Re: [Wish] Can a client switch tokens?

Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com> Mon, 15 January 2024 09:34 UTC

Return-Path: <sergio.garcia.murillo@gmail.com>
X-Original-To: wish@ietfa.amsl.com
Delivered-To: wish@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 399A1C14F61A for <wish@ietfa.amsl.com>; Mon, 15 Jan 2024 01:34:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZCsWZ_LaTlgN for <wish@ietfa.amsl.com>; Mon, 15 Jan 2024 01:34:35 -0800 (PST)
Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA920C14F614 for <wish@ietf.org>; Mon, 15 Jan 2024 01:34:35 -0800 (PST)
Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-5537dd673e5so6810728a12.0 for <wish@ietf.org>; Mon, 15 Jan 2024 01:34:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705311273; x=1705916073; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=UhZOJYcvOqVPklna4nT/IRQXQvtwTRXSh5EogsHtfOY=; b=cIIAeIrahPBI6gpjls7q33sN+9N4RAF3+q1k5rrkTBiy8UtavufDl4w/HAZZ7r6n7a V1vQZ1rl03Xe5B+3VrIQwrOC9w8CS1Yzymhp61DSZgaDP7jJys7JoLYKMASyQwovHGvV QaVFPPWX+dI6fYl/b4nxIDpUhfi/Wjr9DRmAQFE/fckfIuopcSqyPLaJTA4RUFIJ+PBL ug2A2/omvacZLJFg/uLW1mHL9oM5Wvu9gEzoPiQLHPx0prgQHIkONwxo8Kg1wSkj3EgK qsReUzR2PnBQvHSucigq9lEbvYXON5Ct6CX7pX0a/JQLPY5Pv9FxMsBqnFTdZXR2aY92 e06g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705311273; x=1705916073; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=UhZOJYcvOqVPklna4nT/IRQXQvtwTRXSh5EogsHtfOY=; b=ZjGJnNHBSunOWK0yZ+5zRlYf9PZvzplJh9A4tCPBz8u2OAhVt3wS0MZugU5O0pJZ1M MW2c6gWGP7QG6aAVGHV9heNgs3ctktWKh4rLMivs4Nr8xUNE1S5P3BRpgxgL/wSmHb4p 3ZoYopjJZ4OZYzF1uvir6RsHlxtoAoOumFw2sdVxa2VQ8xeermAjqTADApElVim9Tl8u jTIbFjaSfz2HIZqSNhkasn4rH6bmiDpQyuUfc8YEklhOPEWe+8uhoUsKa+iRX4JRdayT HVFJjWRfHVTCuPp4Q0mIf4gbsEc2+vi60lIUoFJ3opA1NgOZm+ilAZZytCUWv/8ZoPbc wnYw==
X-Gm-Message-State: AOJu0Yy86ZegEyqUARfKbMl4hqqpi6Brhk9Pi8i/lyHI3jp3MzMu9k+y GeYjow7gpClaYl7aToVxNENvX06gvCLg+oHTcc1AtEiV
X-Google-Smtp-Source: AGHT+IErezHbeEFkhTi6WJESshewwc+bbQZ55emwNEVrfnyfKtESmUWdPZ7qy6wzclUz43WNKHpWJDqQZxQMmX7/yvs=
X-Received: by 2002:a05:6402:2146:b0:559:2e6:bb18 with SMTP id bq6-20020a056402214600b0055902e6bb18mr1415125edb.62.1705311273365; Mon, 15 Jan 2024 01:34:33 -0800 (PST)
MIME-Version: 1.0
References: <87v87x46xu.wl-jch@irif.fr> <CA+ag07a0E7itrUONH8c8skZU_-bw_-bddjZtCa8Sho7YhL2WCQ@mail.gmail.com> <87edek4qn8.wl-jch@irif.fr> <CA+ag07btC4fxv52hkd3W=h6pMXUrDvuWBLJY_m17DT6Dimnufg@mail.gmail.com> <87frz0hvxl.wl-jch@irif.fr>
In-Reply-To: <87frz0hvxl.wl-jch@irif.fr>
From: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
Date: Mon, 15 Jan 2024 10:34:22 +0100
Message-ID: <CA+ag07Z7aDor-GOEwx_cE8ww9f5QjPOrJ_h-nkGiCUEe6g3e5Q@mail.gmail.com>
To: Juliusz Chroboczek <jch@irif.fr>
Cc: WISH List <wish@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ae33b3060ef8b810"
Archived-At: <https://mailarchive.ietf.org/arch/msg/wish/6PafIMAnLgptw4R5eSTdrseytX0>
Subject: Re: [Wish] Can a client switch tokens?
X-BeenThere: wish@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: WebRTC Ingest Signaling over HTTPS <wish.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wish>, <mailto:wish-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wish/>
List-Post: <mailto:wish@ietf.org>
List-Help: <mailto:wish-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wish>, <mailto:wish-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jan 2024 09:34:36 -0000

I only require authentication for the initial POST request, the
PATCH/DELETE security relies on the url randomness.

Note that tokens don't have any semantics in WHIP, so the expiration time
is something that you have decided to implement in Galene, and it should be
Galene the one who should decide what to do with expired tokens.

The client has no notion about it and won't know how to handle it.

Best regards
Sergio



On Sun, Jan 14, 2024 at 2:43 PM Juliusz Chroboczek <jch@irif.fr> wrote:

> > what do you mean by switch/update tokens?
>
> The client C requests a token T1.
>
> C uses T1 to create a WHIP session:
>
>   C->S: POST(T1) offer
>   S->C: answer
>
> An hour later, C decides to do an ICE restart.  However, T1 has expired.
> There are two possible client behaviours:
>
> 1. C uses token T1 for the ICE restart, even though it has expired:
>
>   C->S: PATCH(T1)
>
> 2. C requests a new token T2, and uses the new, unexpired token:
>
>   C->S: PATCH(T2)
>
> In case 1, the server needs to allow the client to use an expired token
> with a WHIP session, as long as the token is identical to the one used for
> creating the session.  This is easy to implement, both on the client (the
> client never renews a token) and on the server (the server retains the
> original token in the data structure that represents a WHIP session).
>
> In case 2, the server needs to allow the client to use a different token
> for PATCH requests than the one used during session creation.  There is
> also the need to communicate to the client the information that a token
> has expired.  I have no idea how to implement case 2.
>
> Galene currently uses approach 1, it stores the token used for session
> creation and allows it to be reused for PATCH even when it has expired.
> Is this the intended behaviour for a WHIP client?  If it is, then I think
> we need to document (possibly in an informational appendix) that a PATCH
> request may use an expired token.  If it is not, then please explain the
> intended behaviour.
>
> -- Juliusz
>