Skip to main content

Traversal Using Relays around NAT (TURN) Resolution Mechanism
draft-ietf-behave-turn-uri-10

Revision differences

Document history

Date Rev. By Action
2012-08-22
10 (System) post-migration administrative database adjustment to the No Objection position for Pasi Eronen
2012-08-22
10 (System) post-migration administrative database adjustment to the No Objection position for Gonzalo Camarillo
2010-05-07
10 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2010-05-07
10 (System) IANA Action state changed to Waiting on RFC Editor from In Progress
2010-05-07
10 (System) IANA Action state changed to In Progress from Waiting on Authors
2010-05-07
10 (System) IANA Action state changed to Waiting on Authors from In Progress
2010-05-07
10 Amy Vezza State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2010-05-07
10 (System) IANA Action state changed to In Progress
2010-05-07
10 Amy Vezza IESG state changed to Approved-announcement sent
2010-05-07
10 Amy Vezza IESG has approved the document
2010-05-07
10 Amy Vezza Closed "Approve" ballot
2010-05-07
10 Amy Vezza State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Amy Vezza
2010-05-03
10 David Harrington [Ballot Position Update] New position, Yes, has been recorded by David Harrington
2010-05-03
10 Gonzalo Camarillo [Ballot Position Update] Position for Gonzalo Camarillo has been changed to No Objection from Discuss by Gonzalo Camarillo
2010-04-16
10 Gonzalo Camarillo
[Ballot discuss]
I am picking up Cullen's discuss:

Discuss (2010-02-25)

I discussed this with Magnus today and I think we both came to about the …
[Ballot discuss]
I am picking up Cullen's discuss:

Discuss (2010-02-25)

I discussed this with Magnus today and I think we both came to about the same
conclusion.

In the say way that _turn._udp needs a normative ref to TURN, the _turn._tcp
needs a normative ref to TURN-TCP as that defines the protocol that this service
will provide.

On the topic of DNS resolution, TURN defines one way, this draft defines a
different way. Having two ways is not a good thing and will lead to
interoperability problems. The WG has consensus to do it one way or the other
not both. If we want to do it this way, TURN should be yanked out of RFC Ed Q
and changed. If not, this doc should do it the way TURN does. I do not
understand any significant advantages of using the way over the way in TURN.
2010-04-16
10 Gonzalo Camarillo [Ballot Position Update] New position, Discuss, has been recorded by Gonzalo Camarillo
2010-03-31
10 David Harrington [Note]: 'Document shepherd is Dan Wing, dwing@cisco.com' added by David Harrington
2010-03-31
10 David Harrington Responsible AD has been changed to David Harrington from Magnus Westerlund
2010-02-28
10 (System) New version available: draft-ietf-behave-turn-uri-10.txt
2010-02-25
10 Cullen Jennings [Ballot comment]
2010-02-25
10 Cullen Jennings
[Ballot discuss]
I discussed this with Magnus today and I think we both came to about the same conclusion.

In the say way that _turn._udp …
[Ballot discuss]
I discussed this with Magnus today and I think we both came to about the same conclusion.

In the say way that _turn._udp needs a normative ref to TURN, the _turn._tcp needs a normative ref to TURN-TCP as that defines the protocol that this service will provide.

On the topic of DNS resolution, TURN defines one way, this draft defines a different way. Having two ways is not a good thing and will lead to interoperability problems. The WG has consensus to do it one way or the other not both. If we want to do it this way, TURN should be yanked out of RFC Ed Q and changed. If not, this doc should do it the way TURN does. I do not understand any significant advantages of using the way over the way in TURN.
2010-02-10
10 Pasi Eronen [Ballot Position Update] Position for Pasi Eronen has been changed to No Objection from Discuss by Pasi Eronen
2010-01-30
10 (System) Sub state has been changed to AD Follow up from New Id Needed
2010-01-30
09 (System) New version available: draft-ietf-behave-turn-uri-09.txt
2010-01-22
10 (System) Removed from agenda for telechat - 2010-01-21
2010-01-21
10 Cindy Morgan State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Cindy Morgan
2010-01-21
10 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded by Jari Arkko
2010-01-21
10 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley
2010-01-21
10 Ross Callon [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon
2010-01-21
10 Pasi Eronen
[Ballot discuss]
I have reviewed draft-ietf-behave-turn-uri-08, and have one concern
that I'd like to discuss before recommending approval of the document:

Opening a TLS …
[Ballot discuss]
I have reviewed draft-ietf-behave-turn-uri-08, and have one concern
that I'd like to discuss before recommending approval of the document:

Opening a TLS connection usually requires knowing the "reference
identity": this is the identity the client expects to find somewhere
in the server's certificate (more details about the "somewhere" part
are in, e.g., RFC 2818 or draft-saintandre-tls-server-id-check, but
those are not really relevant for this discussion).

In some cases, it's fairly obvious what the reference identity is.
For example, in step 2 (in Section 3), the reference identity would
probably be "" (the domain name provided as input). Step 1 is
also probably quite straightforward.

However, in steps 3..5 it's not obvious what the reference identity
would be (and unfortunately, it seems RFC 5389 is also quite ambiguous
here).

The secure choice is "", and that's what RFC 3958 says.

However, this is not necessarily straightforward deployment-wise: if
is "example.com", the server's certificate needs to have name
"example.com" (and not, e.g., "stunserver4.example.com" or
"*.example.com"). And in the scenario considered in Section 1 where a
VoIP provider uses servers deployed by another company, that another
company can't use certificates it has already obtained (e.g.
"server4.anothercompany.example"), but instead has to have one
provided by the VoIP provider (and has to use either its IP address or
TLS "server_name" extension to select which certificate to send to the
client).

At the very least, the document should clearly say that "" is
the reference identity, and explain the implications: if somebody is
currently running "stunserver4.example.com" and using just A/AAAA
lookup to find it (step 2, essentially), they cannot start using
SRV/NAPTR records (steps 3..5) without also changing the server's
certificate.

Other choices for the reference identity (such as "the name in the
final A/AAAA record found through steps 3..5") would not require
changing the certificate, but are basically insecure (or assume
DNSSEC).

(I also looked to see what RFC 5389 says about this, but unfortunately
the text is very ambiguous. Section 7.2.2 says the reference identity
is "the domain name or IP address used in Section 8.1" (should be
Section 9; just a typo/renumbering bug). But Section 9 would typically
use at least three different domain names: (1) the configured domain name,
like "example.com"; (2) the domain name used in the SRV query, like
"_stuns._tcp.example.com"; and (3) the domain name found in the SRV
record and used for A/AAAA lookup, like "stunserver3.foobar.example".
And they have *very* different security implications...)
2010-01-20
10 Pasi Eronen [Ballot Position Update] New position, Discuss, has been recorded by Pasi Eronen
2010-01-20
10 Cullen Jennings [Ballot comment]
Adding an informative reference to Marc reference implementation would help people.
2010-01-20
10 Cullen Jennings
[Ballot discuss]
It seems like this should normatively reference TURN TCP.

I'd like to talk about how this changes the base TURN spec handling of …
[Ballot discuss]
It seems like this should normatively reference TURN TCP.

I'd like to talk about how this changes the base TURN spec handling of A and AAAA lookups. It seems like this changes it in a non backwards compatible way that would break existing deployments that are not using SRV. If this is the case, I think we need to change that.
2010-01-20
10 Cullen Jennings [Ballot Position Update] New position, Discuss, has been recorded by Cullen Jennings
2010-01-20
10 Robert Sparks [Ballot Position Update] New position, No Objection, has been recorded by Robert Sparks
2010-01-20
10 Ron Bonica [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica
2010-01-20
10 Dan Romascanu [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu
2010-01-19
10 Lisa Dusseault [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault
2010-01-19
10 Ralph Droms [Ballot Position Update] New position, No Objection, has been recorded by Ralph Droms
2010-01-19
10 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert
2010-01-18
10 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded by Adrian Farrel
2010-01-18
10 Tim Polk [Ballot Position Update] Position for Tim Polk has been changed to No Objection from Undefined by Tim Polk
2010-01-18
10 Tim Polk [Ballot Position Update] Position for Tim Polk has been changed to Undefined from Discuss by Tim Polk
2010-01-18
10 Tim Polk [Ballot Position Update] New position, Discuss, has been recorded by Tim Polk
2010-01-17
08 (System) New version available: draft-ietf-behave-turn-uri-08.txt
2010-01-16
10 Alexey Melnikov [Ballot Position Update] New position, No Objection, has been recorded by Alexey Melnikov
2010-01-16
10 Alexey Melnikov
[Ballot comment]
The first mentioning of TLS probably needs an Informative reference to TLS 1.2. Its use in Section 5 probably means that the reference …
[Ballot comment]
The first mentioning of TLS probably needs an Informative reference to TLS 1.2. Its use in Section 5 probably means that the reference is Normative.

In Section 3:
  After verifying the validity of the URI elements, the algorithm
  filters the list of TURN transports supported by the application by
  removing the UDP and TCP TURN transport if  is true.

