[tram] Adam Roach's Yes on draft-ietf-tram-turnbis-27: (with COMMENT)
Adam Roach via Datatracker <noreply@ietf.org> Wed, 10 July 2019 05:50 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: tram@ietf.org
Delivered-To: tram@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FC3B120045; Tue, 9 Jul 2019 22:50:18 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Adam Roach via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-tram-turnbis@ietf.org, Brandon Williams <brandon.williams@akamai.com>, tram-chairs@ietf.org, brandon.williams@akamai.com, tram@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.98.3
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Adam Roach <adam@nostrum.com>
Message-ID: <156273781850.15858.12819016613039810127.idtracker@ietfa.amsl.com>
Date: Tue, 09 Jul 2019 22:50:18 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/qs953vT8NoHjGEVqTuEY4JqAb6Y>
Subject: [tram] Adam Roach's Yes on draft-ietf-tram-turnbis-27: (with COMMENT)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jul 2019 05:50:19 -0000
Adam Roach has entered the following ballot position for draft-ietf-tram-turnbis-27: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tram-turnbis/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for all the work everyone did to update the TURN specification. I am balloting "Yes," as I think these are important changes to have published. I do have a small handful of comments that, while they don't rise to the level of a DISCUSS, are nonetheless rather important to consider before progressing this draft to an RFC. --------------------------------------------------------------------------- §5: > The server SHOULD > include the SOFTWARE attribute in all Allocate and Refresh responses > (either success or failure) and MAY include it in other responses or > indications. The Security Considerations section should probably include some mention of this behavior, and the trade-offs between allowing clients to know which software (and version) the server is running against providing this information to potential attackers who can use it to determine what software vulnerabilities may exist in that specific server and version. --------------------------------------------------------------------------- §11.5: > It also verifies that the IP > packet in the ICMP packet payload contains a UDP header. It's not clear what is being asked of implementations here. Is this just a check of the protocol field, or is it more involved than that? Is the intention that the server also check that the checksum is valid (i.e., matches the computed checksum or is zero)? If so, please spell it out more precisely. If this language is intended to imply even more rigorous checks, then it needs a lot more text. --------------------------------------------------------------------------- §12: > 0x5000-0xFFFF: Reserved (For DTLS-SRTP multiplexing collision > avoidance, see [RFC7983]. Given that values through 0x7FFF were permitted by the previous version of the protocol, it's unclear what what recovery path this document anticipates for legacy clients that might request channels in the 0x5000 - 0x7FFE range. The server behavior is well defined (the server sends a 400 response), but this seems to represent a fundamental backwards incompatibility, given that the client will take this to be a final request error and presumably abandon the attempt to use the TURN server. If the assumption is that no existing deployed legacy clients use channel numbers greater than 0x4FFF, please include that as a note. If the intention is instead that we're breaking backwards compatibility in a limited fashion, please include that as a note. If the rationale is some explanation other than these two, please include it as a note. --------------------------------------------------------------------------- §18.12: > Reason Phrase: The recommended reason phrases for error codes 440 > and 508 are explained in Section 19. The reason phrase MUST be a > UTF-8 [RFC3629] encoded sequence of less than 128 characters > (which can be as long as 509 bytes when encoding them or 763 bytes > when decoding them). This doesn't make a lot of sense to me. If arbitrary sequences of 128 UTF-8 characters are allowed, then the on-the-wire encoding might be as long as 512 bytes (rather than 509), even if this would only result from the use of unusual strings (e.g., 128 consecutive emoji). I'm even more lost by the indication of "763 bytes," as I can't figure out what "decoding" operation is being indicated here, nor can I figure out what kind of decoded sequence would use 5.96 bytes per character. Please double-check your numbers, and add more text indicating what is meant by "encoding" and "decoding" in this sentence. Also, nit: "...fewer than 128 characters..."
- [tram] Adam Roach's Yes on draft-ietf-tram-turnbi… Adam Roach via Datatracker
- Re: [tram] Adam Roach's Yes on draft-ietf-tram-tu… Konda, Tirumaleswar Reddy