd3-db27-87a8-2b62-18ecab661d22@petit-huguenin.org> (marc@petit-huguenin.org)
Sender: worley@ariadne.com (Dale R. Worley)
Date: Thu, 03 May 2018 21:32:35 -0400
Message-ID: <87d0yc434c.fsf@hobgoblin.ariadne.com>
X-CMAE-Envelope: MS4wfOcngeLaFjJsIXPysQ5HZbRwBgP5auUJa/hFz0l13qkqFR9KBjNpx9O5aDGGc8xmIC1WBWg/BoPZ6MUqWYC+t9Ct8024C0qvkBtNaKcdoMoox9YOOgee DaA+82WTrXjVboFIys74/TUO63mpmXfrQQvS3B90dJ2MR+GbG1XRh7EJmqwy01QA8dUKpYhYWyP2sVgi9fRrTEq5cKE0pm2SMZYiKimKTLd4j5lQMFVSHLJU fz5gEkvzmCyEDb+Px3RuWgBXGvCNrnSCyI4umI8Mgpyui7tTVsyGafioahoHVjRR7KOFy/smWTe3OXjdMtB+kRb4z0j3yHBFNfziUMtaesfXFO3d+DlQuXK4 Mr5kjnNVzxX2Oh9vdCv/ruKZWi8rkw==
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/f_g2aqF9mPN9jiublcoicv99j0o>
Subject: Re: [tram] Genart telechat review of draft-ietf-tram-stunbis-16
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 May 2018 01:32:41 -0000

Marc Petit-Huguenin <marc@petit-huguenin.org> writes:
> Because we believe that this is a problem that will become more and
> more frequent, we decided to fix it, at least for new implementations.
>
> Please have a look at -17 and let us know what you think of it.

It looks like you've handled the problem of a NAT that changes the
address family of the request as well as can be done.

You've clarified the question of how the security feature bits are
assigned, although I note that -16 and -17 assign the bits differently
than versions -7 through -15 do.

That completes all of the significant issues from my review of -16.

And there are some nits:

6.2.1.  Sending over UDP or DTLS-over-UDP

   SHOULD be greater or equal than 500 ms.

s/equal than/equal to/.

6.2.3.  Sending over TLS-over-TCP or DTLS-over-UDP

   To do that, it follows the
   identification procedures defined in [RFC6125], with a certificate
   containing an identifier of type DNS-ID or CN-ID, eventually with
   wildcards, but not of type SRV-ID or URI-ID.

The meaning of "eventually" here is not clear.

14.  STUN Attributes

   The
   padding bits MUST be set to zero on sending and must be ignored by
   the receiver.

I assume the latter "must" is supposed to be "MUST".

14.13.  UNKNOWN-ATTRIBUTES

   Note:  In [RFC3489], this field was padded to 32 by duplicating the
      last attribute.  In this version of the specification, thPetriNet
      m --> PetriNet m --> e normal padding rules for attributes are
      used instead.

I assume that "thPetriNet m --> PetriNet m --> e" is intended to be
"the".

Appendix C.  Release notes

Section C.8 has the same contents as section C.9, but section C.9 has
the same title as section C.10.  (Although section C will be removed
before publication, so it's not important.)

Dale