Re: [Insipid] draft-ietf-insipid-session-id-18: comments and questions

"Paul Giralt (pgiralt)" <> Wed, 06 April 2016 02:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7796312D674 for <>; Tue, 5 Apr 2016 19:36:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.531
X-Spam-Status: No, score=-14.531 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 3BGzZg6N6SME for <>; Tue, 5 Apr 2016 19:36:14 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C42E112D56C for <>; Tue, 5 Apr 2016 19:36:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=5306; q=dns/txt; s=iport; t=1459910173; x=1461119773; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=P1lPla1QZQ2ThtIdrJAqsvEDHuzkgJMs3ZN3FMCzotw=; b=dMcQOPjqZCaAb30G0YPWzMskJQ6ICdot0c+a7Zq7DMiUd5/yP3uXgLPp 32q6tCCA+BeD/AY6dYQcuPitoq/SsT+asHloQ/569uiEFiS79KcxZEOAP ulfVgPLVofMwFfvAmw3uc6hxkxe8GuUD+BVyX5qBpriONW5UQPvfYZs7N 8=;
X-Files: signature.asc : 842
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DnAgDedARX/5NdJa1cgzeBVrs2DoFyh?= =?us-ascii?q?g0CgUY4FAEBAQEBAQFlJ4RCAQEDASNWBQsCAQhCAgIyJQEBBA4TiBEIrliRbQE?= =?us-ascii?q?BAQEBAQEBAQEBAQEBAQEBAQEBAQ0IhiCBdQiBTIEChz8rgisFmAEBgyKBZoZLg?= =?us-ascii?q?jeBZxeENohahhyIfwEeAUOCBBmBSoglfgEBAQ?=
X-IronPort-AV: E=Sophos;i="5.24,446,1454976000"; d="asc'?scan'208";a="256431854"
Received: from ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Apr 2016 02:36:12 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id u362aC2K009241 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 6 Apr 2016 02:36:12 GMT
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1104.5; Tue, 5 Apr 2016 22:36:11 -0400
Received: from ([]) by ([]) with mapi id 15.00.1104.009; Tue, 5 Apr 2016 22:36:11 -0400
From: "Paul Giralt (pgiralt)" <>
To: Brett Tate <>
Thread-Topic: [Insipid] draft-ietf-insipid-session-id-18: comments and questions
Thread-Index: AdGKjoY1cNJ5jXYgSYmyGC49bFEmrAFQBMuA
Date: Wed, 6 Apr 2016 02:36:11 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: multipart/signed; boundary="Apple-Mail=_F8C53482-3E17-4EF5-ADD8-BA04A097051C"; protocol="application/pgp-signature"; micalg=pgp-sha512
MIME-Version: 1.0
Archived-At: <>
Cc: "" <>
Subject: Re: [Insipid] draft-ietf-insipid-session-id-18: comments and questions
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Session-ID discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 06 Apr 2016 02:36:15 -0000


Thanks again. See inline...

> I don't have a strong preference.  The SHOULD would allow intermediaries to
> defer to prior hop within situation or deployment model where intermediary
> might be less confident about the accuracy of the stored value.

I’m going to put it as a MUST for now and hopefully will get comments if anyone feels this should be a SHOULD. Seems like the intermediary would be in a better position to know the latest UUID and the intermediary should follow the SHOULD that says to update the other endpoint when the UUID changes.

> If not intentional, the proposed new bullet for CANCEL appears to cause the
> remote UUID of CANCEL's 200/481 to contain the stored value.  However, I'm
> not positive since unsure if another bullet applies at the same time
> concerning how to build the CANCEL responses.

The remote UUID of CANCEL’s 200 / 481 contains the UUID from the CANCEL per Bullet 1 in Section 8. Don’t think we need any special cases here.

> Also concerning the new bullet for CANCEL, the "not passed not end-to-end"
> appears to have an extra "not”.

Thanks. Fixed.

>> As you mentioned, without updating the UUID on a failure
>> response, we don’t have a value for ACK. Having the value
>> in the ACK outweighs any potential out of sync that may
>> occur in a rare scenario where the UUID changes on a
>> failure response. I’m inclined to leave as-is.
> I don't have a strong opinion on the topic.  However the ACK for non-2xx
> could be a special situation where it can contain failure response's local
> UUID without needing to allow it to update the stored value.  This would be
> similar to INVITE failure response (or 3xx) during call setup causing a
> resubmit with higher cseq (without remote UUID); however excluding 3xx, I
> didn't really notice any text concerning the topic.

Ok thanks. Since you don’t have a strong opinion and I’d rather err on the side of less special cases, I’m going to leave as-is for now. If anyone else has a strong opinion to the contrary we can revisit.

>> To answer your specific questions - if it really did play
>> out the way you outlined above and the 503 does include a
>> session identifier (and it happens to be different than
>> the one in the 2xx), then yes, the 503 should cause an
>> update and the remote UUID in the ACK for the 503 would
>> reflect the 503’s value (which would also now be the stored
>> value because we accept stored values from the 503). Not
>> ideal, but this scenario does not seem realistic to me.
>> Please correct me if I’m missing something.
> The RFC 3263 advancing of mid-dialog requests based upon short time
> intervals occurs.  Devices that do it currently pick a winning
> branch/response for updating local data and relaying as needed (selecting
> "best" response is discussed within RFC 5057 section 5.1 note 9).
> The thing that you might be missing is that the draft (depending upon
> interpretation) is asking devices that RFC 3263 advance mid-dialog requests
> based upon time (and/or 503) to allow every responding branch to update the
> stored value even though 1 or none where selected as the winning response
> when selecting how to respond.
> However as I mentioned above, I don't have a strong opinion on the topic.

Thanks for clarifying. I think implementations should do what they feel is best to select the “right” UUID to use. The implementation would know best and I’m hesitant to complicate the draft to provide specific guidance. I may add a statement indicating the spirit of the guidelines.

I’ll incorporate all your feedback into draft 19 and get it out shortly.