►
From YouTube: IETF93-TRAM-20150720-1850
Description
TRAM meeting session at IETF93
2015/07/20 1850
A
A
Ok,
this
is
tram.
What
time
is
it
now
yeah?
We
should
start
not
well
logistics.
Do
we
have
a
minute
taker?
Please
anyone
will
do.
You
will
get
a
nice
star,
the
color
of
your
choice?
In
addition,
we
need
a
jabber
scribe
and
the
Jabra
scribe
will
also
get
a
star
the
same
color
as
the
minute
taker,
but
the
minute
taker
gets
to
choose
the
color.
B
A
A
It
was
not
approved
by
the
iesg
on
grounds
of
privacy.
The
big
problem
is
that
a
stun
or
turned
server
now
can
learn
what
web
application
you're
using
in
the
case
of
WebRTC,
for
example,
without
having
a
relationship
with
the
application
or
web
the
user.
A
So
significant
changes
will
be
necessary
if
we're
to
go
again
at
the
iesg
with
this
idea,
and
it
is
to
be
discussed
in
the
second
tram
session.
So
next,
that's
all
I'm
going
to
say
about
this
working
group
drafts
turn
server.
Discovery
has
had
a
working
group
last
call
and
has
received
comments
from
ted
rd.
In
my
view,
they
were
good
comments
but
will
not
require
a
significant
architectural
change
to
the
draft.
Yes,.
E
E
What
is
that
there
is
something
nice
which
was
done
in
HTTPS,
which
was
to
either
the
username
I
way
to
either
username,
which
is
sent,
so
the
idea
is
to
add
to
copy,
in
fact,
what
was
done
by
a
hit
with
a
fat
and
start
it's
it's
an
East
office
on
the
air,
FC
editor,
and
so
it's
safe
to
do
the
same
thing
here.
So
we
will
work
on
this
as
soon
as
possible.
A
E
A
F
A
Sorry
for
this,
so
anybody
else,
even
if
you
didn't
raise
your
hand,
please
review
stun
base
Stan
path.
Data
was
adopted
last
time
on,
it
has
had
one
additional
revision
and
it
is
now
being
considered
for
being
part
of
a
measurement
framework.
A
A
G
G
E
H
E
H
E
G
Okay,
just
anybody
I
mean
I
think
this
is
generally
worth
protecting.
I
think
in
still
obtain
substantial
information
from
an
encrypted
web
XE
thing
with
user
names,
given
the
fact
that
ice
does
have
message
integrity,
I
wonder
if
it
will
be
possible
to
also
use
this
for
short-term
authentication
as
well.
You.
E
It's
worth
considering,
so
I
will
publish
okay,
let's
say
in
the
next
next
month
I
will
publish
a
reaction
that
will
have
this,
and
then
we
can
this
discuss
from
from
this
this
point
this
time
are
we
can
so
the
thing
we
shot
them,
especially
on
ice,
is
that
the
password
is
already
horn,
damn
things.
So
there
is
not
much
information.
You
can
extract
from
this
fight
on
ice.
E
G
You
can
already
do
a
lot
of.
We
found
ways
of
doing
a
lot
of
sort
of
semantic
analysis
based
on
what
the
length
of
usernames
are.
There
included
to
identify
what
the
clients
are
that
are
being
used
and
there's
actually
substantive
Rick.
You
can
get
decent
amount
of
information
from
this
so
anyway,
I.
You
know
that
that
seems
like
a
good
proposal.
Let's
get
the
new
version
published
and
we'll
see
if
it
makes
sense
to
do
it
for
short
term
yeah.
I
C
C
C
So
this
is
a
method
and
end
points
or
whatever
device
can
use
to
probe
its
bandwidth
capabilities
before
doing
any
call
if
it
has
a
turn
server
available,
so
next
slide.
Well,
there
are
some
property
stuff
next
slide,
so
how
well
Alice
wants
to
test
for
network
and
next
slide.
She
does
allocate
a
turn
we
like
address,
as
usual.
