IETF Logo Mail Archive

Re: [dispatch] New Version of draft-vanelburg-dispatch-private-network-ind

Mary Barnes <mary.ietf.barnes@gmail.com> Mon, 13 January 2014 20:38 UTC

Return-Path: <mary.ietf.barnes@gmail.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA7E41AE15D for <dispatch@ietfa.amsl.com>; Mon, 13 Jan 2014 12:38:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KWc9BCRiOL91 for <dispatch@ietfa.amsl.com>; Mon, 13 Jan 2014 12:38:00 -0800 (PST)
Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 39B841AE00F for <dispatch@ietf.org>; Mon, 13 Jan 2014 12:38:00 -0800 (PST)
Received: by mail-wi0-f170.google.com with SMTP id hq4so3602598wib.1 for <dispatch@ietf.org>; Mon, 13 Jan 2014 12:37:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=7xjhICGnYywn/SRZbgs3e52R/F1vNlRRi/V0qX+CF+Q=; b=W/g2eFMWK9yaOT3kFkpTkcJ0p5Ev5TKzO3kO7QYh0pFQy2wtvbUPmYAk806LSZeWg/ PezAcT6yHZk0y4WuJ7kalTnP/X8k6f82w+DpTPzJf/g1d/XMglJQrGJDXcJZPRjtMBEL LuJ+QkAu3ZNY252o2JK0c7KciNCIo4sI7fC0DzxkXQLThUAz7mVAc2V5Jg7Y79lv91Hr uqCPEmfGmlM7d/tDMNwmIroRavKHcVIFl7vafF7ask/WFZx0EnQg1gN5T5HIt2tFzONy oHFrzWPu3VIOh0ep8q0jVOR1RwtDicVN/pFmgIbLf/g7TJsA6FWgk8YB/+cQrd8drmSQ EuGQ==
MIME-Version: 1.0
X-Received: by 10.194.92.68 with SMTP id ck4mr23930347wjb.53.1389645468470; Mon, 13 Jan 2014 12:37:48 -0800 (PST)
Received: by 10.216.172.9 with HTTP; Mon, 13 Jan 2014 12:37:48 -0800 (PST)
In-Reply-To: <ED5D1877-02F1-4ED8-847A-4CDCBF80696C@ntt-at.com>
References: <20130912005949.3447.42089.idtracker@ietfa.amsl.com> <523124B0.2000305@ntt-at.co.jp> <CAHBDyN6oH7OYbq2E26Mo_7KOqx6JZ2mz3CWqQRpfoAXsyLb51A@mail.gmail.com> <CAHBDyN7yHUd3fLcGHE8BhBJevPSBDRsNhqL+HNjSecVmexL_xg@mail.gmail.com> <5863E5DF-F01A-44DC-B0E6-74D1763AE178@ntt-at.com> <949EF20990823C4C85C18D59AA11AD8B100BA1@FR712WXCHMBA11.zeu.alcatel-lucent.com> <CAHBDyN7JqzC93U_2rZHeKj=w9tro20zkEKhru9jLkTmqprSD4A@mail.gmail.com> <ED5D1877-02F1-4ED8-847A-4CDCBF80696C@ntt-at.com>
Date: Mon, 13 Jan 2014 14:37:48 -0600
Message-ID: <CAHBDyN5qD+2WEuoSNOUOtrkTWJGv+1g6C8x58jtCMkEQxpOFXw@mail.gmail.com>
From: Mary Barnes <mary.ietf.barnes@gmail.com>
To: Shida Schubert <shida@ntt-at.com>
Content-Type: multipart/alternative; boundary="047d7bf0d2de83131504efe00c06"
Cc: DISPATCH <dispatch@ietf.org>
Subject: Re: [dispatch] New Version of draft-vanelburg-dispatch-private-network-ind
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jan 2014 20:38:05 -0000

That works for me.


On Mon, Jan 13, 2014 at 2:32 PM, Shida Schubert <shida@ntt-at.com> wrote:

>
> Why don't we just reword it to say
>
>  "SIP proxy MAY insert the indication from R1"
>
>  Whether it is a can or MAY what we are ultimately trying to say is that
> proxy MAY insert the indication from R1 right? We are not preventing
> it and I am assuming as a spec, we want to let the implementer know
> that proxy MAY send requests with these values.
>
>  Regards
>   Shida
>
> On Jan 9, 2014, at 7:22 AM, Mary Barnes <mary.ietf.barnes@gmail.com>
> wrote:
>
> Then, why are those even requirements?
>
> Mary.
>
>
> On Thu, Jan 9, 2014 at 5:05 AM, DRAGE, Keith (Keith) <
> keith.drage@alcatel-lucent.com> wrote:
>
>>  The text from RFC 2119 states:
>>
>>
>> 5. MAY   This word, or the adjective "OPTIONAL", mean that an item is
>>    truly optional.  One vendor may choose to include the item because a
>>    particular marketplace requires it or because the vendor feels that
>>    it enhances the product while another vendor may omit the same item.
>>    An implementation which does not include a particular option MUST be
>>    prepared to interoperate with another implementation which does
>>    include the option, though perhaps with reduced functionality. In the
>>    same vein an implementation which does include a particular option
>>    MUST be prepared to interoperate with another implementation which
>>    does not include the option (except, of course, for the feature the
>>    option provides.)
>>
>>
>> My belief is that we are not defining an option here, and it is certainly not a vendor decision.Further we are not identifying an interoperability issue here.
>>
>> We are defining a possibility that a valid implementation can take.
>>
>>  If you go to the procedures you will see both these items are covered with "If <condition> MUST" type sentences. There is no specified optionality.
>>
>>  Keith
>>
>>   ------------------------------
>> *From:* dispatch [mailto:dispatch-bounces@ietf.org] *On Behalf Of *Shida
>> Schubert
>> *Sent:* 09 January 2014 06:30
>> *To:* Mary Barnes
>>
>> *Cc:* DISPATCH
>> *Subject:* Re: [dispatch] New Version of
>> draft-vanelburg-dispatch-private-network-ind
>>
>>
>>  Hi Mary;
>>
>>   Thanks for reviewing the document again.
>>
>>  On Jan 6, 2014, at 3:03 PM, Mary Barnes <mary.ietf.barnes@gmail.com>
>> wrote:
>>
>>  Hi all,
>>
>>  I have reviewed the revised version and I just a few final comments.
>>
>>  - Section 1.5, first bullet in the bulleted list: either change "an
>> emergency calls" to "an emergency call" or "emergency calls"
>>
>>
>>   I will fix it with "emergency calls"
>>
>>  - Section 3.6.  "require the Specifying a Spec (T)." -> "require
>> specifying a Spec(T)" or "require the specification of a Spec(T)"
>>
>>
>>  I will fix it with "require the specification of a Spec(T)"
>>
>>  - Section 5, I had suggested the the requirements be consistent in
>> usage of 2119 language.  One of the requirements (R6) was changed, but R2
>> and R3 were not.  Was there a specific reason not to make those suggested
>> changes?
>>
>>
>>  R2:   "The indication from R1 can be inserted by a SIP proxy" -> "The
>> indication from R1 MAY be inserted by a SIP proxy"
>> R3: "The indication from R1 can be removed by a SIP proxy" -> "The
>> indication from R1 MAY be removed by a SIP proxy"
>>
>>
>>   So I reverted the change after Keith told that the requirements above
>> is not stating
>> a normative behaviour and that he believes "can" is more appropriate.
>>
>>   I am okay either way.
>>
>>   I will create a version with "MAY".
>>
>>   Keith, please provide comments if you have a strong opposition to
>> changing it to "MAY".
>>
>>   Thanks!
>>   Shida
>>
>>
>>  Thanks,
>>  Mary.
>>
>>
>> On Tue, Oct 29, 2013 at 9:11 AM, Mary Barnes <mary.ietf.barnes@gmail.com>wrote:
>>
>>> In reviewing the document in preparation for the PROTO write-up, I have
>>> a few comments (minor and nits) that should be addressed prior to the
>>> document being progressed.
>>>
>>>  Regards,
>>> Mary.
>>>
>>>  Comments:
>>> ---------------
>>>
>>>  - General: domains used in this document must use a reserved domain
>>> such as "example.com" and must not use real domains. Thus, all
>>> occurrences of ericsson.com need to be changed to example.com
>>>
>>>  - Section 1.5.  Bulleted list, first bullet. I would suggest you just
>>> leave out the mention of LI.  Emergency services should be a sufficient
>>> example.
>>>
>>>  - Section 1.5, last numbered list, item 2.  I had a hard time groking
>>> this sentence and had to read several times. I would suggest rewording
>>> something like (if I've properly interpreted the intent):
>>> OLD:
>>>
>>>        Different nodes spanning over different networks may need to be
>>>        able to act differently on type of traffic, when implicit schemes
>>>        are used, it would require distribution of such enterprise
>>>        specific logic over multiple nodes in multiple operators.  That
>>>        is clearly not a manageable architecture and solution.
>>>
>>>
>>>  NEW:
>>>
>>>        Nodes spanning multiple networks often need to have different
>>>
>>>        behavior depending upon the type of traffic.  When this is done using implicit
>>>
