Re: [Gen-art] Gen-ART LC review of draft-ietf-sipcore-proxy-feature-09.txt - Brian's comments
Brian E Carpenter <brian.e.carpenter@gmail.com> Mon, 10 September 2012 10:07 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 204C721F8616 for <gen-art@ietfa.amsl.com>; Mon, 10 Sep 2012 03:07:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.625
X-Spam-Level:
X-Spam-Status: No, score=-101.625 tagged_above=-999 required=5 tests=[AWL=0.066, BAYES_00=-2.599, RCVD_ILLEGAL_IP=1.908, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lhBfjtvEA9-A for <gen-art@ietfa.amsl.com>; Mon, 10 Sep 2012 03:07:06 -0700 (PDT)
Received: from mail-ey0-f172.google.com (mail-ey0-f172.google.com [209.85.215.172]) by ietfa.amsl.com (Postfix) with ESMTP id C16E421F8585 for <gen-art@ietf.org>; Mon, 10 Sep 2012 03:07:05 -0700 (PDT)
Received: by eaai11 with SMTP id i11so793968eaa.31 for <gen-art@ietf.org>; Mon, 10 Sep 2012 03:07:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=BupMtlv52ZXbgZoM4VndJVjuOZLxoEWCAxU3Vs4acXE=; b=VGWL78SKhQJbpUjBNFpQZvO0nyI+SdjPXofk6bnyXGW2dJk4MQz029a/51l2SIDlpc XM5SGp2a78uhlrA4ha9PC21fDChpgzQqp26rBSkYP34iOQAyJ9QxeEfFs/uex9kS7nD/ 1nPOGs3eWOd31gxMuW/e6dB9x35JyN/oYajwET9bgdir6xJuwooNmdHmF30haVN3+RCY 1+nQMWqkArv9eJoLBDo+zzXa3smSmyj/LuoO9uBJNbzc8MNOf2l4GmVh6c7rb7GnbXXZ 6PMyf4hcHFAJgM+04RZuapj5E03rPA4lCyhQeCijFkeqfAMBjydxRjoZRt08ez1WRLvE DbTA==
Received: by 10.14.219.198 with SMTP id m46mr18649257eep.18.1347271624999; Mon, 10 Sep 2012 03:07:04 -0700 (PDT)
Received: from [192.168.1.65] (host-2-102-218-175.as13285.net. [2.102.218.175]) by mx.google.com with ESMTPS id i41sm36690396eem.7.2012.09.10.03.07.02 (version=SSLv3 cipher=OTHER); Mon, 10 Sep 2012 03:07:04 -0700 (PDT)
Message-ID: <504DBBC7.9030205@gmail.com>
Date: Mon, 10 Sep 2012 11:07:03 +0100
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Christer Holmberg <christer.holmberg@ericsson.com>
References: <7F2072F1E0DE894DA4B517B93C6A0585340A53AC67@ESESSCMS0356.eemea.ericsson.se>
In-Reply-To: <7F2072F1E0DE894DA4B517B93C6A0585340A53AC67@ESESSCMS0356.eemea.ericsson.se>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: draft-ietf-sipcore-proxy-feature.all@tools.ietf.org, General Area Review Team <gen-art@ietf.org>
Subject: Re: [Gen-art] Gen-ART LC review of draft-ietf-sipcore-proxy-feature-09.txt - Brian's comments
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Sep 2012 10:07:07 -0000
Thanks, Christer and Paul. Your proposed changes seem fine to me. Regards Brian On 10/09/2012 10:45, Christer Holmberg wrote: > Hi Brian, > > Thanks for your review! Comments inline (<christer></christer>). > > (I also include Paul's comments) > > >> Comment: >> ------------- >> >> I have to say that this is a clear example of intentional feature creep >> in an already very complex protocol. I find it scary. I hope the WG has >> thought very carefully about the implications for successful interoperability. >> There's only a brief mention of this topic (Section 5.3.5). >> >> In future, I'd like to see this sort of document analysed against the RFC-to-be >> draft-iab-extension-recs, which is in AUTH48 right now. > > <paul> > > That is a nice draft! > > SIP already has many extension points. Most of them require standards action. Now and then, after careful consideration, we add one with looser requirements. One of those was RFC 3840 which introduced callee capabilities. That RFC intentionally introduced an a looser extension mechanism that can work for other SDOs, vendors, and end user organizations that would not use a mechanism that requires standards action. In retrospect we could have done a better job on that one - it allows use of feature tags that were defined for an unrelated purpose, as well as definition of new ones with minimal semantics. > > This draft is related to that. It is desired because of the widespread use of back to back user agents in sip deployments - entities that were not anticipated in the design of sip, that introduce new problems. > (Analogous to the problems introduced by NATs.) The earliest versions of this draft were extensions in the use of that mechanism. > > The draft has subsequently been changed (in response to prodding by me and others) to remedy some of the mistakes we made with 3840. It adds a specification requirement so that the semantics of proxy feature tags will always be available. And it only allows use of tags that were intended