Re: [tram] Fwd: New Version Notification for draft-williams-tram-ufrag-permission-00.txt
Justin Uberti <juberti@google.com> Thu, 15 October 2015 06:08 UTC
Return-Path: <juberti@google.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B303C1B30B4 for <tram@ietfa.amsl.com>; Wed, 14 Oct 2015 23:08:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Level:
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6I7pP69pvehS for <tram@ietfa.amsl.com>; Wed, 14 Oct 2015 23:08:17 -0700 (PDT)
Received: from mail-vk0-x22c.google.com (mail-vk0-x22c.google.com [IPv6:2607:f8b0:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94E131B30B3 for <tram@ietf.org>; Wed, 14 Oct 2015 23:08:17 -0700 (PDT)
Received: by vkat63 with SMTP id t63so43430565vka.1 for <tram@ietf.org>; Wed, 14 Oct 2015 23:08:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=ELheNkTwgemMrrXqT8kT9QTQHLx+DVuMEzM8jgRjMJQ=; b=nx+UxU3ommFFg7wd2IdOHvDFEdD9zm5VicmsZg23fJPAqaHGiW9+8c5nUGmdXZmlPl 0DdU3Je8MFWeRrmN1wsK7iQuK15mBM35FZyrzHAtfeq0ejGDltbKybCPy/VK/r3ozHZp mc1N637zab9OANHhkT2PxVhWJDBTxXy5c2GHfcWaAQ+cC235uopMJo1CJT0GprAhy9+U GrP8kZZP96dxK+zigcUORfAC7+n2Lye9pgkdLpxtVIjPshIfUG87jjcaTYnBCQQZQ++V yLcu+0ZxZPQF9yPwQuAKLxnJ9Lgdd2J8A9h6MnvCeq26txATimOOLTJPmL8JTT4FdLQ5 e/Bw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=ELheNkTwgemMrrXqT8kT9QTQHLx+DVuMEzM8jgRjMJQ=; b=GBzqRc7NaCb7fzZbRqdpSCD4bpEBsEedTEFVtcPQUpbmzjLg+qR737P1uw19IdTJue AvS5CcmTjjfBIW2EApXjQiP5qbRhGglOYd+7ThREg492Em9uTed2ljzua5J59/IAfa4Z qdGzmHc839egvQX3NwabBTtVJcXUhp1SrAiX4BJW8gXd6V6+umLjknVHWPVS57KXXKct mWIMo3eRP8cIaVuc8TIRxxFyBOGdXhuRV5VVeVysLs28THeV1Ji/Ur/BFiVXCvtyT2Sf QHy4FFqlCK0lKHFoVKvfNSWh8IAFio3H2lMhOEBCtR1rFA9h7b4fxo+BYUESt3BmOkoa tQ5A==
X-Gm-Message-State: ALoCoQmmlfF0wP2P7lZObPaSmq8MnnrMDPHODwB2xudP8yx4BRJcEFviywteCfa2Ic18wJ507u0M
X-Received: by 10.31.10.16 with SMTP id 16mr4449065vkk.135.1444889296661; Wed, 14 Oct 2015 23:08:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.31.170.201 with HTTP; Wed, 14 Oct 2015 23:07:57 -0700 (PDT)
In-Reply-To: <f96d4d9f87e142ef8d7cbb8a6d011dd0@XCH-RCD-017.cisco.com>
References: <20151014204935.16722.52620.idtracker@ietfa.amsl.com> <561EC1B5.3000206@akamai.com> <f96d4d9f87e142ef8d7cbb8a6d011dd0@XCH-RCD-017.cisco.com>
From: Justin Uberti <juberti@google.com>
Date: Wed, 14 Oct 2015 23:07:57 -0700
Message-ID: <CAOJ7v-2tXbMVROQvFnCcMO379dB62Cafscvw3OMkOgAZFSJKHw@mail.gmail.com>
To: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
Content-Type: multipart/alternative; boundary="001a11457d6e44cc2405221e816e"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tram/zTScT-fqTMd8eR6Wqmoo6vfBUZQ>
Cc: "tram@ietf.org" <tram@ietf.org>, Brandon Williams <brandon.williams@akamai.com>
Subject: Re: [tram] Fwd: New Version Notification for draft-williams-tram-ufrag-permission-00.txt
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Oct 2015 06:08:19 -0000