Also
learns,
her
reflexive
address
looks
like,
and
then
she
actually
sets
the
permission
on.
C
There
are
no
real
interrupt
issues
because
the
client
can
determine
the
packets
interface,
it
sent
speaker
whatever
it
sends,
it
will
get
back
and
we
have
actually
used
this
in
products
for
a
couple
years
now
looks
like
so
potential
issues
that
might
be
worth
discussing
is
today.
We
don't
really
provide
much
detailing
in
the
probing
packets
and
that's
on
purpose.
A
C
C
C
G
Just
me
ready
so
like
extending
the
term
protocol.
Do
this
seems
kind
of
weird
to
me,
because
it
means
that
this
thing
is
explicitly
specify
only
to
use
for
turn
servers
and,
if
you
say
like
generic
packets,
like
the
idea,
channel,
packets
or
RTP
packets,
the
same
mechanism
could
be
used
for
I
can
move
back
testing
as
well
as
testing
like
end
to
end.
You
know
bandwidth,
so
it
seems
a
little
weird
here
that
we
would
sort
of
mandate
that
the
actual
bandwidth
probe
meccans
to
be
done
using
turn
packets.
G
You
know
and
we've
seen
like
we
already
do
this
or
thing
and
web
applications
right
now
by
sending
like
datagram
packets
of
increasing,
so
our
data
channel
packets
of
increasing
size.
You
know
we
give
some
sort
of
best
practices
for
how
to
do
turn
server
balance
estimation
using
various
packets,
but
I,
don't
think
so
specifying
the
wire
format
here
is
all
that
useful.
G
The
point
was
made,
the
point
I
was
making
about
this-
is
that
a
single
application
with
no
changes
to
the
underlying
browser
implication
implementation
can
do
this
right
now
by
sending
data
channel
packets
to
the
term
server
which
automatically
move
back
because
it'll
specify
itself
as
a
sender
and
receiver.
So
you
can
do
this
right
now
at
the
application
level
at
the
application
level
yeah
now.
Obviously,
if
you
want
to
do
this
between
two
endpoints,
they
need
to
serve
JavaScript.
You
know,
or
you
know
over,
you
know
their
own
signaling
channel
tell
them.
A
So
the
advantage
I
see
of
seeing
of
doing
this
at
the
lower
level
than
the
application
level
is
being
able
to
pick
an
ice
candidate
that
has
the
best
characteristics.
So
if
you
measure
things
at
the
browser
level
without
the
application
knowing-
and
you
can
do
this
end-to-end-
that's
that's
great.
That
means
you
can
nominate
the
candidate
that
you
want.
G
A
Yeah
definitely
yes,
so.
G
A
J
C
G
C
I
haven't
thought
about
the
multiple
interface
story
and
the
way
we
use
it.
Today's
we
use
it
pre
Cole,
once
in
a
while,
while
once
and
can
register
to
the
sip
server.
It
will
do
this
just
to
get
an
estimate
of
the
bandwidth
available
and
set
the
ecole
bandwidth
accordingly
and
then
rated
up
to
that.
G
The
far
just
worries
means
that
we're
encoding
things
like
timestamp
into
the
turn
packet
when
we
already
have
things
like
this
at
the
RTP
level,
so
right,
smashing
stuff
down,
like
you
know,
in
the
stack
so
that
we
can
do
this
on
a
fully
self-contained
way
where
it
actually
might
make
more
sense
to
just
send
like
junk
RTP
packets.
The
term
server
do
so,
and
we
don't
need
to
invent
anything
in
order
to
do
that.
Yeah.
C
G
G
K
D
E
E
So
this
was
because
originally
in
2008-
and
the
idea
was
not
ready
to
do
PMT
you
stones
so
as
to
provide
a
way
for
UDP
protocol.
We
do
not
have
the
PMT
ug
baked
in
to
to
provide
them
a
way
to
to
add
this
feature.
So
so
that
was
not.
The
working
group
was
not
interested
at
the
time
and
you
can
see
it
in
the
draft
bit
because
I
propose
multiple
solution
in
it
and
the
idea
was
so
walking
about
would
would
choose
something
inside
and
then
we
will
continue
this
way.