to be used with it. > > So I think this draft honors draft-iab-extension-recs. > > </paul> > > <christer> > > I have nothing to add to Paul's reply regarding this issue. > > </christer> > > > Regarding interop and 5.3.5: This draft introduces a new extension *mechanism*. Each newly defined tag is independent of all the others. So interop considerations need to be dealt with separately for each. > > I guess this could be more specific about which sorts of things must be discussed in this section of the profile. E.g. > - that the specification should make provision for its own revision > - what should be done if a sought-after tag is not present > - what should be done if a sought-after tag contains an unexpected value > > </paul> > > <christer> > > I could extend the paragraph: > > "If there are specific interoperability considerations that apply to > the feature capability indicator, the feature capability indicator > specification MUST document such considerations. > > Interoperability considerations can e.g. include procedures related > to cases where an expected feature capability indicator is not present, > or where it contains an unexpected value." > > </christer> > > > > ------------------------------------------------- > > >> Minor issues: >> ---------------- >> >> 4.2.1. General >> ... >> NOTE: It is not possible to, as a Feature-Caps header field value, >> convey the address of the SIP entity that inserted the Feature-Caps >> header field. >> >> I cannot parse this sentence. Does it mean this? >> >> NOTE: A Feature-Caps header field value cannot >> convey the address of the SIP entity that inserted the Feature-Caps >> header field. >> >> Or does it mean? >> >> NOTE: A Feature-Caps header field value MUST NOT >> convey the address of the SIP entity that inserted the Feature-Caps >> header field. > > <christer> > > The *first* alternative. I can replace the current note text with your suggested text. > > </christer> > > > ------------------------------------------------- > > >> For a given fc-value, as defined in section 5.3.1, feature capability >> indicators are listed in a non-priority order, and any order of the >> listed SIP feature capability indicators have the same meaning. >> >> This is very hard to understand. Does it mean this? >> >> For a given fc-value, as defined in section 5.3.1, the order in which >> feature capability indicators are listed has no significance. > > <christer> > > Correct. I can replace the current text with your suggested text. > > </christer> > > > ------------------------------------------------- > > >>> 9. Security Considerations >>> ... >>> Therefore, mechanisms for guaranteeing confidentiality and >>> authenticity SHOULD be provided. >> Is this SHOULD consistent with SIP in general? It seems to me that >> this is a case for "MUST be defined and SHOULD be activated." > > <paul> > > This could be better. In general the security of these tags is dependent on the security of the sip signaling. > There is little that the design of a particular tag can do to improve on this. So for the most part the issue is > to avoid specifying and/or using tags that won't be adequately secured by the signaling. I think this sentence > was trying to address information that might be carried as the value of a tag. So this would be a matter of > choosing values that don't expose things that ought remain confidential. > > </paul> > > <christer> > > (The SHOULD is taken from RFC 3840.) > > In some cases the information itself might not be confidential, e.g. because the procedures associated with the feature > will ensure that non-authorized users are able to use the feature. > > Maybe we could say something like: > > "Therefore, if the feature capability indicators provide sensitive information, mechanisms for guaranteeing confidentiality > and authenticity MUST be provided." > > </christer> > > > ------------------------------------------------- > > >> Nits: >> ----- >> >> I don't think that the labels "Figure 1" to "Figure 6" are useful. >> They are not referred to in the text, and they distract the reader. > > <christer> > > I can remove the labels. > > </christer> > > > ------------------------------------------------- > > > Regards, > > Christer > > >
- Re: [Gen-art] Gen-ART LC review of draft-ietf-sip… Christer Holmberg
- Re: [Gen-art] Gen-ART LC review of draft-ietf-sip… Brian E Carpenter