TRAM (TURN Revised and Modernized) - IETF 96 Tuesday March 28, 2017 14:50-16:20 Montreux 3 WG chairs: Gonzalo Camarillo, Simon Perreault Responsible AD: Spencer Dawkins Notes: Simon Perreault Minutes of the meeting: Simon Perreault Introduction - Chairs --------------------- The chairs stressed the importance of resolving open issues in this meeting so as to make tangible progress towards closing the working group before the next IETF meeting. STUN bis - Marc Petit Huguenin ------------------------------ Marc presented the open issues in draft-ietf-tram-stunbis and got input from the group on how to resolve them. Marc and Gonzalo Salgueiro will revise the draft, which will be ready for WGLC. Action items: - Bid-down protection - Add an explanation of the bid-down protection strategy to section 15.3. - Use nonce cookie bits for signalling algorithm support and protecting against bid-down attacks. - Ask security experts for early review, once the draft has been revved. - Happy Stunballs - Do not change STUNbis. Usages of STUN will need to explain how they deal with this problem. ICE will need to figure out how they want to handle candidates containing domain names. TURNbis will need to address this as well (more on this later). TURN bis - group ---------------------------------------------------------------- The document editors were unavailable to present and so the chairs led a group discussion focused on how TURN bis needed to be changed to be in sync with STUN bis. Action items: - Happy Turnballs - 401 responses are idempotent, therefore a client sending requests over IPv4 and IPv6 at the same time could apply the Happy Eyeballs directly, and follow up with an authenticated request to the chosen address family. - When authentication is off, which is a new possiblity with TURN bis, the client would be advised to clean up allocations other than the chosen one with the appropriate "refresh zero" request.