IETF Logo Mail Archive

Re: [Insipid] Reviews for INSIPID Session-ID solution draft Version 11

<R.Jesske@telekom.de> Tue, 11 November 2014 02:18 UTC

Return-Path: <R.Jesske@telekom.de>
X-Original-To: insipid@ietfa.amsl.com
Delivered-To: insipid@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 127211AD427 for <insipid@ietfa.amsl.com>; Mon, 10 Nov 2014 18:18:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.844
X-Spam-Level:
X-Spam-Status: No, score=-3.844 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, J_CHICKENPOX_21=0.6, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.594] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aBCLGnH_MUb7 for <insipid@ietfa.amsl.com>; Mon, 10 Nov 2014 18:18:07 -0800 (PST)
Received: from tcmail13.telekom.de (tcmail13.telekom.de [80.149.113.165]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B4E51AD43A for <insipid@ietf.org>; Mon, 10 Nov 2014 18:18:07 -0800 (PST)
Received: from qdezc2.de.t-internal.com ([10.125.181.10]) by tcmail11.telekom.de with ESMTP; 11 Nov 2014 03:18:02 +0100
X-IronPort-AV: E=Sophos;i="5.07,357,1413237600"; d="scan'208";a="164378145"
Received: from he110890.emea1.cds.t-internal.com ([10.134.92.131]) by qde0ps.de.t-internal.com with ESMTP/TLS/AES128-SHA; 11 Nov 2014 03:17:59 +0100
Received: from HE113667.emea1.cds.t-internal.com ([fe80::c943:1394:e86e:fce3]) by he110890 ([10.134.92.131]) with mapi; Tue, 11 Nov 2014 03:17:59 +0100
From: R.Jesske@telekom.de
To: R.Jesske@telekom.de, gsalguei@cisco.com, insipid@ietf.org
Date: Tue, 11 Nov 2014 03:17:52 +0100
Thread-Topic: Reviews for INSIPID Session-ID solution draft Version 11
Thread-Index: AQHPp19C6/xeqyJWK0SvlVEb6jwnAZu0+hwQgKZbJNA=
Message-ID: <058CE00BD4D6B94FAD033A2439EA1E4B01E4FF82FE2B@HE113667.emea1.cds.t-internal.com>
References: <5AF0100A-3D47-468D-BD89-0C905E7AE118@cisco.com>
Accept-Language: en-US, de-DE
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, de-DE
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/insipid/A0H5R2j9GJWKaof9wXdywMXgidk
Cc: insipid-chairs@tools.ietf.org
Subject: Re: [Insipid] Reviews for INSIPID Session-ID solution draft Version 11
X-BeenThere: insipid@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:insipid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/insipid/>
List-Post: <mailto:insipid@ietf.org>
List-Help: <mailto:insipid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:insipid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Nov 2014 02:18:11 -0000

Dear all,
it was brought to my attention that there is still review needed for the session-id draft.
I have reviewed it once in July 2014 and all comments were treated sufficiently.

Now here are my comments on Version 11

https://tools.ietf.org/html/draft-ietf-insipid-session-id-11

comment on Abstract

Do we need really the hint to "in the wild" implementation?
I would propose to refer only to implementations existing based on UUID.
i.e. the Kaplan draft which is now RFC is within this scope.


Section 4.1 (and Section 5)

Would it be worth to mention if the Session-id is case sensitive.
Since when we will need to implement it we have to explicit state it if it is case sensitive or not.

I think it would be worth to mention that the UUID is case insensitive as defined in RFC 4122

Section 5 (editorial minor)

Text:
In the case where an entity compliant with this specification is
   interworking with an entity that implemented [RFC7329], the "remote"
   parameter might be absent, but otherwise the remote parameter MUST be
   present.

I would propose to replace might by may. This is from my point of view better for standard ruling if this is a option = may (but the decision I led to the English grammar experts ;-))

Proposal:
In the case where an entity compliant with this specification is
   interworking with an entity that implemented [RFC7329], the "remote"
   parameter may be absent, but otherwise the remote parameter MUST be
   present.