E
E
The
algorithm
is
on
Charlie
described
in
48
21,
so
we
described
on
only
the
bit
on
the
why
we
don't
explain
how
to
measure
exactly
the
three
MTG,
because
everything
is
explained,
it's
eric
c,
and
we
do
it
only
in
one
direction
of
you
see.
You
can
extend
this
by
doing
this
in
both
side,
but
this
module
as
a
path
MTU
only
on
one
direction.
Next
slide,
please.
E
E
A
E
E
F
E
Yeah
so
remember,
this
is
also
for
other
UDP
protocol
that
are
not
Stern,
so
I
purpose
to
mechanism
inside
to
be
able
to
do
this
also
protocol
that
are
not
Stan
one
was
to
calculate
a
checksum
to
be
able
to
organize
what
packet
was
received
in
what
manner
not
received
next
slide.
I
think
and
the
other
was
to
other
ashamed
to
to
have
an
identifier
for
this
again.
This
is
for
description.
E
E
A
J
Jonathan
yeah
I
mean
I.
Think
for
me
the
use
case
is,
I
mean
we
often
have
the
problem
for
like
video.
You
want
to
fill
your
empty
you
because
the
packet
overheads
are
fairly
high
and
you're,
usually
bigger
than
a
single
packet.
But
if
you
don't
know
the
MTU,
you
have
to
be
pretty
conservative
because
there
might
be
a
VPN
in
the
loop
or
something
so
if
you'd
be
handy
to
be
able
to
take.
J
You
know
for
like
for
ice
to
be
able
to
get
em
to
end
path,
MTU
so
that
you
can
yank
your
encoded
sliced
size
or
whatever
up
to
the
maximum
supported
by
the
path
safely.
So
yeah
I
do
see
a
use
case
for
this
I
mean
I,
think
I.
Guess
the
graph
says
how
you
negotiate,
whether
I
support
your
ice
supports
it,
but
that's
a
yes.
E
J
E
E
J
J
G
Just
from
birdie
on
the
topic
of
one
versus
three
documents
like
this
and
the
traceroute
seem
like
they
go
pretty
hand
in
hand
just
because
they're
both
doing
ICMP
stuff
and
like
they
generally
have
a
pretty
common
view
of
I.
How
this
sexual
processor
work,
I,
think
the
bandwidth
one
seems
kind
of
different,
so
like
I,
would
suggest
that
either
do
three
documents
or
combine
the
PMT
UD
and
the
traceroute
into
the
same
document.
I
Brandon
Williams
Akamai,
it
is
this
one
I
mean
my
read
of
this.
One
was
yeah,
the
thing
in
the
middle
produces
ICMP,
but
the
ICMP
isn't
actually
being
used
in
meaningful
way,
at
least
for
the
end-to-end
right.
This
one
in
some
respects
seemed
a
little
bit
closer
to
the
other
in
that
it's
not
expecting
ICMP
to
get
through
and
using
it.
That
way
did
I
misunderstand
that.
I
E
I
E
G
If
I
we're
trying
to
do
is
get
the
error
like
that'll,
be
returned
from
received
from
so
that
you
can
just
still
get
the
ever
that
you
got
an
ICMP
error
packet
without
having
to
have
like
kernel
level,
socket
access
so
like
if
you
don't
need
any
more
details
of
them
effect.
That
and
I
error
occurred
like
you
could
do
this
all
in
user
mode,
and
that
would
be
a
lot
different.
Yeah.
I
I
Would
get
all
the
way
back
to
the
sender?
The
the
draft
didn't
appear
to
me
to
be
describing
I
learned
this
information
from
icmp
on
the
relay
and
here's
how
I
propagate
that
back
to
the
original
sender.
So
it
can
use
it
in
a
meaningful
way.
So
I
assumed
that
it
wasn't
relying
on
the
ICMP
getting
through
that
it
was
actually
fundamentally
relying
yeah.
