draft-ietf-tram-stunbis-18.txt   draft-ietf-tram-stunbis-19.txt 
TRAM M. Petit-Huguenin TRAM M. Petit-Huguenin
Internet-Draft Impedance Mismatch Internet-Draft Impedance Mismatch
Obsoletes: 5389 (if approved) G. Salgueiro Obsoletes: 5389 (if approved) G. Salgueiro
Intended status: Standards Track J. Rosenberg Intended status: Standards Track J. Rosenberg
Expires: November 15, 2018 Cisco Expires: April 18, 2019 Cisco
D. Wing D. Wing
R. Mahy R. Mahy
Unaffiliated Unaffiliated
P. Matthews P. Matthews
Nokia Nokia
May 14, 2018 October 15, 2018
Session Traversal Utilities for NAT (STUN) Session Traversal Utilities for NAT (STUN)
draft-ietf-tram-stunbis-18 draft-ietf-tram-stunbis-19
Abstract Abstract
Session Traversal Utilities for NAT (STUN) is a protocol that serves Session Traversal Utilities for NAT (STUN) is a protocol that serves
as a tool for other protocols in dealing with Network Address as a tool for other protocols in dealing with Network Address
Translator (NAT) traversal. It can be used by an endpoint to Translator (NAT) traversal. It can be used by an endpoint to
determine the IP address and port allocated to it by a NAT. It can determine the IP address and port allocated to it by a NAT. It can
also be used to check connectivity between two endpoints, and as a also be used to check connectivity between two endpoints, and as a
keep-alive protocol to maintain NAT bindings. STUN works with many keep-alive protocol to maintain NAT bindings. STUN works with many
existing NATs, and does not require any special behavior from them. existing NATs, and does not require any special behavior from them.
skipping to change at page 1, line 49 skipping to change at page 1, line 49
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 15, 2018. This Internet-Draft will expire on April 18, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 50 skipping to change at page 3, line 50
16.2.4. Attack IV: Eavesdropping . . . . . . . . . . . . . . 51 16.2.4. Attack IV: Eavesdropping . . . . . . . . . . . . . . 51
16.3. Hash Agility Plan . . . . . . . . . . . . . . . . . . . 52 16.3. Hash Agility Plan . . . . . . . . . . . . . . . . . . . 52
17. IAB Considerations . . . . . . . . . . . . . . . . . . . . . 52 17. IAB Considerations . . . . . . . . . . . . . . . . . . . . . 52
18. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 53 18. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 53
18.1. STUN Security Features Registry . . . . . . . . . . . . 53 18.1. STUN Security Features Registry . . . . . . . . . . . . 53
18.2. STUN Methods Registry . . . . . . . . . . . . . . . . . 53 18.2. STUN Methods Registry . . . . . . . . . . . . . . . . . 53
18.3. STUN Attribute Registry . . . . . . . . . . . . . . . . 53 18.3. STUN Attribute Registry . . . . . . . . . . . . . . . . 53
18.3.1. Updated Attributes . . . . . . . . . . . . . . . . . 53 18.3.1. Updated Attributes . . . . . . . . . . . . . . . . . 53
18.3.2. New Attributes . . . . . . . . . . . . . . . . . . . 54 18.3.2. New Attributes . . . . . . . . . . . . . . . . . . . 54
18.4. STUN Error Code Registry . . . . . . . . . . . . . . . . 54 18.4. STUN Error Code Registry . . . . . . . . . . . . . . . . 54
18.5. STUN Password Algorithm Registry . . . . . . . . . . . . 55 18.5. STUN Password Algorithm Registry . . . . . . . . . . . . 54
18.5.1. Password Algorithms . . . . . . . . . . . . . . . . 55 18.5.1. Password Algorithms . . . . . . . . . . . . . . . . 55
18.5.1.1. MD5 . . . . . . . . . . . . . . . . . . . . . . 55 18.5.1.1. MD5 . . . . . . . . . . . . . . . . . . . . . . 55
18.5.1.2. SHA-256 . . . . . . . . . . . . . . . . . . . . 55 18.5.1.2. SHA-256 . . . . . . . . . . . . . . . . . . . . 55
18.6. STUN UDP and TCP Port Numbers . . . . . . . . . . . . . 55 18.6. STUN UDP and TCP Port Numbers . . . . . . . . . . . . . 55
19. Changes since RFC 5389 . . . . . . . . . . . . . . . . . . . 56 19. Changes since RFC 5389 . . . . . . . . . . . . . . . . . . . 56
20. References . . . . . . . . . . . . . . . . . . . . . . . . . 56 20. References . . . . . . . . . . . . . . . . . . . . . . . . . 56
