A new IETF working group has been formed in the Transport Area. For additional information please contact the Area Directors or the WG Chairs. TURN Revised and Modernized (tram) ------------------------------------------------ Current Status: Proposed WG Chairs: Gonzalo Camarillo <gonzalo.camarillo@ericsson.com> Simon Perreault <simon.perreault@viagenie.ca> Assigned Area Director: Spencer Dawkins <spencerdawkins.ietf@gmail.com> Mailing list Address: tram@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/tram Archive: http://www.ietf.org/mail-archive/web/tram/current/maillist.html Charter: Traversal Using Relays around NAT (TURN) was published as RFC 5766 in April 2010. Until recently the protocol had seen rather limited deployment. This is largely because its primary use case is as one of the NAT traversal methods of the Interactive Connectivity Establishment (ICE) framework (RFC 5245), and ICE itself was slow to achieve widespread adoption, as other mechanisms were already being used by the VoIP industry. This situation has changed drastically as ICE, and consequently TURN, are mandatory to implement in WebRTC, a set of technologies developed at the IETF and W3C to standardize Real Time Communication on the Web. Together with the arrival of WebRTC, there is a renewed interest in TURN and ICE, as evidenced by recent work updating the ICE framework (still in progress), and standardizing the URIs used to access a STUN (RFC 7064) or TURN (RFC 7065) server. The goal of the TRAM Working Group is to consolidate the various initiatives to update TURN and STUN to make them more suitable for the WebRTC environment. The work will include the addition of DTLS as an additional transport, authentication mechanisms, and extensions to TURN and STUN. The Working Group will closely coordinate with the appropriate Working Groups, including RTCWEB, MMUSIC, and HTTPBIS. In developing upgrades to TURN, the group will consider the passive monitoring risks introduced by the centralization of call traffic through a TURN server. When such risks arise, they will recommend appropriate mitigations. For example, a mechanism for directing traffic to a TURN server other than one configured by the application could be used to direct calls through a TURN server configured to do monitoring. When such a mechanism is used, it is important that the endpoints to the call apply end-to-end encryption and authentication to ensure that they are protected from the TURN server. Milestones: Jul 2014 - Send draft adding DTLS as a transport for STUN/TURN to IESG Jul 2014 - Send analysis of problems with current TURN authentication to IESG Sep 2014 - Send new proposed standard TURN server discovery mechanism for enterprises and ISPs to IESG Nov 2014 - Send new proposed standard TURN authentication mechanism(s) to IESG Feb 2015 - Send STUN-bis draft to IESG Feb 2015 - Send TURN-bis draft to IESG