E
E
E
And
it
was
a
compliment
of
the
the
fact
that
we
we
said
that
the
dfb
in
the
other
direction
white.
So
it
works
fine
with
Stern,
because
you
received
likely
the
packet
like
it
doesn't
work
with
when
you
are
going
to
full
term
because
the
ICMP
packet
density.
So
you
need
one
small
thing
which
is
an
indication.
Yes,
that
contains,
is
no
no
you're
going
to
tell
us
and
and.
I
I
L
E
L
Sound
really
early
to
making
this
decision
I
mean
the
reason
I
think
the
reason
you
should
decide
that
you'd
want
to
merge
these
or
not
merged.
These
is,
if
there's
somebody
who
would
want
to
implement
one
of
these,
but
not
the
other
ones.
You
probably
don't
want
to
merge
them,
so
they
can
say
I
implement
our
FCX
and
if
anyone
who
is
implementing
one
of
these
would
definitely
mint
plant,
all
of
them
are
two
of
them
or
whatever
that
makes
sense
to
merchant
that'll
become
clearer.
A
A
A
G
A
Good
point
all
right:
next,
one
is
stunt
race
route,
so
same
questions.
Does
anyone
think
that
this
is
cool
and
they
should
be
using
it
or
is
anyone
else
already
doing
it?
No
is
anyone
opposed
to
the
adoption?
Does
anyone
think
it's
a
bad
idea
that
it
won't
work.
G
Okay,
the
place
we
briefed-
and
we
can
finish
this-
is
a
recap
of
the
changes
between
return
that
was
presented,
a
tight,
Eve
92
in
the
most
recent
version
that
was
published.
That
became
a
working
group
talk
next
slide,
so
the
main
thing
that
was
changed
was
the
some
changes
to
the
security
considerations
regarding
how
other
discovery
works
and
or
regarding
how
auto-discovery
should
be
thought
about
next
slide.
So.
G
Okay
Ben
end
of
this.
This
is
rounder
about
how
exactly
what
return
is
supposed
to
do
on
enterprise
deploy
as
a
turn
server,
and
this
term
server
allows
basically
you
to
get
out
the
same
way
that
I
k
enterprises,
HTTP
proxy,
allows
you
to
get
out.
Re
allows
the
client
to
get
out
to
the
web
next
slide,
and
this
is
kind
of
how
it
looks.
You
know,
from
a
diagram
basis
that
the
HTTP
proxy
and
allows
the
browser
to
get
out
to
the
internet
and
the
return
proxy.
G
Now
web
bark
see
traffic
Weber,
see
media
in
particular
to
get
out
to
the
internet
next
slide.
So
the
change
here
is
the
security
considerations.
Basically
saying
that
a
return
proxy
really
has
a
lot
of
discretion
over
what
happens
to
that
media
traffic
and
if
it
wanted
to
it,
could
then
I
start
recording
all
packets,
even
if
they're
encrypted
it
could
record
them
with
the
hope
of
recovering
them
later
Orca.
G
Basically,
block
flows
are
going
to
things
that
it
didn't
think
we're
the
right
destinations
ago
to,
and
this
basically
gives
on
you
know,
I
guess
I
said
the
browser,
this
proxy
live
discretion
to
whether
she'll
now
traffic
out
or
not-
and
this
is
something
that
you
know
might
make
sense
if
you're
in
an
enterprise,
whether
it's
explicit
corporate
policy,
about
whether
the
traffic
should
go
out
or
not.
But
you
may
not
want
this
to
happen
to
your
on
your
ISP.
G
G
H
G
H
G
Anyway,
I
bet,
the
main
thing
is
saying
that
the
in
here
in
the
actual
arm
there'd
be
any
sir.
Our
discovery
draft
that's
currently
going
last
call
here
in
tram.
It
says
the
best
ways
of
doing
our
discovery
are
through
mdns
and
any
cast,
and
the
security
considerations
has
been
added.
Return
says:
don't
do
that
that
these
things
you
know
are,
it
would
allow
somebody
who
happens
to
have
access
to
the
network.
