Re: [Gen-art] Gen-ART LC review of draft-ietf-sipping-cc-transfer-10.txt
Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 07 October 2008 20:39 UTC
Return-Path: <gen-art-bounces@ietf.org>
X-Original-To: gen-art-archive@optimus.ietf.org
Delivered-To: ietfarch-gen-art-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A90DE3A6A89; Tue, 7 Oct 2008 13:39:58 -0700 (PDT)
X-Original-To: gen-art@core3.amsl.com
Delivered-To: gen-art@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 37A4C3A6B9C for <gen-art@core3.amsl.com>; Tue, 7 Oct 2008 13:39:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.516
X-Spam-Level:
X-Spam-Status: No, score=-2.516 tagged_above=-999 required=5 tests=[AWL=0.083, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 83uXTbdFzPz1 for <gen-art@core3.amsl.com>; Tue, 7 Oct 2008 13:39:55 -0700 (PDT)
Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.225]) by core3.amsl.com (Postfix) with ESMTP id A43353A6A89 for <gen-art@ietf.org>; Tue, 7 Oct 2008 13:39:55 -0700 (PDT)
Received: by rv-out-0506.google.com with SMTP id b25so3343672rvf.49 for <gen-art@ietf.org>; Tue, 07 Oct 2008 13:40:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :organization:user-agent:mime-version:to:cc:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=LIisl2K3s+l6JuxK1KBLzQRMkbYJZWofUvDsAbIix0A=; b=ev+BLvPKoFwBOJ5XQWua9+FQGvDCZOvexHeTllnxi9yBLbwzZZFnCx7KWGUF53lZYd pioMZ9UqlOrDeqIiUDJCiOYZybNOgdzFMX7RiNa/iYW02sQnxhoiawFag1DvlFsZJyNb 3m0cDyjQWfgf2EQzsPUdJAQOCPve4MxlbW2Us=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; b=Ons49MnVZW8mAN4NrrN0kyLGBWjG1v3Dqx07L/YF7nTAPjHlt5+pjYD5SWYWB997AR UIUHcBhzg0V531AfpzbiHWsWTuXuN8RTggjMUE+MaxVtsHBF2a8r5zsNtw0eylva4w0e yg8f3vgXKuBklm3yLHaWJEMeIGobA1hPcjZVA=
Received: by 10.141.71.14 with SMTP id y14mr4284645rvk.24.1223412034451; Tue, 07 Oct 2008 13:40:34 -0700 (PDT)
Received: from ?130.216.38.124? (stf-brian.sfac.auckland.ac.nz [130.216.38.124]) by mx.google.com with ESMTPS id b8sm31028462rvf.4.2008.10.07.13.40.31 (version=SSLv3 cipher=RC4-MD5); Tue, 07 Oct 2008 13:40:33 -0700 (PDT)
Message-ID: <48EBC93D.30802@gmail.com>
Date: Wed, 08 Oct 2008 09:40:29 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Alan Johnston <alan@sipstation.com>
References: <48E9338D.7040207@gmail.com> <48EA2DD5.1080108@sipstation.com> <48EA8A1F.2050407@gmail.com> <48EB7571.70403@sipstation.com>
In-Reply-To: <48EB7571.70403@sipstation.com>
Cc: draft-ietf-sipping-cc-transfer@tools.ietf.org, General Area Review Team <gen-art@ietf.org>, sipping-chairs@tools.ietf.org, Jon Peterson <jon.peterson@neustar.biz>
Subject: Re: [Gen-art] Gen-ART LC review of draft-ietf-sipping-cc-transfer-10.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Sender: gen-art-bounces@ietf.org
Errors-To: gen-art-bounces@ietf.org
OK, this looks good to me. Thanks Brian On 2008-10-08 03:42, Alan Johnston wrote: > Brian, > > Some suggested text below. > > Thanks, > Alan > > Brian E Carpenter wrote: >> Thanks Alan, there are clearly no show stoppers here, >> just a few points where you can consider clarifying the >> text. >> >> >>> AJ> No, the call flows are not normative - there are too many >>> variations to do this. >>> >> >> I definitely suggest saying that in the text in a slightly more >> formal way. >> >> > How about if we paraphrase text from RFC 3665 and RFC 3666 to say: > > " This document does not prescribe the flows precisely as they are > shown, but rather the flows illustrate the principles for best > practice for the transfer feature. The call flows represent > well-reviewed > examples of SIP usage to implement transfer with REFER, > which are best common practice according to IETF consensus." >>> AJ> Are you concerned about being in a video session with one party >>> then suddenly being in a video session with another party? Or are you >>> concerned that an audio call could suddenly add video after a transfer >>> without getting the user's permission? If the latter, this is an issue >>> that we should have dealt with in Replaces RFC 3891. >>> >> >> The latter. It might be worth a small note in the Security section; I can >> see that it's a generic issue with Replaces, but it seems especially >> acute in the case of a transfer to a 3rd party, and the UA should at >> least warn the user. ("Smile, you're on TV" ;-) >> > > I agree - I say this about Replaces in the Security Considerations section: > > An INVITE containing a Replaces header field should only be accepted > if it has been properly authenticated and authorized using standard > SIP mechanisms, and the requestor is authorized to perform dialog > replacement. Special care is needed if the replaced dialog utilizes > additional > media streams compared to the original dialog. In this case, the user > MUST authorize the addition > of new media streams in a dialog replacement. For example, the same > mechanism > used to authorize the addition of a media stream in a re-INVITE could > be used. > > >> Brian >> >> On 2008-10-07 04:25, Alan Johnston wrote: >> >>> Brian, >>> >>> Thanks for your review of the document. See my answers and comments >>> below marked with AJ> >>> >>> Thanks, >>> Alan >>> >>> >>> Brian E Carpenter wrote: >>> >>>> >>>> >>>> >>>> >>>> >>>> >>> I have been selected as the General Area Review Team (Gen-ART) reviewer >>> for this draft (for background on Gen-ART, please see >>> http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html). >>> Please resolve these comments along with any other Last Call comments >>> you may receive. >>> Document: draft-ietf-sipping-cc-transfer-10.txt >>> Reviewer: Brian Carpenter >>> Review Date: 2008-10-06 >>> IETF LC End Date: 2008-10-10 >>> IESG Telechat date: (if known) >>> >>> Summary: Almost ready >>> >>> Comments: >>> >>> This looks almost ready but I have some questions for clarification. >>> I have not reviewed the call flows and examples in detail. >>> >>> >>>> 4. Requirements >>>> >>> I'm not sure why the RFC2119 upper case keywords are used in >>> this section; it isn't specifying either a protocol or operational >>> practices. >>> >>> AJ> You are correct - when these requirements were written (about 5 >>> years ago), this was common but perhaps it is not now. I'm fine with >>> removing the RFC 2119 keywords. >>> >>> >>>> 5. Using REFER to achieve Call Transfer >>>> >>>> A REFER [RFC3515] can be issued by the Transferor to cause the >>>> Transferee to issue an INVITE to the Transfer-Target. >>>> >>> Conversely, I found it hard in sections 5 through 11 to figure out >>> what was normative and what was illustrative. Does that "can be" >>> imply that there may be another method? >>> >>> AJ> Yes - there are many approaches to achieve a call transfer with >>> SIP. It can be done using 3PCC, re-INVITE, or a B2BUA. However, only >>> the usage of REFER requires SIP extensions and conventions - hence this >>> document. >>> >>> I found no MUSTs, two SHOULDs, >>> one NOT RECOMMENDED, and one MAY. There are some lower case >>> "shoulds" - are they normative? >>> AJ> Here are the lower case shoulds and one lower case must: >>> >>> Section 5: >>> >>> "If the nature of >>> the Contact URI is not known or if support for the target-dialog >>> extension is not known, the REFER should be sent inside the existing >>> dialog. A Transferee must be prepared to receive a REFER either >>> inside or outside a dialog. " >>> >>> Section 6: >>> >>> "The participants in a basic transfer should indicate support for the >>> REFER and NOTIFY methods in Allow header fields in INVITE, 200 OK to >>> INVITE, and OPTIONS messages. Participants should also indicate >>> support for Target-Dialog in the Supported header field." >>> >>> Section 7.3: >>> >>> " The Contact URI of the Transfer Target SHOULD be used by the >>> Transferor as the Refer-To URI, unless the URI is suspected or known >>> to not be routable outside the dialog. Otherwise, the Address of >>> Record (AOR) of the Transfer Target should be used. That is, the >>> same URI that the Transferor used to establish the session with the >>> Transfer Target should be used. In case the triggered INVITE