20.1. Normative References . . . . . . . . . . . . . . . . . . 56 20.1. Normative References . . . . . . . . . . . . . . . . . . 56
20.2. Informative References . . . . . . . . . . . . . . . . . 59 20.2. Informative References . . . . . . . . . . . . . . . . . 59
Appendix A. C Snippet to Determine STUN Message Types . . . . . 61 Appendix A. C Snippet to Determine STUN Message Types . . . . . 61
Appendix B. Test Vectors . . . . . . . . . . . . . . . . . . . . 62 Appendix B. Test Vectors . . . . . . . . . . . . . . . . . . . . 62
B.1. Sample Request with Long-Term Authentication with B.1. Sample Request with Long-Term Authentication with
MESSAGE-INTEGRITY-SHA256 and USERHASH . . . . . . . . . . 62 MESSAGE-INTEGRITY-SHA256 and USERHASH . . . . . . . . . . 62
Appendix C. Release notes . . . . . . . . . . . . . . . . . . . 64 Appendix C. Release notes . . . . . . . . . . . . . . . . . . . 64
C.1. Modifications between draft-ietf-tram-stunbis-18 and C.1. Modifications between draft-ietf-tram-stunbis-19 and
draft-ietf-tram-stunbis-18 . . . . . . . . . . . . . . . 64
C.2. Modifications between draft-ietf-tram-stunbis-18 and
draft-ietf-tram-stunbis-17 . . . . . . . . . . . . . . . 64 draft-ietf-tram-stunbis-17 . . . . . . . . . . . . . . . 64
C.2. Modifications between draft-ietf-tram-stunbis-17 and C.3. Modifications between draft-ietf-tram-stunbis-17 and
draft-ietf-tram-stunbis-16 . . . . . . . . . . . . . . . 64 draft-ietf-tram-stunbis-16 . . . . . . . . . . . . . . . 64
C.3. Modifications between draft-ietf-tram-stunbis-16 and C.4. Modifications between draft-ietf-tram-stunbis-16 and
draft-ietf-tram-stunbis-15 . . . . . . . . . . . . . . . 64 draft-ietf-tram-stunbis-15 . . . . . . . . . . . . . . . 64
C.4. Modifications between draft-ietf-tram-stunbis-15 and C.5. Modifications between draft-ietf-tram-stunbis-15 and
draft-ietf-tram-stunbis-14 . . . . . . . . . . . . . . . 65 draft-ietf-tram-stunbis-14 . . . . . . . . . . . . . . . 65
C.5. Modifications between draft-ietf-tram-stunbis-14 and C.6. Modifications between draft-ietf-tram-stunbis-14 and
draft-ietf-tram-stunbis-13 . . . . . . . . . . . . . . . 65 draft-ietf-tram-stunbis-13 . . . . . . . . . . . . . . . 65
C.6. Modifications between draft-ietf-tram-stunbis-13 and C.7. Modifications between draft-ietf-tram-stunbis-13 and
draft-ietf-tram-stunbis-12 . . . . . . . . . . . . . . . 65 draft-ietf-tram-stunbis-12 . . . . . . . . . . . . . . . 65
C.7. Modifications between draft-ietf-tram-stunbis-12 and C.8. Modifications between draft-ietf-tram-stunbis-12 and
draft-ietf-tram-stunbis-11 . . . . . . . . . . . . . . . 66 draft-ietf-tram-stunbis-11 . . . . . . . . . . . . . . . 66
C.8. Modifications between draft-ietf-tram-stunbis-11 and C.9. Modifications between draft-ietf-tram-stunbis-11 and
draft-ietf-tram-stunbis-10 . . . . . . . . . . . . . . . 66 draft-ietf-tram-stunbis-10 . . . . . . . . . . . . . . . 66
C.9. Modifications between draft-ietf-tram-stunbis-10 and C.10. Modifications between draft-ietf-tram-stunbis-10 and
draft-ietf-tram-stunbis-09 . . . . . . . . . . . . . . . 66 draft-ietf-tram-stunbis-09 . . . . . . . . . . . . . . . 66
C.10. Modifications between draft-ietf-tram-stunbis-09 and C.11. Modifications between draft-ietf-tram-stunbis-09 and
draft-ietf-tram-stunbis-08 . . . . . . . . . . . . . . . 67 draft-ietf-tram-stunbis-08 . . . . . . . . . . . . . . . 67
C.11. Modifications between draft-ietf-tram-stunbis-08 and C.12. Modifications between draft-ietf-tram-stunbis-08 and
draft-ietf-tram-stunbis-07 . . . . . . . . . . . . . . . 67 draft-ietf-tram-stunbis-07 . . . . . . . . . . . . . . . 67
C.12. Modifications between draft-ietf-tram-stunbis-07 and C.13. Modifications between draft-ietf-tram-stunbis-07 and
draft-ietf-tram-stunbis-06 . . . . . . . . . . . . . . . 68 draft-ietf-tram-stunbis-06 . . . . . . . . . . . . . . . 68
C.13. Modifications between draft-ietf-tram-stunbis-06 and C.14. Modifications between draft-ietf-tram-stunbis-06 and
draft-ietf-tram-stunbis-05 . . . . . . . . . . . . . . . 68 draft-ietf-tram-stunbis-05 . . . . . . . . . . . . . . . 68
C.14. Modifications between draft-ietf-tram-stunbis-05 and C.15. Modifications between draft-ietf-tram-stunbis-05 and