You
gotta
force
you
to
go
through
a
proxy
and
that's
really
not
the
intent
of
return.
It's
really
dependent
as
that.
G
G
It
brings
to
mind
you've,
probably
seen
pictures
we
have
like
wide
open
fields
with
roads
running
through
them
and
someone
spiritual
gate
across
the
road,
but
it's
open
on
all
sides.
The
problem
is
anyone
who's
in
a
position
to
do.
This
is
in
a
position
to
do
this
anyway,
without
using
an
mdns
advertisement
of
a
proxy.
If
I'm
on
the
same
segment
as
you,
I
can
throw
our
upset
you.
If
I'm
your
isp
game
over,
I'm
between
you
and
the
Internet,
there's
really
nothing.
You're.
I
G
Utility,
so
I
think
that
we're
paying
a
price
with
no
benefit
I
definitely
agree
that
on
the
ice,
P
is
currently
in
a
position
to
do
this,
like
your
packet.
Has
your
packets
can
do
whatever
at
once,
but
it
doesn't
do
that.
It's
not
insert
inserting
proxy
configuration,
but
when
he
or
colin
has
to
say
well.
L
I
mean
I
I
get
your
point
that
in
some
cases,
you're
concerned
about
the
the
purge
the
attacker
might
be
already
on
the
path
right,
but
this
allows
a
at
a
starbuck.
What
I
don't
want
to
have
happen?
Is
you
go
to
Starbucks
and
suddenly
all
of
your
traffic
is,
you
know,
routed
through
gogo,
Wi-Fi,
proxy.
L
Can't
chill
Domino's,
no,
no!
No!
No!
It
was
going
through
starbucks
network
okay,
I
know
so.
The
difference
here
is
if,
if
Starbucks
wants
to
cause
all
of
your
traffic
to
be
routed
somewhere
else,
they
could
always
do
that
with
all
of
their
traffic
and
you'd
be
able
to
see
what
was
going
on
right.
But
this
allows
you
to
very
easily
insert
man-in-the-middle.
It
allows
on
somebody
who
would
have
been
very
difficult
to
be
a
non
path
to
suddenly
become
an
on
path.
L
L
K
I
K
L
G
K
Is
it
like
I,
I'm,
starbucks,
night
and
I?
Have
a
contract
I,
don't
know
which
way
the
money
flows
with
like
evil
instruction
Corp
you
especially
the
report
right
and
I.
Have
it
you
know
wrt,
you
know
54g
I'm
access
point.
You
can't
do
any
inspection
at
all,
but
it
can
admit
and
mdns
response.
It
says,
send
all
your
emergency
traffic
over
here.
K
L
G
J
Yeah
I
mean
I
think
that
for
me,
the
guy
at
the
other
table,
threat
models,
but
for
serious,
then
you
know
if
you're
on
a
network,
that's
hostile
I
mean
the
fact
that
it
costs
them.
You
know
we're
doing
something
that
you
know
makes
you
know
something
that
could
easily
do
cost
a
little
bit
less
for
them
is
not
for
me
a
terribly
compelling
thing,
but
I
think
you
know
the
other
guy.
J
K
Responses,
I
can
force
you
to
a
new
dns
server
and
I
can
watch
the
garbage.
I
mean
like
either
by
hypothesis.
You
can
with
you
superior
cannot,
but
unless
you
tell
me
I
can
somebody
used
to
be
or
not
all
of
it
like
on
I
just
and
right
now
I'm
confused
about
not
increase
of
throttle
again
I
thought
I
understood
it,
but
I'm
confused
I.
K
L
K
E
H
So
sometimes
I'm,
like
my
original
point,
and
the
reason
that
I
got
up
here,
is
that
we've
had
these
long
discussions
about
how
people
may
or
may
not
want
to
insert
an
HTTP
proxy
and
how
you
might
discover
it,
and
it
has
never
been
the
case
that
is.
