Re: [tram] Alissa Cooper's Discuss on draft-ietf-tram-stun-origin-05: (with DISCUSS)
Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Thu, 14 May 2015 15:55 UTC
Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 291171A8718; Thu, 14 May 2015 08:55:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bDoDLNWfG1Lf; Thu, 14 May 2015 08:55:38 -0700 (PDT)
Received: from mail-la0-x22e.google.com (mail-la0-x22e.google.com [IPv6:2a00:1450:4010:c03::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD5E91A8732; Thu, 14 May 2015 08:55:35 -0700 (PDT)
Received: by labbd9 with SMTP id bd9so74286117lab.2; Thu, 14 May 2015 08:55:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=8mb7idLwEuLkASrc2zYunjXAce4dK4MVkJxdT2kpmz4=; b=Bgi9fto2VU1/1bIzShCOsebPUt+aWI+wrSxt+TGOBBg7bomXrfFsn/RH8wk1KUBuRA O1PcWZRafsYyOmdE9bWO5BTL2t2UUjUlGN7idrpGUBlu7xTc87V11wyBwOW3tLsBW8zu I3CP1a7hYO80F4v5YF4hFkHm9iElcgFAwSzI3E2kvlJuyuj49kx+7YOMlf+ShXCAqkYD R8sjtFjP/T4KRhGLkDmJS1xWlqEUgD7NevvtozdspbfrUCIDwLHDeqe7PQYN+YGFhfPJ tZPeEiNiopmJRFiuIwiDWqnJPSgTTr9xffvGsTDyaRqhzWSL/HYipX5egkINPuwFEahq ExhA==
MIME-Version: 1.0
X-Received: by 10.152.204.7 with SMTP id ku7mr3765011lac.38.1431618934152; Thu, 14 May 2015 08:55:34 -0700 (PDT)
Received: by 10.152.129.3 with HTTP; Thu, 14 May 2015 08:55:34 -0700 (PDT)
In-Reply-To: <13E02B6B-0D89-4AD3-8B69-06426A26732E@cooperw.in>
References: <20150511233012.17046.42319.idtracker@ietfa.amsl.com> <93BEDDC39A54294B9E78C7860516FA47673B781F@AZ-US1EXMB06.global.avaya.com> <13E02B6B-0D89-4AD3-8B69-06426A26732E@cooperw.in>
Date: Thu, 14 May 2015 10:55:34 -0500
Message-ID: <CAKKJt-cBB-Cekj5e4cC8PUk=1KZKRNm8pn2pBdg4tqd4MRsaZw@mail.gmail.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
To: "tram@ietf.org" <tram@ietf.org>
Content-Type: multipart/alternative; boundary="001a1134309206252905160cc232"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tram/p59gCvdpxjAeGzeiUZM_RZAZJUY>
Cc: "tram-chairs@ietf.org" <tram-chairs@ietf.org>
Subject: Re: [tram] Alissa Cooper's Discuss on draft-ietf-tram-stun-origin-05: (with DISCUSS)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 May 2015 15:55:45 -0000
Dear TRAMsters, Thanks to everyone who has helped with IESG evaluation for this draft so far. We had a nice conversation on today's formal telechat about this document, and I summarized the state of play as --- BEGIN Barry's Discuss has been resolved Ben's Discuss has been resolved Benoit forwarded the OPSDIR review that hadn't gotten where it needed to go, and it will be handled The Gen-ART review will be handled Stephen's Discuss had a few parts - what "analytics" are we talking about here? I think the answer was "for network operation and debugging". This was also in Alissa's Discuss, but she was OK with adding text to explain that. Origin was intended to be the equivalent of Host in HTTP, and the analytic impact is no worse than one IP address per realm, which is what's used today. - this also touched on "MUST NOT send Origin if it's privacy-sensitive, but Stephen didn't think that was the right answer - Stephen also asked why Origin and third-party-auth were both needed. The answer was that SIP would require a lot of changes to use third-party-auth. Alissa's Discuss had a few parts, and Stephen included a couple of additional questions in her ballot thread. - what kinds of things needed to be logged, and what the privacy implications were - whether unauthenticated requests could be twiddled with. The answer is that they can be, so you should require authentication if you care. - Stephen included a question about unique usernames across realms - Stephen included a question about a client with a username in more than one realm playing games with which username it submits to avoid charging. I thought the answer was that anyone charging would be doing it off either signaling or media and not off STUN, but Simon corrected me that charging for operators who only provide TURN servers would be in scope, so it's still an open question. This was also in Stephen's Discuss thread, on "lying", - Stephen included a question about user-memorable usernames being long-lived, and tied to an identity. The answer was that this is not true for RTCWeb, but was true for SIP. --- END After chatting on the call, here's what I think needs to happen. There are relatively minor comments and questions, most of which have been answered, but there are a couple of large and more intertwined questions that the IESG needs help with, especially in understanding the relationship between Origin and third-party-authz, and how long-lived usernames (in SIP) versus short-lived or even ephemeral usernames (which are possible in RTCWeb) work in the same protocol mechanism. The IESG has regularly-scheduled "informal telechats" every two weeks, to work through questions like this. It would be helpful for Simon (as document shepherd) and any authors who should participate to attend one, so we can work through the high-order questions. The next informal telechat is next week, May 21, at 10 AM EDT. The coordinates are https://workgreen.webex.com/workgreen/j.php?MTID=m305722fec48b24d34908d4074b6f0bbe Meeting number: 826 345 248 Meeting password: 1234 If you'd like to take the opportunity to have that conversation, please let me know, and I'll add draft-ietf-tram-stun-origin to the agenda. Thanks for all your work to date, and we'll get through the questions. Spencer
- [tram] Alissa Cooper's Discuss on draft-ietf-tram… Alissa Cooper
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Oleg Moskalenko
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Alissa Cooper
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Yoakum, John H (John)
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Stephen Farrell
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Simon Perreault
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Simon Perreault
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Stephen Farrell
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Simon Perreault
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Stephen Farrell
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Simon Perreault
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Alissa Cooper
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Spencer Dawkins at IETF
- Re: [tram] Alissa Cooper's Discuss on draft-ietf-… Alan Johnston