>>>        schemes, enterprise specific logic must be distributed across multiple
>>>
>>>        nodes in multiple operator's networks.
>>>
>>>        That is clearly not a manageable architecture and solution.
>>>
>>>
>>>
>>>  - Section 1.5, last sentence.  I don't think that statement is
>>> sufficient for what this document is doing. I would suggest you change that
>>> sentence to something like the following:
>>> OLD:
>>>
>>>    Given the above background this document will formulate requirements
>>>    for SIP to support an explicit private network indication.
>>>
>>>
>>>  NEW:
>>>
>>>    Based on the background provided, this document formulates requirements
>>>    for SIP to support an explicit private network indication and defines
>>>
>>>    a P-header, P-Private-Network-Indication, to support those requirements.
>>>
>>>
>>>
>>>  - Section 3, next to last paragraph.  I'm not sure what is meant by
>>> "the filling out a Spec(T)". I don't see "filling" used as a concept in RFC
>>> 3324.  Perhaps, "specifying a Spec(T)" is more consistent with terminology
>>> in RFC 3324.
>>>
>>>  - Section 5.  In general, the requirements are not specific
>>> consistently - i.e., some use 2119 language and others not and there is not
>>> consistent capitalization.  I would suggest the following changes.
>>> R2:   "The indication from R1 can be inserted by a SIP proxy" -> "The
>>> indication from R1 MAY be inserted by a SIP proxy"
>>> R3: "The indication from R1 can be removed by a SIP proxy" -> "The
>>> indication from R1 MAY be removed by a SIP proxy"
>>> R6: "must" -> "MUST"
>>>
>>>  - Section 6, 2nd paragraph. The "can" in the first sentence should be
>>> a "MAY" and the sentence needs to be split into two:
>>> OLD:
>>>
>>>    A proxy server which handles a message can insert such a P-Private-
>>>    Network-Indication header field into the message based on
>>>    authentication of the source of a message, configuration or local
>>>    policy, and forward it to other proxies in the same administrative
>>>    domain or proxies in trusted domain to be handled as private network
>>>    traffic.
>>>
>>>
>>>  NEW:
>>>
>>>    A proxy server which handles a message MAY insert such a P-Private-
>>>    Network-Indication header field into the message based on
>>>    authentication of the source of a message, configuration or local
>>>    policy.  A proxy server MAY forward the message to other proxies in the
>>>
>>>    same administrative domain or proxies in a trusted
>>>
>>>    domain to be handled as private network traffic.
>>>
>>>
>>>
>>>  Section 9.  You should be explicit about the header name in this
>>> section.  The text in the first paragraph needs some work.  At a minimum
>>> you need to change the "not supposed to" to something more definitive as
>>> all security issues arise because someone does something they're not
>>> supposed to.   I would suggest at least making the following change:
>>> OLD:
>>>
>>>    The private network indication defined in this document is to be used
>>>    in an environment where elements are trusted and where attackers are
>>>    not supposed to have access to the protocol messages between those
>>>    elements.  Traffic protection between network elements is sometimes
>>>    achieved by using IPsec and sometimes by physical protection of the
>>>    network.  In any case, the environment where the private network
>>>    indication will be used ensures the integrity and the confidentiality
>>>    of the contents of this header field.
>>>
>>>  NEW:
>>>
>>>    The private network indication defined in this document MUST only be used
>>>    in an environment where elements are trusted and where attackers are
>>>    do not have access to the protocol messages between those
>>>    elements.  Traffic protection between network elements can be
>>>    achieved by using IPsec and sometimes by physical protection of the
>>>    network.  In any case, the environment where the private network
>>>    indication will be used ensures the integrity and the confidentiality
>>>    of the contents of this header field.
>>>
>>>
>>>
>>>  Nits:
>>> ------
>>> - Section 1.1:  "3rd-Generqation" -> 3rd-Generation
>>> - The terms "break-in" and "break-out" traffic are used several places
>>> in the document, but this term is never defined.  These terms should be
>>> defined in Section 3.
>>> - Figures should have Titles for readability
>>>
>>>
>>>
>>>  On Wed, Sep 11, 2013 at 9:19 PM, Mayumi Ohsugi <
>>> mayumi.ohsugi@ntt-at.co.jp> wrote:
>>>
>>>> Hi,
>>>>
>>>> I have submitted the following draft:
>>>>
>>>> http://www.ietf.org/internet-drafts/draft-vanelburg-
>>>> dispatch-private-network-ind-03.txt
>>>>
>>>> The draft reflects all the comments discussed in DISPATCH list.
>>>>
>>>> The major changes are as follows:
>>>>
>>>> - corrected the abstract
>>>> - corrected the term "common domain" to "pre-arranged domain"
>>>> - added 7.1.4 "P-Private-Network-Indication verification"
>>>> - editorial changes
>>>>
>>>>           Regards,
>>>> Mayumi
>>>> _______________________________________________
>>>> dispatch mailing list
>>>> dispatch@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/dispatch
>>>>
>>>
>>>
>>
>>
>
>

v2.23.0 | Report a Bug | By Email