These are the only comments I have.
Seen from my point of view the draft is ready for publication.

Thank you and Best Regards

Roland



> -----Ursprüngliche Nachricht-----
> Von: Jesske, Roland
> Gesendet: Montag, 28. Juli 2014 16:00
> An: 'Gonzalo Salgueiro (gsalguei)'; insipid@ietf.org
> Cc: insipid-chairs@tools.ietf.org
> Betreff: AW: Reviews for INSIPID Session-ID solution draft
> 
> Hi Gonzalo,
> I did a review of the draft till section 9.1 Here are my comments:
> 
> Section 2
> 
> Text:
>    The terms "Session Identifier" and "Session ID" refer to the value of
>    the identifier, whereas "Session-ID" refers to the header used to
>    convey the identifier.
> 
> For me it is not really clear what th3e difference between "Session
> Identifier", "Session ID" and "Session-ID" is.
> It is really hard to read the whole text in mind of this description.
> Somebody who is not aware of the difference will struggle a little bit.
> I would propose to replace all "Session ID" with "Session Identifier".
> 
> 
> Section 4.1
> 
> I'm missing some more description in the start of section 4 that a local
> and remote UUID exists.
> 
> Old:
> 
> 4.1. Constructing the Session Identifier
> 
>    The Session Identifier comprises two UUIDs [RFC4122], with each UUID
>    representing one of the endpoints participating in the session.
> 
> Proposal:
> 
> 4.1. Constructing the Session Identifier
> 
>   RFC4412 describes the construction of the Universally Unique
> Identifier (UUID).
>    The Session Identifier comprises two UUIDs [RFC4122], with each UUID
>    representing one of the endpoints (local UUID and remote UUID)
> participating in the session.
> 
> Section 4.1 uuid_t
> 
> This text:
> ...
> 
>    When generating a version 5 UUID, endpoints or intermediaries MUST
>    utilize the following "name space ID" (see Section 4.3 of [RFC4122]):
> 
>      uuid_t NameSpace_SessionID = {
>            /* a58587da-c93d-11e2-ae90-f4ea67801e29 */
>            0xa58587da,
>            0xc93d,
>            0x11e2,
>            0xae, 0x90, 0xf4, 0xea, 0x67, 0x80, 0x1e, 0x29
>        }
> 
> ...
> 
> Is/was hard to understand what is here meant by. So if I understand
> correctly this is the specific name space definition for our "Session
> ID". Thus this is used to calculate our Session-ID/UUID local/remote.
> 
> So I would propose to change the following text:
> 
> New proposal:
>    When generating a version 5 UUID, endpoints or intermediaries MUST
>    Follow the procedures described in Section 4.3 of [RFC4122]. The
> following "name space ID" MUST be taken for the calculation of the UUID.
> 
>    /* Name string is a Session ID */
>      uuid_t NameSpace_SessionID = {
>            /* a58587da-c93d-11e2-ae90-f4ea67801e29 */
>            0xa58587da,
>            0xc93d,
>            0x11e2,
>            0xae, 0x90, 0xf4, 0xea, 0x67, 0x80, 0x1e, 0x29
>        }
> 
> 
> 
> Section 4.2 first Paragraph:
> ...
> 
> 
> ABNF: Section 5 (1st comment)
> This draft defines the header "session-id" (ABNF: session-id    =
> "Session-ID" HCOLON local-uuid) while I-D.kaplan-insipid-session-id
> defines the header "Session-ID" (ABNF  Session-ID =  "Session-ID" HCOLON
> sess-id*( SEMI generic-param )).
> Seen from syntax there is no difference with  regard to the value both
> are 32 bytes (32(DIGIT / %x61-66)  ;32 chars of [0-9a-f]) Was this done
> by purpose or does this not care?
> 
> 
> ABNF: Section 5 (2nd comment)
> The  definition sess-uuid     = 32(DIGIT / %x61-66)  ;32 chars of [0-9a-
> f] is shown, but there is no real hint that this value is at least the
> built UUID regarding RFC4412. I think we should spent some words of