is >>> routed to a different User Agent than the Transfer Target, the >>> Require: replaces header field should be used in the triggered >>> INVITE. (This is to prevent an incorrect User Agent which does not >>> support Replaces from ignoring the Replaces and answering the INVITE >>> without a dialog match.)" >>> >>> AJ> I'm OK with making these shoulds normative and the one must. >>> >>> Are the call flows normative? If so, >>> I think this should be stated explicitly in section 5. >>> >>> AJ> No, the call flows are not normative - there are too many >>> variations to do this. >>> >>> [I-D.ietf-sip-gruu] seems to me to be a normative reference. >>> It's the only mechanism offered to solve the problem of knowing whether >>> a "Contact URI is routable outside a dialog" and it's used in 6.1 >>> and 7.3 and listed as "supported" throughout the examples. >>> >>> AJ> No, it is not the only way. See Section 5: >>> >>> " One way that a Transferor could know >>> that a Contact URI is routable outside a dialog is by validation >>> (e.g. sending an OPTIONS and receiving a response) or if it satisfies >>> the properties described in the GRUU specification >>> [I-D.ietf-sip-gruu]." >>> >>> Also, note that this spec doesn't require the GRUU specification and >>> mechanism, but just GRUU properties in the Contact URI. The working >>> group has discussed this a few times and each time agreed to not make >>> GRUU mandatory or normative to this document. >>> >>> ≠≠≠≠____________________________________________________________ >>> Minor questions: >>> >>> >>>> 4. Requirements >>>> >>>> 1. Any party in a SIP session MUST be able to transfer any other >>>> party in that session at any point in that session. >>>> >>> Does "at any point" include session establishment and teardown? >>> >>> AJ> No, once either side has sent a BYE, the session is dead and there >>> is no way to perform a transfer. >>> >>> >>>> 5. Using REFER to achieve Call Transfer >>>> >>> ... >>> >>>> The media negotiated between the transferee and the >>>> transfer target is not affected by the media that had been >>>> negotiated >>>> between the transferor and the transferee. >>>> >>> I have a small concern about privacy issues there. For example, could >>> the >>> Transfer-Target find itself in a video session after a transfer, both >>> unexpectedly and unintentionally from the user's point of view? >>> >>> AJ> Are you concerned about being in a video session with one party >>> then suddenly being in a video session with another party? Or are you >>> concerned that an audio call could suddenly add video after a transfer >>> without getting the user's permission? If the latter, this is an issue >>> that we should have dealt with in Replaces RFC 3891. RFC 3891 tends to >>> assume that the same media types are in both the replaced and replacing >>> sessions. It does talk about rejecting the INVITE if the replacing >>> media type is incompatible, but this doesn't cover a case of adding a >>> new media type. The solution to this would be for the recipient of the >>> INVITE with Replaces alert the user of any new media types before >>> accepting them, or only accept the same media types as the replaced >>> session and declining any new media types. The new media types could >>> then be explicitly turned on by either party using a re-INVITE which >>> would trigger normal authorization policies and procedures. >>> >>> >>> >>> ≠≠≠≠____________________________________________________________ >>> Typo at the end of section 11.1: >>> >>> (This might easily be missed in editing.) >>> >>> >>>> If the >>>> gateway supports more than one truck group, >>>> >>> s/truck/trunk/ >>> >>> >>> >>> >> >> >> >> > > _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art
- [Gen-art] Gen-ART LC review of draft-ietf-sipping… Brian E Carpenter
- Re: [Gen-art] Gen-ART LC review of draft-ietf-sip… Brian E Carpenter
- Re: [Gen-art] Gen-ART LC review of draft-ietf-sip… Alan Johnston
- Re: [Gen-art] Gen-ART LC review of draft-ietf-sip… Brian E Carpenter