draft-ietf-tram-stunbis-04 . . . . . . . . . . . . . . . 68 draft-ietf-tram-stunbis-04 . . . . . . . . . . . . . . . 68
C.15. Modifications between draft-ietf-tram-stunbis-04 and C.16. Modifications between draft-ietf-tram-stunbis-04 and
draft-ietf-tram-stunbis-03 . . . . . . . . . . . . . . . 68 draft-ietf-tram-stunbis-03 . . . . . . . . . . . . . . . 68
C.16. Modifications between draft-ietf-tram-stunbis-03 and C.17. Modifications between draft-ietf-tram-stunbis-03 and
draft-ietf-tram-stunbis-02 . . . . . . . . . . . . . . . 69 draft-ietf-tram-stunbis-02 . . . . . . . . . . . . . . . 69
C.17. Modifications between draft-ietf-tram-stunbis-02 and C.18. Modifications between draft-ietf-tram-stunbis-02 and
draft-ietf-tram-stunbis-01 . . . . . . . . . . . . . . . 69 draft-ietf-tram-stunbis-01 . . . . . . . . . . . . . . . 69
C.18. Modifications between draft-ietf-tram-stunbis-01 and
draft-ietf-tram-stunbis-00 . . . . . . . . . . . . . . . 69
C.19. Modifications between draft-salgueiro-tram-stunbis-02 and C.19. Modifications between draft-ietf-tram-stunbis-01 and
draft-ietf-tram-stunbis-00 . . . . . . . . . . . . . . . 70 draft-ietf-tram-stunbis-00 . . . . . . . . . . . . . . . 69
C.20. Modifications between draft-salgueiro-tram-stunbis-02 and C.20. Modifications between draft-salgueiro-tram-stunbis-02 and
draft-ietf-tram-stunbis-00 . . . . . . . . . . . . . . . 70
C.21. Modifications between draft-salgueiro-tram-stunbis-02 and
draft-salgueiro-tram-stunbis-01 . . . . . . . . . . . . . 70 draft-salgueiro-tram-stunbis-01 . . . . . . . . . . . . . 70
C.21. Modifications between draft-salgueiro-tram-stunbis-01 and C.22. Modifications between draft-salgueiro-tram-stunbis-01 and
draft-salgueiro-tram-stunbis-00 . . . . . . . . . . . . . 71 draft-salgueiro-tram-stunbis-00 . . . . . . . . . . . . . 71
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 71 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 71
Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 72 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 72
1. Introduction 1. Introduction
The protocol defined in this specification, Session Traversal The protocol defined in this specification, Session Traversal
Utilities for NAT, provides a tool for dealing with NATs. It Utilities for NAT, provides a tool for dealing with NATs. It
provides a means for an endpoint to determine the IP address and port provides a means for an endpoint to determine the IP address and port
skipping to change at page 16, line 51 skipping to change at page 16, line 51
[BCP195] that implementations and deployments of a STUN Usage using [BCP195] that implementations and deployments of a STUN Usage using
TLS or DTLS MUST follow. TLS or DTLS MUST follow.
When it receives the TLS Certificate message, the client MUST verify When it receives the TLS Certificate message, the client MUST verify
the certificate and inspect the site identified by the certificate. the certificate and inspect the site identified by the certificate.
If the certificate is invalid or revoked, or if it does not identify If the certificate is invalid or revoked, or if it does not identify
the appropriate party, the client MUST NOT send the STUN message or the appropriate party, the client MUST NOT send the STUN message or
otherwise proceed with the STUN transaction. The client MUST verify otherwise proceed with the STUN transaction. The client MUST verify
the identity of the server. To do that, it follows the the identity of the server. To do that, it follows the
identification procedures defined in [RFC6125], with a certificate identification procedures defined in [RFC6125], with a certificate
containing an identifier of type DNS-ID or CN-ID, eventually with a containing an identifier of type DNS-ID or CN-ID, optionally with a
wildcard character as leftmost label, but not of type SRV-ID or URI- wildcard character as leftmost label, but not of type SRV-ID or URI-
ID. Alternatively, a client MAY be configured with a set of IP ID.
addresses that are trusted; if a certificate is received that
identifies one of those IP addresses, the client considers the
identity of the server to be verified.
