Menu

#219 Via, Stateful Proxies

Fix - Discussed/Resolved
open-invalid
Martin Stiemerling
Editorial (46)
5
2010-06-30
2010-04-23
Martin Stiemerling
No

From Wolfgang:
I'm not sure if the usage of Via in RTSP is a good idea. Judging from
the error codes, a proxy is expected to wait for responses and send a
504 Gateway Timeout if it doesn't receive one. This means it has to
keep state anyway. If we keep Via, the Security Considerations section
should mention the dangers associated with all source-routing schemes.

Discussion

  • Martin Stiemerling

    Martin Stiemerling - 2010-06-30

    Hi Jamie,

    Thanks for your reply, this also helps me in reflecting Via and proxies.

    > -----Original Message-----
    > From: mmusic-bounces@ietf.org [mailto:mmusic-bounces@ietf.org] On
    > Behalf Of Jamie Gordon
    > Sent: Wednesday, June 30, 2010 3:33 AM
    > To: Martin Stiemerling
    > Cc: mmusic
    > Subject: Re: [MMUSIC] RTSP 2.0 issue: Via, Stateful Proxies
    >
    > The Via header is the only way a proxy can identify itself to the
    > end-points (and any other proxies along the way). Nodes do sometimes
    > need to know whether there is a proxy present, or what proxy/proxies
    > are
    > there, much like User-Agent and Server headers. Are there really any
    > security considerations that are not covered by the current text?

    I guess the original comment is somewhat impacted by SIP, where the "Via" header is used for loop-detection and also for routing messages. Loop-detection sounds easy, also for RTSP.

    However, RTSP is not using, at least to my understanding, the "Via" header to route messages, but solely, as you've said, to identify proxy instances. One fact is that there are TCP connections used, vs. mainly UDP in SIP.

    >
    > I'd object to outright removal of the the Via header. I think it really
    > needs to be either kept or replaced by a simpler header, like just a
    > list of User-Agent/Server type identifiers. I don't see any use for the
    > host|pseudonym.
    >
    > There is nothing in the RFC that says a proxy MUST wait and send a 504
    > timeout. The error code is defined, so proxies that do have such state
    > handling can respond appropriately, whereas those that do not may
    > simply not respond if the server does not respond.

    That's right. I have been at least confused by the current text that does not explicitly state whether proxies need to keep state or not. But I see this as an implementation part, not part of the protocol spec. However, it took me a while to get a clear view about this.

    >
    >
    > But I'm not clear on what the Via header has to do with whether a proxy
    > needs to maintain state. I guess something to do with the host portion
    > that may be used in some way by fully stateless proxies - I suspect I
    > may have had my head down and missed some previous discussion on that
    > topic!

    This seems to be a mixing of SIP usage and what RTSP is doing. In SIP you can get away of 'Via' with state.

    I guess this issue is closed, i.e., the 'Via' header is kept as is. As long as nobody objects?

    Thank you,

    Martin

     

  • Martin Stiemerling

    Martin Stiemerling - 2010-06-30
    • milestone: --> Fix - Discussed/Resolved
     

  • Martin Stiemerling

    Martin Stiemerling - 2010-06-30
    • status: open --> open-invalid
     
MongoDB Logo MongoDB