[tram] Milestone 2: New authentication mechanism

Simon Perreault <simon.perreault@viagenie.ca> Fri, 07 February 2014 14:21 UTC

Return-Path: <simon.perreault@viagenie.ca>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 505DC1A1F58 for <tram@ietfa.amsl.com>; Fri, 7 Feb 2014 06:21:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.436
X-Spam-Status: No, score=-2.436 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id DpLhGsZhOiwU for <tram@ietfa.amsl.com>; Fri, 7 Feb 2014 06:21:10 -0800 (PST)
Received: from jazz.viagenie.ca (jazz.viagenie.ca [IPv6:2620:0:230:8000::2]) by ietfa.amsl.com (Postfix) with ESMTP id 0C2B21A1F56 for <tram@ietf.org>; Fri, 7 Feb 2014 06:21:10 -0800 (PST)
Received: from porto.nomis80.org (ringo.viagenie.ca [IPv6:2620:0:230:c000:3e97:eff:fe0b:dd8a]) by jazz.viagenie.ca (Postfix) with ESMTPSA id BEDEB403B0 for <tram@ietf.org>; Fri, 7 Feb 2014 09:21:09 -0500 (EST)
Message-ID: <52F4EBD5.8000703@viagenie.ca>
Date: Fri, 07 Feb 2014 09:21:09 -0500
From: Simon Perreault <simon.perreault@viagenie.ca>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: "tram@ietf.org" <tram@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [tram] Milestone 2: New authentication mechanism
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2014 14:21:11 -0000

The current authentication mechanism for TURN, which is reused from
STUN, has been designed with a SIP account database in mind. The new
RTCWEB usages, which are mostly based on web applications, do not fit
that model. A new authentication mechanism optimized for such web
applications will be created.

Milestone 2a: Problem analysis
Candidate draft: draft-reddy-behave-turn-auth

Milestone 2b: Solution(s)
Candidate drafts: draft-uberti-behave-turn-rest,
draft-johnston-tram-stun-origin, maybe a draft based on OAuth

I would see this milestone fulfilled in two parts: problem analysis and
then solution(s).

One question the WG will have to answer is whether we need more than one
solution. Are the proposed solutions solving different aspects of the
problem, or can one solution solve all problems? Depending on the answer
we will end up adopting one or more drafts to fully solve the problem.

As far as I am concerned, as see this also as top priority. We should
first get consensus on the problem analysis, which could be done quickly
(before Toronto I would hope). Then work on solution(s) could take more

DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source        --> http://ecdysis.viagenie.ca
STUN/TURN server               --> http://numb.viagenie.ca