When STUN is run multiplexed with other protocols over a TLS-over-TCP When STUN is run multiplexed with other protocols over a TLS-over-TCP
connection or a DTLS-over-UDP association, the mandatory ciphersuites connection or a DTLS-over-UDP association, the mandatory ciphersuites
and TLS handling procedures operate as defined by those protocols. and TLS handling procedures operate as defined by those protocols.
6.3. Receiving a STUN Message 6.3. Receiving a STUN Message
This section specifies the processing of a STUN message. The This section specifies the processing of a STUN message. The
processing specified here is for STUN messages as defined in this processing specified here is for STUN messages as defined in this
specification; additional rules for backwards compatibility are specification; additional rules for backwards compatibility are
skipping to change at page 22, line 18 skipping to change at page 22, line 18
accepts Binding request/response transactions over a TLS, or DTLS accepts Binding request/response transactions over a TLS, or DTLS
session, the URI scheme is "stuns". session, the URI scheme is "stuns".
The syntax of the "stun" and "stuns" URIs are defined in Section 3.1 The syntax of the "stun" and "stuns" URIs are defined in Section 3.1
of [RFC7064]. STUN usages MAY define additional URI schemes. of [RFC7064]. STUN usages MAY define additional URI schemes.
8.1. STUN URI Scheme Semantics 8.1. STUN URI Scheme Semantics
If the <host> part of a "stun" URI contains an IP address, then this If the <host> part of a "stun" URI contains an IP address, then this
IP address is used directly to contact the server. A "stuns" URI IP address is used directly to contact the server. A "stuns" URI
containing an IP address MUST be rejected, unless the domain name is containing an IP address MUST be rejected. A future STUN extension
provided by the same mechanism that provided the STUN URI, and that or usage may relax this requirement provided it demonstrates how to
domain name can be passed to the (D)TLS SNI and certificate authenticate the STUN server and prevent man in the middle attacks.
verification code.
If the URI does not contain an IP address, the domain name contained If the URI does not contain an IP address, the domain name contained
in the <host> part is resolved to a transport address using the SRV in the <host> part is resolved to a transport address using the SRV
procedures specified in [RFC2782]. The DNS SRV service name is the procedures specified in [RFC2782]. The DNS SRV service name is the
content of the <scheme> part. The protocol in the SRV lookup is the content of the <scheme> part. The protocol in the SRV lookup is the
transport protocol the client will run STUN over: "udp" for UDP and transport protocol the client will run STUN over: "udp" for UDP and
"tcp" for TCP. "tcp" for TCP.
The procedures of RFC 2782 are followed to determine the server to The procedures of RFC 2782 are followed to determine the server to
contact. RFC 2782 spells out the details of how a set of SRV records contact. RFC 2782 spells out the details of how a set of SRV records
skipping to change at page 53, line 45 skipping to change at page 53, line 45
reference from RFC 5389 to RFC-to-be for the following STUN methods: reference from RFC 5389 to RFC-to-be for the following STUN methods:
0x000: (Reserved) 0x000: (Reserved)
0x001: Binding 0x001: Binding
0x002: (Reserved; prior to [RFC5389] this was SharedSecret) 0x002: (Reserved; prior to [RFC5389] this was SharedSecret)
18.3. STUN Attribute Registry 18.3. STUN Attribute Registry
18.3.1. Updated Attributes 18.3.1. Updated Attributes
IANA is requested to update the names for attributes 0x0002, 0x0003, IANA is requested to update the names for attributes 0x0002, 0x0004,
0x0004, 0x0005, 0x0007, and 0x000B, and the reference from RFC 5389 0x0005, 0x0007, and 0x000B, and the reference from RFC 5389 to RFC-
to RFC-to-be for the following STUN methods: to-be for the following STUN methods:
Comprehension-required range (0x0000-0x7FFF): Comprehension-required range (0x0000-0x7FFF):
0x0000: (Reserved) 0x0000: (Reserved)
0x0001: MAPPED-ADDRESS 0x0001: MAPPED-ADDRESS
0x0002: (Reserved; prior to [RFC5389] this was RESPONSE-ADDRESS) 0x0002: (Reserved; prior to [RFC5389] this was RESPONSE-ADDRESS)
0x0003: CHANGE-REQUEST
0x0004: (Reserved; prior to [RFC5389] this was SOURCE-ADDRESS) 0x0004: (Reserved; prior to [RFC5389] this was SOURCE-ADDRESS)
0x0005: (Reserved; prior to [RFC5389] this was CHANGED-ADDRESS) 0x0005: (Reserved; prior to [RFC5389] this was CHANGED-ADDRESS)
0x0006: USERNAME 0x0006: USERNAME
0x0007: (Reserved; prior to [RFC5389] this was PASSWORD) 0x0007: (Reserved; prior to [RFC5389] this was PASSWORD)
0x0008: MESSAGE-INTEGRITY 0x0008: MESSAGE-INTEGRITY
0x0009: ERROR-CODE 0x0009: ERROR-CODE
0x000A: UNKNOWN-ATTRIBUTES 0x000A: UNKNOWN-ATTRIBUTES
0x000B: (Reserved; prior to [RFC5389] this was REFLECTED-FROM) 0x000B: (Reserved; prior to [RFC5389] this was REFLECTED-FROM)
0x0014: REALM 0x0014: REALM
0x0015: NONCE 0x0015: NONCE
skipping to change at page 64, line 9 skipping to change at page 64, line 9
Note: Before publication, the XX XX placeholder must be replaced by Note: Before publication, the XX XX placeholder must be replaced by
the value assigned to MESSAGE-INTEGRITY-SHA256 and USERHASH by the value assigned to MESSAGE-INTEGRITY-SHA256 and USERHASH by
IANA. The MESSAGE-INTEGRITY-SHA256 attribute value will need to IANA. The MESSAGE-INTEGRITY-SHA256 attribute value will need to
be updated after this. be updated after this.
Appendix C. Release notes Appendix C. Release notes
This section must be removed before publication as an RFC. This section must be removed before publication as an RFC.
C.1. Modifications between draft-ietf-tram-stunbis-18 and draft-ietf- C.1. Modifications between draft-ietf-tram-stunbis-19 and draft-ietf-
tram-stunbis-18
o Updates following Adam Roach DISCUSS and comments.
C.2. Modifications between draft-ietf-tram-stunbis-18 and draft-ietf-
tram-stunbis-17 tram-stunbis-17
o Nits. o Nits.
C.2. Modifications between draft-ietf-tram-stunbis-17 and draft-ietf- C.3. Modifications between draft-ietf-tram-stunbis-17 and draft-ietf-
tram-stunbis-16 tram-stunbis-16
o Modifications following IESG, GENART and SECDIR reviews. o Modifications following IESG, GENART and SECDIR reviews.
C.3. Modifications between draft-ietf-tram-stunbis-16 and draft-ietf- C.4. Modifications between draft-ietf-tram-stunbis-16 and draft-ietf-
tram-stunbis-15 tram-stunbis-15
o Replace "failure response" with "error response". o Replace "failure response" with "error response".
o Fix wrong section number. o Fix wrong section number.
o Use "Username anonymity" everywhere. o Use "Username anonymity" everywhere.
o Align with UTF-8 deprecation. o Align with UTF-8 deprecation.
skipping to change at page 65, line 16 skipping to change at page 65, line 21
o s/invalidate/revoke/. o s/invalidate/revoke/.
o Removed sentences about checking USERHASH in responses, as this o Removed sentences about checking USERHASH in responses, as this
should not happen. should not happen.
o Specify that ALTERNATE-SERVER carries an IP address. o Specify that ALTERNATE-SERVER carries an IP address.
o More modifications following review... o More modifications following review...
C.4. Modifications between draft-ietf-tram-stunbis-15 and draft-ietf- C.5. Modifications between draft-ietf-tram-stunbis-15 and draft-ietf-
tram-stunbis-14 tram-stunbis-14
o Reverted the RFC 2119 boilerplate to what was in RFC 5389. o Reverted the RFC 2119 boilerplate to what was in RFC 5389.
o Reverted the V.42 reference to the 2002 version. o Reverted the V.42 reference to the 2002 version.
o Updated some references. o Updated some references.
C.5. Modifications between draft-ietf-tram-stunbis-14 and draft-ietf- C.6. Modifications between draft-ietf-tram-stunbis-14 and draft-ietf-
tram-stunbis-13 tram-stunbis-13
o Reorder the paragraphs in section 9.1.4. o Reorder the paragraphs in section 9.1.4.
o The realm is now processed through Opaque in section 9.2.2. o The realm is now processed through Opaque in section 9.2.2.
o Make clear in section 9.2.4 that it is an exclusive-xor. o Make clear in section 9.2.4 that it is an exclusive-xor.
o Removed text that implied that nonce sharing was explicitly o Removed text that implied that nonce sharing was explicitly
permitted in RFC 5389. permitted in RFC 5389.
o In same section, s/username/value/ for USERCASH. o In same section, s/username/value/ for USERCASH.
o Modify the IANA requests to explicitly say that the reserved o Modify the IANA requests to explicitly say that the reserved
codepoints were prior to RFC 5389. codepoints were prior to RFC 5389.
