[tram] STUN over DTLS

Marc Petit-Huguenin <petithug@acm.org> Fri, 07 February 2014 00:34 UTC

Return-Path: <petithug@acm.org>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 6D2A41A057B for <tram@ietfa.amsl.com>; Thu, 6 Feb 2014 16:34:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.236
X-Spam-Status: No, score=-1.236 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id hHelbKvr8bKp for <tram@ietfa.amsl.com>; Thu, 6 Feb 2014 16:34:23 -0800 (PST)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id 62B0C1A0577 for <tram@ietf.org>; Thu, 6 Feb 2014 16:34:23 -0800 (PST)
Received: from [IPv6:2001:5c0:1101:2d00:5d0b:ff32:2dd6:e8c] (unknown [IPv6:2001:5c0:1101:2d00:5d0b:ff32:2dd6:e8c]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id A1C7E2025C for <tram@ietf.org>; Fri, 7 Feb 2014 01:34:19 +0100 (CET)
Message-ID: <52F42A09.5060809@acm.org>
Date: Thu, 06 Feb 2014 17:34:17 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.2.0
MIME-Version: 1.0
To: "tram@ietf.org" <tram@ietf.org>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Subject: [tram] STUN over DTLS
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2014 00:34:25 -0000

Hash: SHA256

After discussion, we decided to more or less restart the draft from a STUN
point of view.  Please find below some thoughts about what we plan to do, so
we can gather comments until the new version of the draft is published
(probably tomorrow afternoon).

First of all, I realized that what I need for my RELOAD draft was STUN over
DTLS, not TURN over DTLS (the plan for the RELOAD draft is to have a STUN
usage to find a unicast address from an anycast address, although now that I
read RFC 7094, I am not so sure that using DTLS is the right choice - but
that's orthogonal to TRAM's work).

So we will rename the draft-petithuguenin-tram-stun-dtls, with probably the
following sections:

2. DTLS as Transport for STUN
3. STUN Usages
3.1 NAT Discovery Usage
3.1.1 DTLS Support in STUN URIs
3.2 Connectivity Check Usage
3.3 Media Keep-Alive Usage
3.4 SIP Keep-Alive Usage
3.5 NAT Behavior Discovery Usage
3.6 TURN Usage
3.6.1 DTLS Support in TURN URIs
3.6.2 Resolution Mechanism for TURN over DTLS

The idea is to go through each standardized STUN Usages and to provide some
guidance when using DTLS.  You'll find below some notes on each of them.

- - NAT Discovery (RFC 5389)

The only information that could be hidden is the XOR-MAPPED-ADDRESS in the
response, but a listener on the path of the request already knows this value
(this is the source IP/port of the request), so there is not much to hide
here.  Also RFC 5389 explicitly discourages authentication for this usage
because of the cost and DTLS is probably more costly than a long-term
authentication (although without having to maintain a password database).  The
only reason would be to be sure that this is the correct STUN server, in case
someone tries to inject STUN responses with an incorrect XOR-MAPPED-ADDRESS.
On the other hand TURN also offers NAT Discovery as part of an Allocation,
which requires authentication, and for the cases that interest us (WebRTC),
having a TURN allocation is pretty much mandatory, so I would say that the
case for DTLS for pure NAT discovery is pretty weak.

This is also one of the Usage that will use a STUN URI, so we may want to say
something about it, similar to what is said about TURN URI.

- - Connectivity check (ICE, RFC 5245)

Using DTLS would permit to hide the USERNAME, PRIORITY, USE-CANDIDATE,
protects the whole STUN response using a password that is known only by
looking at the SDP exchanged, it is not possible for an attacker to inject
incorrect XOR-MAPPED-ADDRESS (which would subsequently be used as peer
reflexive candidate).  The main issue would be that ICE is slow enough without
adding a DTLS handshake on top of it for each connectivity check.
Interestingly Martin Thomson proposed to use the DTLS handshake that is needed
for DTLS-SRTP to do the connectivity check (draft-thomson-rtcweb-ice-dtls),
but that just prove that, at least in the WebRTC case, we do not want yet
another handshake.

This usage has no need for a STUN URI.

- - Media Keep-alive (ICE, RFC 5245)

This keep-alive method uses Binding Indication, so there is really nothing to
hide or protect here.

This usage has no need for a STUN URI.

- - SIP Keep-alive (RFC 5626)

The keep-alive described in RFC 5626 is for SIP, so it is done in the
same flow (using Binding Requests, not Binding Indications).  If SIP is using
DTLS (draft-jennings-sip-dtls, which seems to never have been standardized),
then the STUN transactions are running inside DTLS, so no additional DTLS
layer is needed.  If SIP is using UDP, then the STUN transactions cannot use DTLS.

This usage has no need for a STUN URI.

- - NAT Behavior Discovery (RFC 5780)

There is probably some value in using DTLS here, like for the NAT Discovery
Usage, but this usage is experimental and AFAIK not deployed.

The STUN URI can be used to access the NAT discovery feature of a NAT Behavior
Discovery server, but accessing the full features would probably require to
define a "stun-behaviors:" URI, which is out of scope for this draft.

- - TURN (RFC 5766 - which is both a STUN Usage and because of the channel
mechanism, a STUN extension)

The reasons for doing this are already explained in the draft (HOL blocking,

- -- 
Marc Petit-Huguenin
Email: marc@petit-huguenin.org
Blog: http://blog.marc.petit-huguenin.org
Profile: http://www.linkedin.com/in/petithug
Version: GnuPG v1