Document Action: 'Transcoding Services Invocation in the Session Initiation Protocol (SIP) Using Third Party Call Control (3pcc)' to Informational RFC
The IESG <iesg-secretary@ietf.org> Wed, 24 November 2004 16:57 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA10347; Wed, 24 Nov 2004 11:57:18 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CX0WB-0006f3-Ms; Wed, 24 Nov 2004 12:01:23 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CX0Ew-0006aC-Fv; Wed, 24 Nov 2004 11:43:34 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CX09s-0005YU-S5; Wed, 24 Nov 2004 11:38:21 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA08769; Wed, 24 Nov 2004 11:38:18 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CX0Dm-0004or-Re; Wed, 24 Nov 2004 11:42:23 -0500
Received: from apache by megatron.ietf.org with local (Exim 4.32) id 1CX054-0004PR-RS; Wed, 24 Nov 2004 11:33:22 -0500
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <E1CX054-0004PR-RS@megatron.ietf.org>
Date: Wed, 24 Nov 2004 11:33:22 -0500
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d185fa790257f526fedfd5d01ed9c976
Cc: sipping chair <rohan@ekabal.com>, Internet Architecture Board <iab@iab.org>, sipping chair <dean.willis@softarmor.com>, sipping mailing list <sipping@ietf.org>, sipping chair <gonzalo.camarillo@ericsson.com>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Document Action: 'Transcoding Services Invocation in the Session Initiation Protocol (SIP) Using Third Party Call Control (3pcc)' to Informational RFC
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Sender: ietf-announce-bounces@ietf.org
Errors-To: ietf-announce-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: c3a18ef96977fc9bcc21a621cbf1174b
The IESG has approved the following document:
- 'Transcoding Services Invocation in the Session Initiation Protocol (SIP)
Using Third Party Call Control (3pcc) '
<draft-ietf-sipping-transc-3pcc-02.txt> as an Informational RFC
This document is the product of the Session Initiation Proposal Investigation
Working Group.
The IESG contact persons are Allison Mankin and Jon Peterson.
RFC Editor Notes
Page 6, second to last paragraph:
OLD:
B may want to hide its capabilities,
NEW:
B may want to hide its lack of native capabilities,
------------
Page 9, last paragraph: Expand FID acronym.
OLD:
There are various possible solutions for this problem. One solution
consists of using the SDP group attribute with FID semantics [3]
NEW:
There are various possible solutions for this problem. One solution
consists of using the SDP group attribute with FID (Flow Identification)
semantics [3]
-----------
Section 3.5. Add the following paragraph after the second paragraph of
the section:
NEW:
Note this example uses unidirectional media streams (i.e., sendonly or
recvonly) to clearly identify which transcoder handles media in which
direction. Nevertheless, nothing precludes the use of bidirectional
streams in this scenario. They could be used, for example, by a human
relay to ask for clarifications (e.g., I did not get that, could you
repeat, please?) to the party he or she is receiving media from.
---------
OLD:
4 Security Considerations
This document describes how to use third party call control to invoke
transcoding services. It does not introduce new security
considerations besides the ones discussed in [2].
NEW:
4 Security Considerations
RFC 3725 [2] discusses security considerations which relate to the use
of third party call control in SIP. These considerations apply to this
document, since it describes how to use third party call control to
invoke transcoding services.
In particular, RFC 3725 states that end-to-end media security is based
on the exchange of keying material within SDP and depends on the
controller behaving properly. That is, the controller should not try to
disable the security mechanisms offered by the other parties. As a
result, it is trivially possible for the controller to insert itself
as an intermediary on the media exchange, if it should so desire.
In this document, the controller is the UA invoking the transcoder, and
there is a media session established using third party call control
between the remote UA and the transcoder. Consequently, the attack
described in RFC 3725 does not constitute a threat because the
controller is the UA invoking the transcoding service and it has access
to the media anyway by definition. So, it seems unlikely that a UA
attempts to launch an attack against its own session by disabling
security between the transcoder and the remote UA.
Regarding end-to-end media security from the UAs' point of view, the
transcoder needs access to the media in order perform its function. So,
by definition, the transcoder behaves as a man in the middle. UAs that
do not want to a particular transcoder to have access to all the media
exchanged between them can use a different transcoder for each
direction. In addition, UAs can use different transcoders for different
media types.
_______________________________________________
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce