Document Action: 'Transcoding Services Invocation in the Session Initiation Protocol (SIP) Using Third Party Call Control (3pcc)' to Informational RFC
The IESG <iesg-secretary@ietf.org> Wed, 24 November 2004 16:57 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA10347; Wed, 24 Nov 2004 11:57:18 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CX0WB-0006f3-Ms; Wed, 24 Nov 2004 12:01:23 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CX0Ew-0006aC-Fv; Wed, 24 Nov 2004 11:43:34 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CX09s-0005YU-S5; Wed, 24 Nov 2004 11:38:21 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA08769; Wed, 24 Nov 2004 11:38:18 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CX0Dm-0004or-Re; Wed, 24 Nov 2004 11:42:23 -0500
Received: from apache by megatron.ietf.org with local (Exim 4.32) id 1CX054-0004PR-RS; Wed, 24 Nov 2004 11:33:22 -0500
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <E1CX054-0004PR-RS@megatron.ietf.org>
Date: Wed, 24 Nov 2004 11:33:22 -0500
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d185fa790257f526fedfd5d01ed9c976
Cc: sipping chair <rohan@ekabal.com>, Internet Architecture Board <iab@iab.org>, sipping chair <dean.willis@softarmor.com>, sipping mailing list <sipping@ietf.org>, sipping chair <gonzalo.camarillo@ericsson.com>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Document Action: 'Transcoding Services Invocation in the Session Initiation Protocol (SIP) Using Third Party Call Control (3pcc)' to Informational RFC
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Sender: ietf-announce-bounces@ietf.org
Errors-To: ietf-announce-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: c3a18ef96977fc9bcc21a621cbf1174b
The IESG has approved the following document: - 'Transcoding Services Invocation in the Session Initiation Protocol (SIP) Using Third Party Call Control (3pcc) ' <draft-ietf-sipping-transc-3pcc-02.txt> as an Informational RFC This document is the product of the Session Initiation Proposal Investigation Working Group. The IESG contact persons are Allison Mankin and Jon Peterson. RFC Editor Notes Page 6, second to last paragraph: OLD: B may want to hide its capabilities, NEW: B may want to hide its lack of native capabilities, ------------ Page 9, last paragraph: Expand FID acronym. OLD: There are various possible solutions for this problem. One solution consists of using the SDP group attribute with FID semantics [3] NEW: There are various possible solutions for this problem. One solution consists of using the SDP group attribute with FID (Flow Identification) semantics [3] ----------- Section 3.5. Add the following paragraph after the second paragraph of the section: NEW: Note this example uses unidirectional media streams (i.e., sendonly or recvonly) to clearly identify which transcoder handles media in which direction. Nevertheless, nothing precludes the use of bidirectional streams in this scenario. They could be used, for example, by a human relay to ask for clarifications (e.g., I did not get that, could you repeat, please?) to the party he or she is receiving media from. --------- OLD: 4 Security Considerations This document describes how to use third party call control to invoke transcoding services. It does not introduce new security considerations besides the ones discussed in [2]. NEW: 4 Security Considerations RFC 3725 [2] discusses security considerations which relate to the use of third party call control in SIP. These considerations apply to this document, since it describes how to use third party call control to invoke transcoding services. In particular, RFC 3725 states that end-to-end media security is based on the exchange of keying material within SDP and depends on the controller behaving properly. That is, the controller should not try to disable the security mechanisms offered by the other parties. As a result, it is trivially possible for the controller to insert itself as an intermediary on the media exchange, if it should so desire. In this document, the controller is the UA invoking the transcoder, and there is a media session established using third party call control between the remote UA and the transcoder. Consequently, the attack described in RFC 3725 does not constitute a threat because the controller is the UA invoking the transcoding service and it has access to the media anyway by definition. So, it seems unlikely that a UA attempts to launch an attack against its own session by disabling security between the transcoder and the remote UA. Regarding end-to-end media security from the UAs' point of view, the transcoder needs access to the media in order perform its function. So, by definition, the transcoder behaves as a man in the middle. UAs that do not want to a particular transcoder to have access to all the media exchanged between them can use a different transcoder for each direction. In addition, UAs can use different transcoders for different media types. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce