Re: [Gen-art] Gen-ART Last Call review of draft-ietf-cuss-sip-uui-reqs-06
Ben Campbell <ben@nostrum.com> Tue, 01 November 2011 19:01 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30AED1F0D0A; Tue, 1 Nov 2011 12:01:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.487
X-Spam-Level:
X-Spam-Status: No, score=-102.487 tagged_above=-999 required=5 tests=[AWL=-0.113, BAYES_00=-2.599, SARE_SUB_OBFU_Q1=0.227, SPF_PASS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9BXRktIDDwhv; Tue, 1 Nov 2011 12:01:50 -0700 (PDT)
Received: from nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:267::2]) by ietfa.amsl.com (Postfix) with ESMTP id 6E2F51F0CD3; Tue, 1 Nov 2011 12:01:25 -0700 (PDT)
Received: from [10.0.1.19] (cpe-76-187-75-59.tx.res.rr.com [76.187.75.59]) (authenticated bits=0) by nostrum.com (8.14.3/8.14.3) with ESMTP id pA1J1G8A005684 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 1 Nov 2011 14:01:18 -0500 (CDT) (envelope-from ben@nostrum.com)
Mime-Version: 1.0 (Apple Message framework v1251.1)
Content-Type: text/plain; charset="windows-1252"
From: Ben Campbell <ben@nostrum.com>
In-Reply-To: <CAEDAC25-7873-4DC7-9B93-C1EB1951FF9E@gmail.com>
Date: Tue, 01 Nov 2011 14:01:15 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <9F4E0F23-DEE4-4BE6-97B7-49701F919E99@nostrum.com>
References: <24518BC2-479A-4413-B69B-7DC5589751DC@nostrum.com> <CAEDAC25-7873-4DC7-9B93-C1EB1951FF9E@gmail.com>
To: Alan Johnston <alan.b.johnston@gmail.com>
X-Mailer: Apple Mail (2.1251.1)
Received-SPF: pass (nostrum.com: 76.187.75.59 is authenticated by a trusted mechanism)
Cc: "gen-art@ietf.org Review Team" <gen-art@ietf.org>, draft-ietf-cuss-sip-uui-reqs.all@tools.ietf.org, "Cuss@ietf.org" <cuss@ietf.org>
Subject: Re: [Gen-art] Gen-ART Last Call review of draft-ietf-cuss-sip-uui-reqs-06
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2011 19:01:51 -0000
Hi Alan, That resolves all my concerns. However, it might be helpful to include the two following explanations in the draft text. Thanks! Ben. On Oct 27, 2011, at 10:53 AM, Alan Johnston wrote: […] >> >> >> -- REQ-12: >> >> What degree of certainty is required here? (i.e. strong identity?) If implied by the SIP dialog, does that impact expectations on what sort of authn must happen at the SIP layer? > > This is not meant to imply strong identity. And since UUI data can appear in a response, there aren't really any strong methods available with SIP. The UUI mechanism does not introduce stronger authorization requirements for SIP, but instead the mechanism needs to be able to utilize existing SIP approaches. > >> >> -- REQ 13: >> >> I'm not sure I understand how this interacts with the ability for intermediaries to remove UUI. Should this be detectable by the endpoints? Or is that ability limited to the hop-by-hop case, or require no integrity protection? > > Yes, there are tradeoffs between this requirement and requirement REQ-9. Hop-by-hop protection is one way to resolve this interaction. […]
- [Gen-art] Gen-ART Last Call review of draft-ietf-… Ben Campbell
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Alan Johnston
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Ben Campbell