C.6. Modifications between draft-ietf-tram-stunbis-13 and draft-ietf- C.7. Modifications between draft-ietf-tram-stunbis-13 and draft-ietf-
tram-stunbis-12 tram-stunbis-12
o Update references. o Update references.
o Fixes some text following Shepherd review. o Fixes some text following Shepherd review.
o Update co-author info. o Update co-author info.
C.7. Modifications between draft-ietf-tram-stunbis-12 and draft-ietf- C.8. Modifications between draft-ietf-tram-stunbis-12 and draft-ietf-
tram-stunbis-11 tram-stunbis-11
o Clarifies the procedure to define a new hash algorithm for o Clarifies the procedure to define a new hash algorithm for
message-integrity. message-integrity.
o Explain the procedure to deprecate SHA1 as message-integrity. o Explain the procedure to deprecate SHA1 as message-integrity.
o Added procedure for Happy Eyeballs (RFC 6555). o Added procedure for Happy Eyeballs (RFC 6555).
o Added verification that Happy Eyeballs works in the STUN Usage o Added verification that Happy Eyeballs works in the STUN Usage
checklist. checklist.
o Add reference to Base64 RFC. o Add reference to Base64 RFC.
o Changed co-author affiliation. o Changed co-author affiliation.
C.8. Modifications between draft-ietf-tram-stunbis-11 and draft-ietf- C.9. Modifications between draft-ietf-tram-stunbis-11 and draft-ietf-
tram-stunbis-10 tram-stunbis-10
o Made clear that the same HMAC than received in response of short o Made clear that the same HMAC than received in response of short
term credential must be used for subsequent transactions. term credential must be used for subsequent transactions.
o s/URL/URI/ o s/URL/URI/
o The "nonce cookie" is now mandatory to signal that SHA256 must be o The "nonce cookie" is now mandatory to signal that SHA256 must be
used in the next transaction. used in the next transaction.
o s/SHA1/SHA256/ o s/SHA1/SHA256/
o Changed co-author affiliation. o Changed co-author affiliation.
C.9. Modifications between draft-ietf-tram-stunbis-10 and draft-ietf- C.10. Modifications between draft-ietf-tram-stunbis-10 and draft-ietf-
tram-stunbis-09 tram-stunbis-09
o Removed the reserved value in the security registry, as it does o Removed the reserved value in the security registry, as it does
not make sense in a bitset. not make sense in a bitset.
o Updated change list. o Updated change list.
o Updated the minimum truncation size for M-I-256 to 16 bytes. o Updated the minimum truncation size for M-I-256 to 16 bytes.
o Changed the truncation order to match RFC 7518. o Changed the truncation order to match RFC 7518.
skipping to change at page 67, line 11 skipping to change at page 67, line 14
o Stated that STUN Usages have to explicitly state that they can use o Stated that STUN Usages have to explicitly state that they can use
truncation. truncation.
o Removed truncation from the MESSAGE-INTEGRITY attribute. o Removed truncation from the MESSAGE-INTEGRITY attribute.
o Add reference to C code in RFC 1952. o Add reference to C code in RFC 1952.
o Replaced RFC 2818 reference to RFC 6125. o Replaced RFC 2818 reference to RFC 6125.
C.10. Modifications between draft-ietf-tram-stunbis-09 and draft-ietf- C.11. Modifications between draft-ietf-tram-stunbis-09 and draft-ietf-
tram-stunbis-08 tram-stunbis-08
o Packets discarded in a reliable or unreliable transaction triggers o Packets discarded in a reliable or unreliable transaction triggers
an attack error instead of a timeout error. An attack error on a an attack error instead of a timeout error. An attack error on a
reliable transport is signaled immediately instead of waiting for reliable transport is signaled immediately instead of waiting for
the timeout. the timeout.
o Explicitly state that a received 400 response without o Explicitly state that a received 400 response without
authentication will be dropped until timeout. authentication will be dropped until timeout.
skipping to change at page 67, line 36 skipping to change at page 67, line 39
o The 401 and 438 error response to subsequent requests may use the o The 401 and 438 error response to subsequent requests may use the
previous NONCE/password to authenticate, if they are still previous NONCE/password to authenticate, if they are still
available. available.
o Change "401 Unauthorized" to "401 Unauthenticated" o Change "401 Unauthorized" to "401 Unauthenticated"
o Make clear that in some cases it is impossible to add a MI or MI2 o Make clear that in some cases it is impossible to add a MI or MI2
even if the text says SHOULD NOT. even if the text says SHOULD NOT.