> clarification.
> 
> 
> Section 6:
> 
> Reading this text is a little bit hard to distinguish the UAC/UAS
> behavior. I think it would be worth to spend a little bit more words to
> describe the UAC/UAS behavior in addition. Like what happens in the
> Initial request seen from UAC and first response from UAS.
> 
> Section 7 3rd paragraph:
> 
> Text:
>    If an intermediary receives a SIP message without a Session-ID header
>    value, the intermediary MAY assign a "local-uuid" value to represent
>    the sending endpoint and insert that value into all signaling
>    messages on behalf of the sending endpoint.  If the intermediary is
>    aware of a "remote" value that identifies the receiving UA, it MUST
>    insert that value if also inserting the "local-uuid" value.
> 
> Perhaps a note would be valuable what such intermediary (e.g. Network
> border) could be.
> e.g.
> Note: Such an intermediary could be an entry point interconnecting to a
> network belonging to another domain or service provider which is not
> supporting the Session ID.
> 
> Would it be also worth to mention the Interworking behavior between
> PSTN/ISDN and SIP?
> 
> Section 9. /9.1
> 
> Would it be worth to show one example Request INVITE and on response.
> I know it is redundant text but people like to see an example to show
> how it looks like.
> 
> e.G.
> 
> INVITE sip:bob@example.com SIP/2.0
>       Via: SIP/2.0/UDP 192.0.2.1:5060;branch=z9hG4bKnashds10
>       From: Alice <sip:alice@example.net>;tag=1234567
>       To: Bob <sip:bob@example.com>
>       Call-Id: 123456mcmxcix@1.2.3.4
>       Session-ID: ab30317f1a784dc48ff824d0d3715d86;
>            remote=00000000000000000000000000000000
>       CSeq: 1 INVITE
>       Contact: <sip:alice@192.168.1.1>
> 
>   SIP/2.0 200 OK
>       Via: SIP/2.0/UDP b2bua.atlanta.com
>          ;branch=z9hG4bK77ef4c2312983.1;received=192.0.2.2
>       Via: SIP/2.0/UDP 192.0.2.1:5060;branch=z9hG4bKnashds10
>       To: Bob <sip:bob@example.com>tag=a6c85cf
>       From: Alice <sip:alice@example.net>;tag=1234567
>       Call-Id: 123456mcmxcix@1.2.3.4
>       Session-ID: ab30317f1a784dc48ff824d0d3715d86;
>                   remote=47755a9de7794ba387653f2099600ef2
>       CSeq: 1 INVITE
>       Contact: <sip:bob@192.0.2.4>
> 
> So that are my comments till 9.1.
> 
> Editorial
> Page 8 last paragraph responseand --> response and Page 15 1st Paragraph
> and following is "passcode" correct or should it be "pass code" ?
> Page 25 last Paragraph "The authors would like to than" --> "The authors
> would like to thank"
> 
> 
> Best Regards
> 
> Roland
> 
> -----Ursprüngliche Nachricht-----
> Von: insipid [mailto:insipid-bounces@ietf.org] Im Auftrag von Gonzalo
> Salgueiro (gsalguei)
> Gesendet: Donnerstag, 24. Juli 2014 18:50
> An: insipid@ietf.org
> Cc: insipid-chairs@tools.ietf.org
> Betreff: [Insipid] Reviews for INSIPID Session-ID solution draft
> 
> Hi -
> 
> The chairs met and had a WG sync while here in Toronto. Conversations
> with the draft authors clearly indicate that we are getting very close
> to WGLC  for the Session-ID draft (http://tools.ietf.org/html/draft-
> ietf-insipid-session-id).  The chairs feel it would be helpful if we
> were to get additional reviews prior to WGLC. We have proactively
> reached out specifically to some obvious review candidates but we would
> welcome and appreciate partial or complete reviews from anyone in the
> WG.
> 
> 
> Cheers,
> 
> Gonzalo
> (as co-chair)
> _______________________________________________
> insipid mailing list
> insipid@ietf.org
> https://www.ietf.org/mailman/listinfo/insipid

v2.23.0 | Report a Bug | By Email