It
is
acceptable
to
insert
an
HTTP
proxy
without
something
of
a
higher
bar
than
than
what's
been
established
here
now
it
might
be
that
mdns
is
fine
because
it
works
in
a
different
way
to
dhcp,
and
you
can't
spoof
the
dhcp.
H
It
is
there
may
be.
There
may
be
a
case
that
there
there's
like
grades
here,
that
we
haven't
actually
got
a
good
handle
on,
because
we're
not
people
who
actually
run
these
sorts
of
networks,
but
I
just
want
to
get
back
to
the
fundamental
question
which
is:
is
it
acceptable
to
have
someone
insert
themselves
into
the
path
in
this
fashion
and
it
wasn't
acceptable
for
for
HTTP
in
all
the
discussions
we
had
with
it
all
sorts
of
people?
Why
would
it
be
acceptable
here?
L
Mean
I
I
got
to
say
to
that
point:
I
mean
I,
I
totally
agree
with
the
text.
That's
in
the
draft
right
now
that
we
wrote
at
our
last
session.
That
said,
untrusted
right
and
I
mean
if
we
can
show
that
in
the
way
we
use
it,
we
know
MDS
is
trusted.
It's
only
coming
from
some
trust.
You
I
meant
like
I'm,
knob,
jek
ting
that
and
just
sort
of
saying
untrust
it
right.
He
gets
yeah.
H
And
I
have
no
problem
with
that
that
either
the
and
and
it's
potentially,
if,
if
the
router
is
on
path,
we
consider
it
to
be
trusted
sufficiently
to
perform
this
sort
of
attack.
Then
that's
fine
and
that
may
that
may
be
that
the
anycast
method
is
sufficient
for
that.
For
that
purpose,
because
the
guy
who
was
who's
owning
you
in
that
situation,
is
already
on
path
in
the
first
place
and
could,
in
theory
at
least
to
do
that
owning
if
they
had
the
resources.
H
So,
which
can
only
be
modified
by
said
so
Cullens
phrasing
was
I,
think
right,
which
is
that
the
must
not
use
proxies
that
are
provided
by
untrusted
sources.
Now,
if
we
consider,
if
we
can
find
some
way
to
say
that
using
any
cast,
for
instance,
was
sufficiently
trusted
for
this
purpose,
then
we
would
make
the
exception
for
any
kind
of
this.
H
Just
using
it
as
an
example
right,
okay,
if
we,
if
we
said
that
if
we
said
that
any
cast
was
sufficient
for
the
purposes
of
saying
that
the
return
proxy
is
sufficiently
trusted
whatever
that
means,
then
that
would
get
that
would
get
a
pass,
but
maybe
md
mdns
does
not
maybe
DHC.
If
he
does
maybe
did
I,
don't
know
how
many
options.
G
G
A
G
That's
it
five
minutes
you
so
Clemens,
oh
okay,
well,
does
anyone
would
propose
a
straw
man
for
which
those
mechanisms
should
be
considered
it?
You
know
trust
it
or
not.
It
sounds
like
Martin.
Your
suggestion
was
that
any
cast
would
be
fine
sure.
Well,
let's
start
somewhere.
L
L
L
Yeah,
okay,
fair
enough
so
you're
saying
the
router
would
not
it
would
be,
it
would
not
be
routed
to
it.
It
was
so
I
mean
okay,
so
when
it
wouldn't
be
out
of
a
multicast
space,
it
would
just
be.
It
would
be
true
straight
up
in
a
cast
on
multicast
right,
but
this
would
be
something
will
be
compiled
into
the
browser
itself.
So
so,
okay,
so
now
we
get
to
the
question
about:
is
the
starbucks
router
trusted
and
I'm
going
to
claim
the
starbucks
router
is
not
trust.
L
L
G
K
Think
I
would
also
benefit
from
more
concise
statement
of
the
threat
model
here.
If
you
could
manage
to
write
something
that
was
relatively
short
to
explain
the
difference
between
the
concern
you
have
here
and
the
concern
that
on
and
what
they
talkin
do
merely
by
controlling
the
router
that
be
very
helpful.
It
is
invalid.
I
just
understand
yeah.