C.11. Modifications between draft-ietf-tram-stunbis-08 and draft-ietf- C.12. Modifications between draft-ietf-tram-stunbis-08 and draft-ietf-
tram-stunbis-07 tram-stunbis-07
o Updated list of changes since RFC 5389. o Updated list of changes since RFC 5389.
o More examples are automatically generated. o More examples are automatically generated.
o Message integrity truncation is fixed at a multiple of 4 bytes, o Message integrity truncation is fixed at a multiple of 4 bytes,
because the padding will not decrease by more than this. because the padding will not decrease by more than this.
o USERHASH contains the 32 bytes of the hash, not a character o USERHASH contains the 32 bytes of the hash, not a character
string. string.
o Updated the example to use the USERHASH attribute and the modified o Updated the example to use the USERHASH attribute and the modified
NONCE attribute. NONCE attribute.
o Updated ICEbis reference. o Updated ICEbis reference.
C.12. Modifications between draft-ietf-tram-stunbis-07 and draft-ietf- C.13. Modifications between draft-ietf-tram-stunbis-07 and draft-ietf-
tram-stunbis-06 tram-stunbis-06
o Add USERHASH attribute to carry the hashed version of the o Add USERHASH attribute to carry the hashed version of the
username. username.
o Add IANA registry and nonce encoding for Security Features that o Add IANA registry and nonce encoding for Security Features that
need to be protected from bid-down attacks. need to be protected from bid-down attacks.
o Modified MESSAGE-INTEGRITY and MESSAGE-INTEGRITY-SHA256 to support o Modified MESSAGE-INTEGRITY and MESSAGE-INTEGRITY-SHA256 to support
truncation limits (pending cryptographic review), truncation limits (pending cryptographic review),
C.13. Modifications between draft-ietf-tram-stunbis-06 and draft-ietf- C.14. Modifications between draft-ietf-tram-stunbis-06 and draft-ietf-
tram-stunbis-05 tram-stunbis-05
o Changed I-D references to RFC references. o Changed I-D references to RFC references.
o Changed CHANGE-ADDRESS to CHANGE-REQUEST (Errata #4233). o Changed CHANGE-ADDRESS to CHANGE-REQUEST (Errata #4233).
o Added test vector for MESSAGE-INTEGRITY-SHA256. o Added test vector for MESSAGE-INTEGRITY-SHA256.
o Address additional review comments from Jonathan Lennox and o Address additional review comments from Jonathan Lennox and
Brandon Williams. Brandon Williams.
C.14. Modifications between draft-ietf-tram-stunbis-05 and draft-ietf- C.15. Modifications between draft-ietf-tram-stunbis-05 and draft-ietf-
tram-stunbis-04 tram-stunbis-04
o Address review comments from Jonathan Lennox and Brandon Williams. o Address review comments from Jonathan Lennox and Brandon Williams.
C.15. Modifications between draft-ietf-tram-stunbis-04 and draft-ietf- C.16. Modifications between draft-ietf-tram-stunbis-04 and draft-ietf-
tram-stunbis-03 tram-stunbis-03
o Remove SCTP. o Remove SCTP.
o Remove DANE. o Remove DANE.
o s/MESSAGE-INTEGRITY2/MESSAGE-INTEGRITY-SHA256/ o s/MESSAGE-INTEGRITY2/MESSAGE-INTEGRITY-SHA256/
o Remove Salted SHA256 password hash. o Remove Salted SHA256 password hash.
o The RTO delay between transactions is removed. o The RTO delay between transactions is removed.
o Make clear that reusing NONCE will trigger a wasted round trip. o Make clear that reusing NONCE will trigger a wasted round trip.
C.16. Modifications between draft-ietf-tram-stunbis-03 and draft-ietf- C.17. Modifications between draft-ietf-tram-stunbis-03 and draft-ietf-
tram-stunbis-02 tram-stunbis-02
o SCTP prefix is now 0b00000101 instead of 0x11. o SCTP prefix is now 0b00000101 instead of 0x11.
o Add SCTP at various places it was needed. o Add SCTP at various places it was needed.
o Update the hash agility plan to take in account HMAC-SHA-256. o Update the hash agility plan to take in account HMAC-SHA-256.
o Adds the bid-down attack on message-integrity in the security o Adds the bid-down attack on message-integrity in the security
section. section.