DDOS of spoofed ICE requests can happen already against the host/srflx candidate, so unclear this is a real-world problem. On Wed, Oct 14, 2015 at 7:39 PM, Tirumaleswar Reddy (tireddy) < tireddy@cisco.com> wrote: > To handle DDOS attack of spoofed ICE requests, did you consider the option > of signaling the endpoint's short-term password to TURN server so as to > block those ICE requests ? > draft-jennings-behave-rtcweb-firewall-01 and this draft are both > discussing STUN inspection on firewalls and TURN servers but in different > ways to solve different problems. > > -Tiru > > > -----Original Message----- > > From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Brandon Williams > > Sent: Thursday, October 15, 2015 2:27 AM > > To: tram@ietf.org > > Subject: [tram] Fwd: New Version Notification for > draft-williams-tram-ufrag- > > permission-00.txt > > > > I just posted the below referenced draft. It's focused on improving the > speed > > of relayed ICE connectivity checks by defining a new type of permission > that > > makes use of the offerer's ICE ufrag. > > > > We will appreciate your comments. > > > > Thanks, > > --Brandon > > > > > > -------- Forwarded Message -------- > > Subject: New Version Notification for > > draft-williams-tram-ufrag-permission-00.txt > > Date: Wed, 14 Oct 2015 13:49:35 -0700 > > From: internet-drafts@ietf.org > > To: Brandon Williams <brandon.williams@akamai.com>, Brandon Williams > > <brandon.williams@akamai.com>, Justin Uberti <justin@uberti.name>, > > Justin Uberti <justin@uberti.name> > > > > > > A new version of I-D, draft-williams-tram-ufrag-permission-00.txt > > has been successfully submitted by Brandon Williams and posted to the > IETF > > repository. > > > > Name: draft-williams-tram-ufrag-permission > > Revision: 00 > > Title: Ufrag Permissions for Traversal Using Relays > around NAT > > (TURN) > > Document date: 2015-10-14 > > Group: Individual Submission > > Pages: 9 > > URL: > > > https://www.ietf.org/internet-drafts/draft-williams-tram-ufrag-permission- > > 00.txt > > Status: > > https://datatracker.ietf.org/doc/draft-williams-tram-ufrag-permission/ > > Htmlized: > > https://tools.ietf.org/html/draft-williams-tram-ufrag-permission-00 > > > > > > Abstract: > > When using a TURN relay, ICE connectivity checks require an explicit > > permission or channel binding to be established for each peer address > > to be checked. This requires the answerer to send its candidate > > addresses to the offerer via the rendezvous server, which can impose > > a latency penalty when the rendezvous server is centrally located. > > This document defines a new type of TURN permission that will allow > > any ICE connectivity check message that contains the offerer's ufrag > > value to be accepted on a relay address for delivery over the > > associated TURN tunnel. > > > > > > > > > > > > Please note that it may take a couple of minutes from the time of > submission > > until the htmlized version and diff are available at tools.ietf.org. > > > > The IETF Secretariat > > > > > > > > _______________________________________________ > > tram mailing list > > tram@ietf.org > > https://www.ietf.org/mailman/listinfo/tram > > _______________________________________________ > tram mailing list > tram@ietf.org > https://www.ietf.org/mailman/listinfo/tram >
- [tram] Fwd: New Version Notification for draft-wi… Brandon Williams
- Re: [tram] Fwd: New Version Notification for draf… Tirumaleswar Reddy (tireddy)
- Re: [tram] Fwd: New Version Notification for draf… Justin Uberti
- Re: [tram] Fwd: New Version Notification for draf… Tirumaleswar Reddy (tireddy)
- Re: [tram] Fwd: New Version Notification for draf… Brandon Williams
- Re: [tram] Fwd: New Version Notification for draf… Tirumaleswar Reddy (tireddy)
- Re: [tram] Fwd: New Version Notification for draf… Tirumaleswar Reddy (tireddy)