IETF Logo Mail Archive

Re: [Gen-art] Gen-ART LC review of draft-ietf-sipping-cc-transfer-10.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 07 October 2008 20:39 UTC

Return-Path: <gen-art-bounces@ietf.org>
X-Original-To: gen-art-archive@optimus.ietf.org
Delivered-To: ietfarch-gen-art-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A90DE3A6A89; Tue, 7 Oct 2008 13:39:58 -0700 (PDT)
X-Original-To: gen-art@core3.amsl.com
Delivered-To: gen-art@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 37A4C3A6B9C for <gen-art@core3.amsl.com>; Tue, 7 Oct 2008 13:39:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.516
X-Spam-Level:
X-Spam-Status: No, score=-2.516 tagged_above=-999 required=5 tests=[AWL=0.083, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 83uXTbdFzPz1 for <gen-art@core3.amsl.com>; Tue, 7 Oct 2008 13:39:55 -0700 (PDT)
Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.225]) by core3.amsl.com (Postfix) with ESMTP id A43353A6A89 for <gen-art@ietf.org>; Tue, 7 Oct 2008 13:39:55 -0700 (PDT)
Received: by rv-out-0506.google.com with SMTP id b25so3343672rvf.49 for <gen-art@ietf.org>; Tue, 07 Oct 2008 13:40:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :organization:user-agent:mime-version:to:cc:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=LIisl2K3s+l6JuxK1KBLzQRMkbYJZWofUvDsAbIix0A=; b=ev+BLvPKoFwBOJ5XQWua9+FQGvDCZOvexHeTllnxi9yBLbwzZZFnCx7KWGUF53lZYd pioMZ9UqlOrDeqIiUDJCiOYZybNOgdzFMX7RiNa/iYW02sQnxhoiawFag1DvlFsZJyNb 3m0cDyjQWfgf2EQzsPUdJAQOCPve4MxlbW2Us=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; b=Ons49MnVZW8mAN4NrrN0kyLGBWjG1v3Dqx07L/YF7nTAPjHlt5+pjYD5SWYWB997AR UIUHcBhzg0V531AfpzbiHWsWTuXuN8RTggjMUE+MaxVtsHBF2a8r5zsNtw0eylva4w0e yg8f3vgXKuBklm3yLHaWJEMeIGobA1hPcjZVA=
Received: by 10.141.71.14 with SMTP id y14mr4284645rvk.24.1223412034451; Tue, 07 Oct 2008 13:40:34 -0700 (PDT)
Received: from ?130.216.38.124? (stf-brian.sfac.auckland.ac.nz [130.216.38.124]) by mx.google.com with ESMTPS id b8sm31028462rvf.4.2008.10.07.13.40.31 (version=SSLv3 cipher=RC4-MD5); Tue, 07 Oct 2008 13:40:33 -0700 (PDT)
Message-ID: <48EBC93D.30802@gmail.com>
Date: Wed, 08 Oct 2008 09:40:29 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Alan Johnston <alan@sipstation.com>
References: <48E9338D.7040207@gmail.com> <48EA2DD5.1080108@sipstation.com> <48EA8A1F.2050407@gmail.com> <48EB7571.70403@sipstation.com>
In-Reply-To: <48EB7571.70403@sipstation.com>
Cc: draft-ietf-sipping-cc-transfer@tools.ietf.org, General Area Review Team <gen-art@ietf.org>, sipping-chairs@tools.ietf.org, Jon Peterson <jon.peterson@neustar.biz>
Subject: Re: [Gen-art] Gen-ART LC review of draft-ietf-sipping-cc-transfer-10.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Sender: gen-art-bounces@ietf.org
Errors-To: gen-art-bounces@ietf.org

OK, this looks good to me.

Thanks

   Brian

On 2008-10-08 03:42, Alan Johnston wrote:
> Brian,
> 
> Some suggested text below.
> 
> Thanks,
> Alan
> 
> Brian E Carpenter wrote:
>> Thanks Alan, there are clearly no show stoppers here,
>> just a few points where you can consider clarifying the
>> text.
>>
>>  
>>> AJ>  No, the call flows are not normative - there are too many
>>> variations to do this.
>>>     
>>
>> I definitely suggest saying that in the text in a slightly more
>> formal way.
>>
>>   
> How about if we paraphrase text from RFC 3665 and RFC 3666 to say:
> 
> "  This document does not prescribe the flows precisely as they are
>   shown, but rather the flows illustrate the principles for best
>   practice for the transfer feature.  The call flows represent
> well-reviewed
>   examples of SIP usage to implement transfer with REFER,
>   which are best common practice according to IETF consensus."
>>> AJ>  Are you concerned about being in a video session with one party
>>> then suddenly being in a video session with another party? Or are you
>>> concerned that an audio call could suddenly add video after a transfer
>>> without getting the user's permission?  If the latter, this is an issue
>>> that we should have dealt with in Replaces RFC 3891.
>>>     
>>
>> The latter. It might be worth a small note in the Security section; I can
>> see that it's a generic issue with Replaces, but it seems especially
>> acute in the case of a transfer to a 3rd party, and the UA should at
>> least warn the user. ("Smile, you're on TV" ;-)
>>   
> 
> I agree - I say this about Replaces in the Security Considerations section:
> 
>   An INVITE containing a Replaces header field should only be accepted
>   if it has been properly authenticated and authorized using standard
>   SIP mechanisms, and the requestor is authorized to perform dialog
>   replacement.  Special care is needed if the replaced dialog utilizes
> additional
>   media streams compared to the original dialog.  In this case, the user
> MUST authorize the addition
>   of new media streams in a dialog replacement.  For example, the same
> mechanism
>   used to authorize the addition of a media stream in a re-INVITE could
> be used.
> 
> 
>>    Brian
>>
>> On 2008-10-07 04:25, Alan Johnston wrote:
>>  
>>> Brian,
>>>
>>> Thanks for your review of the document.  See my answers and comments
>>> below marked with AJ>
>>>
>>> Thanks,
>>> Alan
>>>
>>>
>>> Brian E Carpenter wrote:
>>>    
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>         
>>> I have been selected as the General Area Review Team (Gen-ART) reviewer
>>> for this draft (for background on Gen-ART, please see
>>> http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
>>> Please resolve these comments along with any other Last Call comments
>>> you may receive.
>>> Document: draft-ietf-sipping-cc-transfer-10.txt
>>> Reviewer: Brian Carpenter
>>> Review Date: 2008-10-06
>>> IETF LC End Date: 2008-10-10
>>> IESG Telechat date: (if known)
>>>
>>> Summary: Almost ready
>>>
>>> Comments:
>>>
>>> This looks almost ready but I have some  questions for clarification.
>>> I have not reviewed the call flows and examples in detail.
>>>
>>>    
>>>> 4.  Requirements
>>>>       
>>> I'm not sure why the RFC2119 upper case keywords are used in
>>> this section; it isn't specifying either a protocol or operational
>>> practices.
>>>
>>> AJ> You are correct - when these requirements were written (about 5
>>> years ago), this was common but perhaps it is not now.  I'm fine with
>>> removing the RFC 2119 keywords.
>>>
>>>    
>>>> 5.  Using REFER to achieve Call Transfer
>>>>
>>>>    A REFER [RFC3515] can be issued by the Transferor to cause the
>>>>    Transferee to issue an INVITE to the Transfer-Target.
>>>>       
>>> Conversely, I found it hard in sections 5 through 11 to figure out
>>> what was normative and what was illustrative. Does that "can be"
>>> imply that there may be another method?
>>>
>>> AJ> Yes - there are many approaches to achieve a call transfer with
>>> SIP.  It can be done using 3PCC, re-INVITE, or a B2BUA.  However, only
>>> the usage of REFER requires SIP extensions and conventions - hence this
>>> document.
>>>
>>> I found no MUSTs, two SHOULDs,
>>> one NOT RECOMMENDED, and one MAY. There are some lower case
>>> "shoulds" - are they normative?
>>> AJ> Here are the lower case shoulds and one lower case must:
>>>
>>> Section 5:
>>>
>>> "If the nature of
>>>   the Contact URI is not known or if support for the target-dialog
>>>   extension is not known, the REFER should be sent inside the existing
>>>   dialog.  A Transferee must be prepared to receive a REFER either
>>>   inside or outside a dialog. "
>>>
>>> Section 6:
>>>
>>> "The participants in a basic transfer should indicate support for the
>>>   REFER and NOTIFY methods in Allow header fields in INVITE, 200 OK to
>>>   INVITE, and OPTIONS messages.  Participants should also indicate
>>>   support for Target-Dialog in the Supported header field."
>>>
>>> Section 7.3:
>>>
>>> "   The Contact URI of the Transfer Target SHOULD be used by the
>>>   Transferor as the Refer-To URI, unless the URI is suspected or known
>>>   to not be routable outside the dialog.  Otherwise, the Address of
>>>   Record (AOR) of the Transfer Target should be used.  That is, the
>>>   same URI that the Transferor used to establish the session with the
>>>   Transfer Target should be used.  In case the triggered INVITE is
>>>   routed to a different User Agent than the Transfer Target, the
>>>   Require: replaces header field should be used in the triggered
>>>   INVITE.  (This is to prevent an incorrect User Agent which does not
>>>   support Replaces from ignoring the Replaces and answering the INVITE
>>>   without a dialog match.)"
>>>
>>> AJ> I'm OK with making these shoulds normative and the one must.
>>>
>>> Are the call flows normative? If so,
>>> I think this should be stated explicitly in section 5.
>>>
>>> AJ>  No, the call flows are not normative - there are too many
>>> variations to do this.
>>>
>>> [I-D.ietf-sip-gruu] seems to me to be a normative reference.
>>> It's the only mechanism offered to solve the problem of knowing whether
>>> a "Contact URI is routable outside a dialog" and it's used in 6.1
>>> and 7.3 and listed as "supported" throughout the examples.
>>>
>>> AJ>  No, it is not the only way.  See Section 5:
>>>
>>> " One way that a Transferor could know
>>>   that a Contact URI is routable outside a dialog is by validation
>>>   (e.g. sending an OPTIONS and receiving a response) or if it satisfies
>>>   the properties described in the GRUU specification
>>>   [I-D.ietf-sip-gruu]."
>>>
>>> Also, note that this spec doesn't require the GRUU specification and
>>> mechanism, but just GRUU properties in the Contact URI.  The working
>>> group has discussed this a few times and each time agreed to not make
>>> GRUU mandatory or normative to this document.
>>>
>>> ≠≠≠≠____________________________________________________________
>>> Minor questions:
>>>
>>>    
>>>> 4.  Requirements
>>>>
>>>>    1.  Any party in a SIP session MUST be able to transfer any other
>>>>        party in that session at any point in that session.
>>>>       
>>> Does "at any point" include session establishment and teardown?
>>>
>>> AJ> No, once either side has sent a BYE, the session is dead and there
>>> is no way to perform a transfer.
>>>
>>>    
>>>> 5.  Using REFER to achieve Call Transfer
>>>>       
>>> ...
>>>    
>>>>        The media negotiated between the transferee and the
>>>>    transfer target is not affected by the media that had been
>>>> negotiated
>>>>    between the transferor and the transferee.
>>>>       
>>> I have a small concern about privacy issues there. For example, could
>>> the
>>> Transfer-Target find itself in a video session after a transfer, both
>>> unexpectedly and unintentionally from the user's point of view?
>>>
>>> AJ>  Are you concerned about being in a video session with one party
>>> then suddenly being in a video session with another party? Or are you
>>> concerned that an audio call could suddenly add video after a transfer
>>> without getting the user's permission?  If the latter, this is an issue
>>> that we should have dealt with in Replaces RFC 3891.  RFC 3891 tends to
>>> assume that the same media types are in both the replaced and replacing
>>> sessions.  It does talk about rejecting the INVITE if the replacing
>>> media type is incompatible, but this doesn't cover a case of adding a
>>> new media type.  The solution to this would be for the recipient of the
>>> INVITE with Replaces alert the user of any new media types before
>>> accepting them, or only accept the same media types as the replaced
>>> session and declining any new media types.  The new media types could
>>> then be explicitly turned on by either party using a re-INVITE which
>>> would trigger normal authorization policies and procedures.
>>>
>>>
>>>
>>> ≠≠≠≠____________________________________________________________
>>> Typo at the end of section 11.1:
>>>
>>> (This might easily be missed in editing.)
>>>
>>>    
>>>>           If the
>>>>    gateway supports more than one truck group,
>>>>       
>>> s/truck/trunk/
>>>
>>>
>>>
>>>     
>>
>>
>>
>>   
> 
> 

_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www.ietf.org/mailman/listinfo/gen-art

v2.23.0 | Report a Bug | By Email