C.17. Modifications between draft-ietf-tram-stunbis-02 and draft-ietf- C.18. Modifications between draft-ietf-tram-stunbis-02 and draft-ietf-
tram-stunbis-01 tram-stunbis-01
o STUN hash algorithm agility (currently only SHA-1 is allowed). o STUN hash algorithm agility (currently only SHA-1 is allowed).
o Clarify terminology, text and guidance for STUN fragmentation. o Clarify terminology, text and guidance for STUN fragmentation.
o Clarify whether it's valid to share nonces across TURN o Clarify whether it's valid to share nonces across TURN
allocations. allocations.
o Prevent the server to allocate the same NONCE to clients with o Prevent the server to allocate the same NONCE to clients with
skipping to change at page 69, line 47 skipping to change at page 69, line 47
transactions, not to serial transactions. That prevents a 3RTT transactions, not to serial transactions. That prevents a 3RTT
delay between the first transaction and the second transaction delay between the first transaction and the second transaction
with long term authentication. with long term authentication.
o Add text saying ORIGIN can increase a request size beyond the MTU o Add text saying ORIGIN can increase a request size beyond the MTU
and so require an SCTPoUDP transport. and so require an SCTPoUDP transport.
o Move the Acknowledgments and Contributor sections to the end of o Move the Acknowledgments and Contributor sections to the end of
the document, in accordance with RFC 7322 section 4. the document, in accordance with RFC 7322 section 4.
C.18. Modifications between draft-ietf-tram-stunbis-01 and draft-ietf- C.19. Modifications between draft-ietf-tram-stunbis-01 and draft-ietf-
tram-stunbis-00 tram-stunbis-00
o Add negotiation mechanism for new password algorithms. o Add negotiation mechanism for new password algorithms.
o Describe the MESSAGE-INTEGRITY/MESSAGE-INTEGRITY2 protocol. o Describe the MESSAGE-INTEGRITY/MESSAGE-INTEGRITY2 protocol.
o Add support for SCTP to solve the fragmentation problem. o Add support for SCTP to solve the fragmentation problem.
o Merge RFC 7350: o Merge RFC 7350:
skipping to change at page 70, line 33 skipping to change at page 70, line 33
* DNS discovery is done from the URI. * DNS discovery is done from the URI.
* Reorganized the text about default ports. * Reorganized the text about default ports.
o Add more C snippets. o Add more C snippets.
o Make clear that the cached RTO is discarded only if there is no o Make clear that the cached RTO is discarded only if there is no
new transations for 10 minutes. new transations for 10 minutes.
C.19. Modifications between draft-salgueiro-tram-stunbis-02 and draft- C.20. Modifications between draft-salgueiro-tram-stunbis-02 and draft-
ietf-tram-stunbis-00 ietf-tram-stunbis-00
o Draft adopted as WG item. o Draft adopted as WG item.
C.20. Modifications between draft-salgueiro-tram-stunbis-02 and draft- C.21. Modifications between draft-salgueiro-tram-stunbis-02 and draft-
salgueiro-tram-stunbis-01 salgueiro-tram-stunbis-01
o Add definition of MESSAGE-INTEGRITY2. o Add definition of MESSAGE-INTEGRITY2.
o Update text and reference from RFC 2988 to RFC 6298. o Update text and reference from RFC 2988 to RFC 6298.
o s/The IAB has mandated/The IAB has suggested/ (Errata #3737). o s/The IAB has mandated/The IAB has suggested/ (Errata #3737).
o Fix the figure for the UNKNOWN-ATTRIBUTES (Errata #2972). o Fix the figure for the UNKNOWN-ATTRIBUTES (Errata #2972).
skipping to change at page 71, line 19 skipping to change at page 71, line 19
o Update text and reference from RFC 2988 to RFC 6298. o Update text and reference from RFC 2988 to RFC 6298.
o s/The IAB has mandated/The IAB has suggested/ (Errata #3737). o s/The IAB has mandated/The IAB has suggested/ (Errata #3737).
o Fix the figure for the UNKNOWN-ATTRIBUTES (Errata #2972). o Fix the figure for the UNKNOWN-ATTRIBUTES (Errata #2972).
o Fix section number and make clear that the original domain name is o Fix section number and make clear that the original domain name is
used for the server certificate verification. This is consistent used for the server certificate verification. This is consistent
with what RFC 5922 (section 4) is doing. (Errata #2010) with what RFC 5922 (section 4) is doing. (Errata #2010)
C.21. Modifications between draft-salgueiro-tram-stunbis-01 and draft- C.22. Modifications between draft-salgueiro-tram-stunbis-01 and draft-
salgueiro-tram-stunbis-00 salgueiro-tram-stunbis-00
o Restore the RFC 5389 text. o Restore the RFC 5389 text.
o Add list of open issues. o Add list of open issues.
Acknowledgements Acknowledgements
Thanks to Michael Tuexen, Tirumaleswar Reddy, Oleg Moskalenko, Simon Thanks to Michael Tuexen, Tirumaleswar Reddy, Oleg Moskalenko, Simon
Perreault, Benjamin Schwartz, Rifaat Shekh-Yusef, Alan Johnston, Perreault, Benjamin Schwartz, Rifaat Shekh-Yusef, Alan Johnston,
 End of changes. 52 change blocks. 
62 lines changed or deleted 64 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/