Firstly, URI needs an Informative reference. Secondly, this is the first time that the term URI is mentioned, so it is not entirely clear what you mean here (Ok, I can guess, but the point still stands.)

The following Normative reference is no longer used:

  [RFC5234]  Crocker, D. and P. Overell, "Augmented BNF for Syntax
              Specifications: ABNF", STD 68, RFC 5234, January 2008.

The following Informative reference is not used as well:

  [RFC4395]  Hansen, T., Hardie, T., and L. Masinter, "Guidelines and
              Registration Procedures for New URI Schemes", BCP 35,
              RFC 4395, February 2006.
2010-01-14
07 (System) New version available: draft-ietf-behave-turn-uri-07.txt
2010-01-14
10 Magnus Westerlund Placed on agenda for telechat - 2010-01-21 by Magnus Westerlund
2010-01-14
10 Magnus Westerlund State Changes to IESG Evaluation from Waiting for AD Go-Ahead::AD Followup by Magnus Westerlund
2010-01-14
10 Magnus Westerlund [Ballot Position Update] New position, Yes, has been recorded for Magnus Westerlund
2010-01-14
10 Magnus Westerlund Ballot has been issued by Magnus Westerlund
2010-01-14
10 Magnus Westerlund Created "Approve" ballot
2010-01-13
10 (System) Sub state has been changed to AD Follow up from New Id Needed
2010-01-13
06 (System) New version available: draft-ietf-behave-turn-uri-06.txt
2010-01-13
10 Magnus Westerlund State Changes to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead by Magnus Westerlund
2010-01-13
10 Magnus Westerlund IETF last call comments received from Ted Hardie and Spencer Dawkins.
2010-01-13
10 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2010-01-11
10 Amanda Baber
IANA comments:

Upon approval of this document, IANA will make new assignments in
the "Straightforward-NAPTR (S-NAPTR) Parameters" registry at
http://iana.org/assignments/s-naptr-parameters/s-naptr-parameters.xhtml

ACTION 1:

Registry Name: S-NAPTR …
IANA comments:

Upon approval of this document, IANA will make new assignments in
the "Straightforward-NAPTR (S-NAPTR) Parameters" registry at
http://iana.org/assignments/s-naptr-parameters/s-naptr-parameters.xhtml

ACTION 1:

Registry Name: S-NAPTR Application Service Tags

Tag Reference
----- ---------
RELAY [RFC-behave-turn-uri-05]


ACTION 2:

Registry Name: S-NAPTR Application Protocol Tags

Tag Reference
-------- ---------
turn.udp [RFC-behave-turn-uri-05]
turn.tcp [RFC-behave-turn-uri-05]
turn.tls [RFC-behave-turn-uri-05]
2009-12-24
10 Samuel Weiler Request for Last Call review by SECDIR Completed. Reviewer: Jürgen Schönwälder.
2009-12-18
10 Samuel Weiler Request for Last Call review by SECDIR is assigned to Jürgen Schönwälder
2009-12-18
10 Samuel Weiler Request for Last Call review by SECDIR is assigned to Jürgen Schönwälder
2009-12-16
10 Amy Vezza Last call sent
2009-12-16
10 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2009-12-16
10 Magnus Westerlund State Changes to Last Call Requested from Waiting for AD Go-Ahead::AD Followup by Magnus Westerlund
2009-12-16
10 Magnus Westerlund Last Call was requested by Magnus Westerlund
2009-12-07
10 Magnus Westerlund Status date has been changed to 2009-12-14 from
2009-12-07
10 Magnus Westerlund
New version is in a new WG last call that ends the 11th due to massive changes to the document. Intended to do a new …
New version is in a new WG last call that ends the 11th due to massive changes to the document. Intended to do a new IETF last call also.
2009-11-25
10 (System) Sub state has been changed to AD Follow up from New Id Needed
2009-11-25
05 (System) New version available: draft-ietf-behave-turn-uri-05.txt
2009-11-19
10 Magnus Westerlund State Changes to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead::AD Followup by Magnus Westerlund
2009-11-19
10 Magnus Westerlund The update received more comments. Major redesign of solution may be comming. New IETF last call will be needed.
2009-11-09
10 (System) Sub state has been changed to AD Follow up from New Id Needed
2009-11-09
04 (System) New version available: draft-ietf-behave-turn-uri-04.txt
2009-11-06
10 Magnus Westerlund State Changes to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead by Magnus Westerlund
2009-11-06
10 Magnus Westerlund [Note]: 'Document shepherd is Dan Wing, dwing@cisco.com' added by Magnus Westerlund
2009-10-29
10 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2009-10-26
10 Amanda Baber
IANA comments:

