[BEHAVE] Opsdir Review of draft-ietf-behave-turn-uri-03.txt
Margaret Wasserman <mrw@lilacglade.org> Tue, 20 October 2009 15:08 UTC
Return-Path: <mrw@lilacglade.org>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7C64628C11E; Tue, 20 Oct 2009 08:08:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.265
X-Spam-Level:
X-Spam-Status: No, score=-2.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zzEEwgtEKZys; Tue, 20 Oct 2009 08:08:50 -0700 (PDT)
Received: from sirocco.sandstorm.net (sirocco.sandstorm.net [69.33.111.75]) by core3.amsl.com (Postfix) with ESMTP id 4FE8A28C10C; Tue, 20 Oct 2009 08:08:50 -0700 (PDT)
Received: from [10.2.0.20] (ip-69-33-111-74.bos.megapath.net [69.33.111.74]) (authenticated bits=0) by sirocco.sandstorm.net (8.13.8/8.13.3) with ESMTP id n9KF8nFS082573 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 20 Oct 2009 11:08:49 -0400 (EDT) (envelope-from mrw@lilacglade.org)
From: Margaret Wasserman <mrw@lilacglade.org>
To: Behave WG <behave@ietf.org>
In-Reply-To: <01c101ca509f$f314a8c0$8e27460a@china.huawei.com>
X-Priority: 3
References: <01c101ca509f$f314a8c0$8e27460a@china.huawei.com>
Message-Id: <61FFB311-CA42-4EE4-A6F9-3DE0581A9E8F@lilacglade.org>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Tue, 20 Oct 2009 11:08:47 -0400
X-Mailer: Apple Mail (2.936)
Cc: ops-dir@ietf.org
Subject: [BEHAVE] Opsdir Review of draft-ietf-behave-turn-uri-03.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2009 15:08:51 -0000
Hello Behave Folks,
As a member of the Operations Directorate, I was asked to review
draft-ietf-behave-turn-uri-03.txt.
I have some operational concerns with this document that should probably
be resolved before the document is published. I apologize in advance
if my comments reflect a lack of knowledge of this subject.
In section 4, there is a numbered list of ways in which the TURN
resolution may be processed, and this appears to be the core of the
document. I have spent a considerable amount of time trying to figure
out what this list says, and I have not been completely successful.
My current understanding is as follows:
(1.) If the <host> is an IP address, the other fields are filled in as
follows:
- <port> is set to the value in the URI if present, or to the
default in draft-ietf-behave-turn.
- If <transport> is defined:
> <scheme> and <transport> are converted to a TURN transport.
- If <transport> is not defined:
> The supported transports are tried in order of
preference.
If <host> is a Domain Name, the fields are filled in as follows:
(2.)- If <port> is defined:
> <host> is resolved to a list of IP addresses via DNS.
> If <transport> is defined:
>> <scheme> and <transport> are converted to a TURN
transport
> If <transport> is not defined:
>> The supported transports are tried in order of
preference.
- If <port> is not defined:
(3.) > If <transport> is defined:
>> <host> is converted to list of IP address
and port tuples via a DNS SRV query, with
<scheme> as the service name and <transport>
as the protocol name.
[There is some wording here about the fact that the
SRV algorith recommends doing an A query, but it
doesn't actually say to do one, and the text above
this already indicates that you would have reached
the TURN server or returned an error.]
(4.) > If <transport> is not defined:
>> <host> is convered to an ordered list of
IP Address, port and and transport tuples
via the S-NAPTR algorithm.
>> The TURN transports supported by the
application are then converted into
Application Protocol Tags, and the protocol
tags are "tried" in some order.
[It is not clear, to me, what it means to
"try" a protocol tag. Also, we seem to
using all of the tags supported by the
application, not anything returned from
the S-NAPTR algorithm?]
[Again, we have the problem that there is
text after the previous text has either
succeeded or returned an error. In this
case, it says that the <host> is converted
to a list of IP Address and Port tuples
using the algorithm in section 3 "for each
of the TURN transports supported by the
application". It is not clear to me what
this means, exactly.]
In addition to not being able to decipher exactly what steps
should be performed, I am somewhat concerned about what I
consider to be an artificial distinction between domain names
and IP addresses. Is it actually the case that you cannot
use the S-NAPTR algorithm and/or look up SRV records using an
IP address instead of a Domain Name? I am somewhat concerned
about the impacts of this choice on management and debugging,
although I am not sure if the problem lies in this document
or in the S-NAPTR and SRV documents.
I also have a couple of suggestions that might make the URI scheme
more straightforward for operators and users:
(1) Why is it desirable to overload the transport name "tcp" in the
URI scheme to mean TCP for TURN and TLS for TURNS, when similar
overloading is not present in the NAPTR definition? Is there some
advantage to doing so that offsets the potential for confusion?
(2) At various places in this document, decision trees are represented
as numbered or bulleted lists, instead of laying out the choices
at each layer. While I think that the lists are logically
consistent and represent all of the choices, this format does not
make it easy to tell.
(3) It would be better to include a more complete range of examples
showing all of the different permutations.
Margaret
- [BEHAVE] Opsdir Review of draft-ietf-behave-turn-… Margaret Wasserman
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Margaret Wasserman
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Margaret Wasserman
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Margaret Wasserman
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… WashamFan
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- [BEHAVE] Using TLS with a "turn:" URI [was Re: Op… Marc Petit-Huguenin
- [BEHAVE] TURN URI implicit processing [was Re: Op… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] TURN URI implicit processing [was Re… Margaret Wasserman
- Re: [BEHAVE] TURN URI implicit processing [was Re… Marc Petit-Huguenin