Re: [Wish] Can a client switch tokens?

Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com> Sun, 14 January 2024 07:12 UTC

Return-Path: <sergio.garcia.murillo@gmail.com>
X-Original-To: wish@ietfa.amsl.com
Delivered-To: wish@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F1B5C14F616 for <wish@ietfa.amsl.com>; Sat, 13 Jan 2024 23:12:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cb2Jiq2mnnFv for <wish@ietfa.amsl.com>; Sat, 13 Jan 2024 23:12:28 -0800 (PST)
Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEE6EC14F60C for <wish@ietf.org>; Sat, 13 Jan 2024 23:12:28 -0800 (PST)
Received: by mail-ed1-x529.google.com with SMTP id 4fb4d7f45d1cf-55783b7b47aso8110264a12.0 for <wish@ietf.org>; Sat, 13 Jan 2024 23:12:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705216347; x=1705821147; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Nd19QHHkEHcwyLNI4WsfZidYBGB4j8oeB37OWzTV5r4=; b=U+Lz7QPt7ds4P+UIAjtNM3PoZdOAQJCJa+0akh9qTaI1UuqmEzXXSmJ5/0K3gRxj5+ ys6UR785SCffSEQdMvJo/r7EAHGWsZ1BI5NGKuyqCZbe8JMmRxczMvhkNYshVvH5xkHz On4WQDUWQPJ+3SlsS9ZfYCF6TItuLU+shxs12DJMrt8mvvHfQss4xL1Hsa0mtdUNoeco vPvr3ovrPYi2SMxU9JCOr2oeY45HZRTY3Kfu8Lw84LkWDESjuhUANH534VUSN/bwaTul 1f5V/h4yiTKJCD+D3fr6uMGiaUrhiJZsOJxgzWyiUjYPvp2NY1/sA54yNhWcbs1zzpCI W1Mg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705216347; x=1705821147; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Nd19QHHkEHcwyLNI4WsfZidYBGB4j8oeB37OWzTV5r4=; b=qGwe6j0+AKTTB2fra7wPAyuHTkypbV/n7JvFGyxw3GKYxjceHlx/XcBtUTPXlG4RKg unDjekilakfLgvD+acH7l1NfsUXISC89VYSb9OJVbiilG/rhiObfY/P24YRvEyWNCqUF fckPWj4VCjz38xBYCIHtUx+m3hEluv0/eDDTzMiUWGuInXKo4eNMy/c0qvRFjMAt7tjS Nc/ZC7KQ3FRRokSWOdMEDojODFrtqLCOiiY5SCbfpZXwLlLlUYgUSQ9Ti4MpqfmVagUk 2QhIrqsTrmkpH8WhdEE67ud6s6aIJzj9F30whau6bH9Pjbo4aqxOfTBOrMD6BTC4m9pC 2AnA==
X-Gm-Message-State: AOJu0Yyf3SXN8IINRlKRBN+QCvwjzB+1L1+p8edFYNG1XpK4bD62LQf1 plILuoHv1QavU6oBWWzpTuWxoz+OQubcpNqRciqJ2/Ge
X-Google-Smtp-Source: AGHT+IFD+KOrTslI1L3OXrLpV7gK2yD59qxmbzAmcZ72A1BDaXZyWmj4L+qVl4ZYnTUDusY6dfMLKOzR2V0TQg8Njjo=
X-Received: by 2002:a05:6402:5202:b0:558:d960:e2ea with SMTP id s2-20020a056402520200b00558d960e2eamr1401719edd.13.1705216346713; Sat, 13 Jan 2024 23:12:26 -0800 (PST)
MIME-Version: 1.0
References: <87v87x46xu.wl-jch@irif.fr> <CA+ag07a0E7itrUONH8c8skZU_-bw_-bddjZtCa8Sho7YhL2WCQ@mail.gmail.com> <87edek4qn8.wl-jch@irif.fr>
In-Reply-To: <87edek4qn8.wl-jch@irif.fr>
From: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Date: Sun, 14 Jan 2024 08:12:15 +0100
Message-ID: <CA+ag07btC4fxv52hkd3W=h6pMXUrDvuWBLJY_m17DT6Dimnufg@mail.gmail.com>
To: Juliusz Chroboczek <jch@irif.fr>
Cc: WISH List <wish@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000009c72f5060ee29e13"
Archived-At: <https://mailarchive.ietf.org/arch/msg/wish/2dvR-iVzusIsmorU4uPkzArjzkw>
Subject: Re: [Wish] Can a client switch tokens?
X-BeenThere: wish@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: WebRTC Ingest Signaling over HTTPS <wish.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wish>, <mailto:wish-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wish/>
List-Post: <mailto:wish@ietf.org>
List-Help: <mailto:wish-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wish>, <mailto:wish-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Jan 2024 07:12:29 -0000

what do you mean by switch/update tokens?

El dom, 14 ene 2024, 3:04, Juliusz Chroboczek <jch@irif.fr> escribió:

> > In order to prevent this scenario, WHIP endpoints SHOULD generate URLs
> > with enough randomness,
>
> I already do that, thanks.
>
> My question is whether I should allow switching tokens mid-session, or
> whether I should accept expired tokens on the session endpoint.  I can see
> pros to either approach, so I'd like some advice from people wiser than me.
>
> (None of the clients that I've played with appear to be able to renew
> a token mid-session, so perhaps it's better to accept expired tokens and
> bind the token to the one used in the initial request.)
>
> -- Juliusz
>