Upon approval of this document, IANA will make the following assignments:

ACTION 1:

In the "Permanent URI Schemes" registry at
http://www.iana.org/assignments/uri-schemes.html

URI Scheme …
IANA comments:

Upon approval of this document, IANA will make the following assignments:

ACTION 1:

In the "Permanent URI Schemes" registry at
http://www.iana.org/assignments/uri-schemes.html

URI Scheme Description Reference
---------- ----------- -------
turn TURN [RFC-behave-turn-uri-03]
turns TURN TLS [RFC-behave-turn-uri-03]


ACTION 2:

In the "S-NAPTR Application Service Tags" registry at
http://iana.org/assignments/s-naptr-parameters/s-naptr-parameters.xhtml

Tag Reference
----- ---------
RELAY [RFC-behave-turn-uri-03]


ACTION 3:

In the "S-NAPTR Application Protocol Tags" registry at
http://iana.org/assignments/s-naptr-parameters/s-naptr-parameters.xhtml

Tag Reference
-------- ---------
turn.udp [RFC-behave-turn-uri-03]
turn.tcp [RFC-behave-turn-uri-03]
turn.tls [RFC-behave-turn-uri-03]
2009-10-22
10 Samuel Weiler Request for Last Call review by SECDIR Completed. Reviewer: Jürgen Schönwälder.
2009-10-16
10 Samuel Weiler Request for Last Call review by SECDIR is assigned to Jürgen Schönwälder
2009-10-16
10 Samuel Weiler Request for Last Call review by SECDIR is assigned to Jürgen Schönwälder
2009-10-15
10 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2009-10-15
10 Magnus Westerlund State Changes to Last Call Requested from Publication Requested by Magnus Westerlund
2009-10-15
10 Magnus Westerlund Last Call was requested by Magnus Westerlund
2009-10-15
10 (System) Ballot writeup text was added
2009-10-15
10 (System) Last call text was added
2009-10-15
10 (System) Ballot approval text was added
2009-08-24
10 Amy Vezza
PROTO writeup for draft-ietf-behave-turn-uri-03

  (1.a)  Who is the Document Shepherd for this document?

Dan Wing, dwing@cisco.com

          Has the
  …
PROTO writeup for draft-ietf-behave-turn-uri-03

  (1.a)  Who is the Document Shepherd for this document?

Dan Wing, dwing@cisco.com

          Has the
          Document Shepherd personally reviewed this version of the
          document and, in particular, does he or she believe this
          version is ready for forwarding to the IESG for publication?

Yes.


  (1.b)  Has the document had adequate review both from key WG members
          and from key non-WG members?  Does the Document Shepherd have
          any concerns about the depth or breadth of the reviews that
          have been performed?

This document has received review from the community.  The document
shepherd solicited URI review from uri-review@ietf.org but didn't
receive a URI-specific review.


  (1.c)  Does the Document Shepherd have concerns that the document
          needs more review from a particular or broader perspective,
          e.g., security, operational complexity, someone familiar with
          AAA, internationalization, or XML?

A URI review would be helpful.  As stated, the document shepherd
attempted to get a URI review but doubts a URI review occurred.

  (1.d)  Does the Document Shepherd have any specific concerns or
          issues with this document that the Responsible Area Director
          and/or the IESG should be aware of?  For example, perhaps he
          or she is uncomfortable with certain parts of the document, or
          has concerns whether there really is a need for it.  In any
          event, if the WG has discussed those issues and has indicated
          that it still wishes to advance the document, detail those
          concerns here.

No concerns.


          Has an IPR disclosure related to this document
          been filed?  If so, please include a reference to the
          disclosure and summarize the WG discussion and conclusion on
          this issue.


There has been no working group discussion of this IPR
disclosure.


  (1.e)  How solid is the WG consensus behind this document?  Does it
          represent the strong concurrence of a few individuals, with
          others being silent, or does the WG as a whole understand and
          agree with it?

The WG has a good understanding of it, but most members of the WG
do not need this URI to configure their TURN clients.


  (1.f)  Has anyone threatened an appeal or otherwise indicated extreme
          discontent?  If so, please summarize the areas of conflict in
          separate email messages to the Responsible Area Director.  (It
          should be in a separate email because this questionnaire is
          entered into the ID Tracker.)

No such threats or appeals.


  (1.g)  Has the Document Shepherd personally verified that the
          document satisfies all ID nits?  (See
          http://www.ietf.org/ID-Checklist.html and
          http://tools.ietf.org/tools/idnits/.)


Yes.

