[BEHAVE] Opsdir Review of draft-ietf-behave-turn-uri-03.txt
Margaret Wasserman <mrw@lilacglade.org> Tue, 20 October 2009 15:08 UTC
Return-Path: <mrw@lilacglade.org>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7C64628C11E; Tue, 20 Oct 2009 08:08:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.265
X-Spam-Level:
X-Spam-Status: No, score=-2.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zzEEwgtEKZys; Tue, 20 Oct 2009 08:08:50 -0700 (PDT)
Received: from sirocco.sandstorm.net (sirocco.sandstorm.net [69.33.111.75]) by core3.amsl.com (Postfix) with ESMTP id 4FE8A28C10C; Tue, 20 Oct 2009 08:08:50 -0700 (PDT)
Received: from [10.2.0.20] (ip-69-33-111-74.bos.megapath.net [69.33.111.74]) (authenticated bits=0) by sirocco.sandstorm.net (8.13.8/8.13.3) with ESMTP id n9KF8nFS082573 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 20 Oct 2009 11:08:49 -0400 (EDT) (envelope-from mrw@lilacglade.org)
From: Margaret Wasserman <mrw@lilacglade.org>
To: Behave WG <behave@ietf.org>
In-Reply-To: <01c101ca509f$f314a8c0$8e27460a@china.huawei.com>
X-Priority: 3
References: <01c101ca509f$f314a8c0$8e27460a@china.huawei.com>
Message-Id: <61FFB311-CA42-4EE4-A6F9-3DE0581A9E8F@lilacglade.org>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Tue, 20 Oct 2009 11:08:47 -0400
X-Mailer: Apple Mail (2.936)
Cc: ops-dir@ietf.org
Subject: [BEHAVE] Opsdir Review of draft-ietf-behave-turn-uri-03.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2009 15:08:51 -0000
Hello Behave Folks, As a member of the Operations Directorate, I was asked to review draft-ietf-behave-turn-uri-03.txt. I have some operational concerns with this document that should probably be resolved before the document is published. I apologize in advance if my comments reflect a lack of knowledge of this subject. In section 4, there is a numbered list of ways in which the TURN resolution may be processed, and this appears to be the core of the document. I have spent a considerable amount of time trying to figure out what this list says, and I have not been completely successful. My current understanding is as follows: (1.) If the <host> is an IP address, the other fields are filled in as follows: - <port> is set to the value in the URI if present, or to the default in draft-ietf-behave-turn. - If <transport> is defined: > <scheme> and <transport> are converted to a TURN transport. - If <transport> is not defined: > The supported transports are tried in order of preference. If <host> is a Domain Name, the fields are filled in as follows: (2.)- If <port> is defined: > <host> is resolved to a list of IP addresses via DNS. > If <transport> is defined: >> <scheme> and <transport> are converted to a TURN transport > If <transport> is not defined: >> The supported transports are tried in order of preference. - If <port> is not defined: (3.) > If <transport> is defined: >> <host> is converted to list of IP address and port tuples via a DNS SRV query, with <scheme> as the service name and <transport> as the protocol name. [There is some wording here about the fact that the SRV algorith recommends doing an A query, but it doesn't actually say to do one, and the text above this already indicates that you would have reached the TURN server or returned an error.] (4.) > If <transport> is not defined: >> <host> is convered to an ordered list of IP Address, port and and transport tuples via the S-NAPTR algorithm. >> The TURN transports supported by the application are then converted into Application Protocol Tags, and the protocol tags are "tried" in some order. [It is not clear, to me, what it means to "try" a protocol tag. Also, we seem to using all of the tags supported by the application, not anything returned from the S-NAPTR algorithm?] [Again, we have the problem that there is text after the previous text has either succeeded or returned an error. In this case, it says that the <host> is converted to a list of IP Address and Port tuples using the algorithm in section 3 "for each of the TURN transports supported by the application". It is not clear to me what this means, exactly.] In addition to not being able to decipher exactly what steps should be performed, I am somewhat concerned about what I consider to be an artificial distinction between domain names and IP addresses. Is it actually the case that you cannot use the S-NAPTR algorithm and/or look up SRV records using an IP address instead of a Domain Name? I am somewhat concerned about the impacts of this choice on management and debugging, although I am not sure if the problem lies in this document or in the S-NAPTR and SRV documents. I also have a couple of suggestions that might make the URI scheme more straightforward for operators and users: (1) Why is it desirable to overload the transport name "tcp" in the URI scheme to mean TCP for TURN and TLS for TURNS, when similar overloading is not present in the NAPTR definition? Is there some advantage to doing so that offsets the potential for confusion? (2) At various places in this document, decision trees are represented as numbered or bulleted lists, instead of laying out the choices at each layer. While I think that the lists are logically consistent and represent all of the choices, this format does not make it easy to tell. (3) It would be better to include a more complete range of examples showing all of the different permutations. Margaret
- [BEHAVE] Opsdir Review of draft-ietf-behave-turn-… Margaret Wasserman
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Margaret Wasserman
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Margaret Wasserman
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Margaret Wasserman
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… WashamFan
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- [BEHAVE] Using TLS with a "turn:" URI [was Re: Op… Marc Petit-Huguenin
- [BEHAVE] TURN URI implicit processing [was Re: Op… Marc Petit-Huguenin
- Re: [BEHAVE] Opsdir Review of draft-ietf-behave-t… Marc Petit-Huguenin
- Re: [BEHAVE] TURN URI implicit processing [was Re… Margaret Wasserman
- Re: [BEHAVE] TURN URI implicit processing [was Re… Marc Petit-Huguenin