          Boilerplate checks are
          not enough; this check needs to be thorough.  Has the document
          met all formal review criteria it needs to, such as the MIB
          Doctor, media type, and URI type reviews? 

A URI review is needed.


          If the document
          does not already indicate its intended status at the top of
          the first page, please indicate the intended status here.

Intended Status:  Proposed Standard


  (1.h)  Has the document split its references into normative and
          informative?

Yes.

          Are there normative references to documents that
          are not ready for advancement or are otherwise in an unclear
          state?  If such normative references exist, what is the
          strategy for their completion?  Are there normative references
          that are downward references, as described in [RFC3967]?  If
          so, list these downward references to support the Area
          Director in the Last Call procedure for them [RFC3967].

All normative references are upward references, and all are RFCs.


  (1.i)  Has the Document Shepherd verified that the document's IANA
          Considerations section exists and is consistent with the body
          of the document?

Yes.

          If the document specifies protocol
          extensions, are reservations requested in appropriate IANA
          registries?

No protocol extensions.

          Are the IANA registries clearly identified?

Yes.

          If
          the document creates a new registry, does it define the
          proposed initial contents of the registry and an allocation
          procedure for future registrations?

The document does not create a new IANA registry.

          Does it suggest a
          reasonable name for the new registry?  See [RFC2434].  If the
          document describes an Expert Review process, has the Document
          Shepherd conferred with the Responsible Area Director so that
          the IESG can appoint the needed Expert during IESG Evaluation?

  (1.j)  Has the Document Shepherd verified that sections of the
          document that are written in a formal language, such as XML
          code, BNF rules, MIB definitions, etc., validate correctly in
          an automated checker?

The ABNF parses according to http://www.apps.ietf.org/node/12


  (1.k)  The IESG approval announcement includes a Document
          Announcement Write-Up.  Please provide such a Document
          Announcement Write-Up.  Recent examples can be found in the
          "Action" announcements for approved documents.  The approval
          announcement contains the following sections:

          Technical Summary
            Relevant content can frequently be found in the abstract
            and/or introduction of the document.  If not, this may be
            an indication that there are deficiencies in the abstract
            or introduction.


This document defines two URI schemes and the resolution mechanism to
generate a list of server transport addresses that can be tried to
create a Traversal Using Relays around NAT (TURN) allocation.



          Working Group Summary
            Was there anything in the WG process that is worth noting?
            For example, was there controversy about particular points
            or were there decisions where the consensus was
            particularly rough?


No.

          Document Quality
            Are there existing implementations of the protocol?

Yes.

            Have a
            significant number of vendors indicated their plan to
            implement the specification?

Only one.  Another vendor has indicated interest in implementing after
publication as an RFC.


            Are there any reviewers that
            merit special mention as having done a thorough review,
            e.g., one that resulted in important changes or a
            conclusion that the document had no substantive issues?

They are listed in the document's acknowledgement section.


            If
            there was a MIB Doctor, Media Type, or other Expert Review,
            what was its course (briefly)?  In the case of a Media Type
            Review, on what date was the request posted?

We still need a URI review.


          Personnel
            Who is the Document Shepherd for this document?

Dan Wing, dwing@cisco.com

            Who is the
            Responsible Area Director?

Magnus Westerlund, magnus.westerlund@ericsson.com


            If the document requires IANA
            experts(s), insert 'The IANA Expert(s) for the registries
            in this document are .'


The document doesn't require IANA experts.



  The Document Shepherd MUST send the Document Shepherd Write-Up to the
  Responsible Area Director and iesg-secretary@ietf.org together with
  the request to publish the document.  The Document Shepherd SHOULD
  also send the entire Document Shepherd Write-Up to the working group
  mailing list.  If the Document Shepherd feels that information which
  may prove to be sensitive, may lead to possible appeals, or is
  personal needs to be written up, it SHOULD be sent in direct email to
  the Responsible Area Director, because the Document Shepherd Write-Up
  is published openly in the ID Tracker.  Question (1.f) of the
  Write-Up covers any material of this nature and specifies this more
  confidential handling.
2009-08-24
10 Amy Vezza Draft Added by Amy Vezza in state Publication Requested
2009-08-24
10 Amy Vezza [Note]: 'Document shepherd is Dan Wing, dwing@cisco.com' added by Amy Vezza
2009-08-20
03 (System) New version available: draft-ietf-behave-turn-uri-03.txt
2009-05-13
02 (System) New version available: draft-ietf-behave-turn-uri-02.txt
2009-03-07
01 (System) New version available: draft-ietf-behave-turn-uri-01.txt
2008-12-21
00 (System) New version available: draft-ietf-behave-turn-uri-00.txt