Re: [Insipid] Posted draft-ietf-insipid-session-id-06
"Paul E. Jones" <paulej@packetizer.com> Thu, 19 June 2014 18:31 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: insipid@ietfa.amsl.com
Delivered-To: insipid@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E0071A0263 for <insipid@ietfa.amsl.com>; Thu, 19 Jun 2014 11:31:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.642
X-Spam-Level:
X-Spam-Status: No, score=-1.642 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2rH6wPGtvF7N for <insipid@ietfa.amsl.com>; Thu, 19 Jun 2014 11:31:19 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F0FF1A0083 for <insipid@ietf.org>; Thu, 19 Jun 2014 11:31:19 -0700 (PDT)
Received: from [192.168.1.20] (cpe-024-211-197-136.nc.res.rr.com [24.211.197.136]) (authenticated bits=0) by dublin.packetizer.com (8.14.5/8.14.5) with ESMTP id s5JIVHeb002877 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 19 Jun 2014 14:31:17 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=packetizer.com; s=dublin; t=1403202678; bh=s8HCpw2h9ZddYFi1vCI5t32dfg0y1hpFsI/ii0sjKbM=; h=From:To:Subject:Date:Content-Type:In-Reply-To:Message-Id: Mime-Version:Reply-To; b=bZ0MnbYJcjlATVh+bDbfewQGB0SyxdqZh7o4xBNCWErPfNQow3XVWtbgbc6wKGGG9 VVKzIig6bgvHhPQFpXbEwbUiJf7g3TQx8gmlka8dwk/iiRXr8C1sfKprAqsmQbXFgp Oj21iuYUXMjTit0bju5v+9bQR1kTZxJ8he9FdZ0k=
From: "Paul E. Jones" <paulej@packetizer.com>
To: "Dawes, Peter, Vodafone Group" <Peter.Dawes@vodafone.com>, "insipid@ietf.org" <insipid@ietf.org>
Date: Thu, 19 Jun 2014 18:31:37 +0000
Content-Type: multipart/alternative; boundary="------=_MB39CADD6E-C9F3-4D85-B7B7-88AA1614D711"
In-Reply-To: <4A4F136CBD0E0D44AE1EDE36C4CD9D99870C73C3@VOEXM31W.internal.vodafone.com>
Message-Id: <emc516a0fb-ecf4-4fa3-a3f1-dd39457b5bee@sydney>
Mime-Version: 1.0
User-Agent: eM_Client/6.0.20154.0
Archived-At: http://mailarchive.ietf.org/arch/msg/insipid/AkArnyX2FD5Rd03ukNhZY8mo9L0
Subject: Re: [Insipid] Posted draft-ietf-insipid-session-id-06
X-BeenThere: insipid@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:insipid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/insipid/>
List-Post: <mailto:insipid@ietf.org>
List-Help: <mailto:insipid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:insipid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jun 2014 18:31:22 -0000
Peter, Thanks for the feedback. I'll try to go through these by the end of the day tomorrow; I'm completely consumed with meetings today. Paul ------ Original Message ------ From: "Dawes, Peter, Vodafone Group" <Peter.Dawes@vodafone.com> To: "Paul E. Jones" <paulej@packetizer.com>; "insipid@ietf.org" <insipid@ietf.org> Sent: 6/19/2014 5:05:23 AM Subject: RE: [Insipid] Posted draft-ietf-insipid-session-id-06 >Hi Paul, > >I have read through the latest session-id solutions draft >http://www.ietf.org/id/draft-ietf-insipid-session-id-06.txt and I have >the comments below, organized by the line number in the draft. I >haven’t yet checked the details of all of the signalling scenarios in >clause 9 so I might have some more comments later. > > > >Rgds, > >Peter > > > > > >Line > >Draft Text > >Comment or Question > >95 > >9.5. Single Focus Conferencing using WebEx ....................16 > >Is an internet draft allowed to refer to a commercial product, i.e. >WebEx? > >149 - 152 > >This draft presents a new identifier , referred to as the Session >Identifier, or "Session ID", and associated syntax intended to >overcome the issues that exist with the currently defined call >identifiers. > >It would help to describe the scope of this new identifier, e.g. SIP >only, SIP and H.323, or something else. > >169 - 171 > >The terms "Session Identifier" and "Session ID" refer to the value of >the identifier, whereas "Session-ID" refers to the header used to >convey the identifier. > >It would be clearer to refer to the value using only "Session >Identifier" throughout. > >170 > >"Session-ID" refers to the header > >Change to "Session-ID" refers to the SIP header field > >187 > >[I-D.ietf-insipid-session-id-reqts] . > >Now RFC7206 > >196 - 197 > >The version number in the UUID indicates the manner in which the UUID >is generated, > >I did not see version number defined in the draft > >202 - 211 > >When generating a version 5 UUID, endpoints or intermediaries MUST > utilize the following "name space ID" (see Section 4.3 of >[RFC4122]): > > uuid_t NameSpace_SessionID = { > /* a58587da-c93d-11e2-ae90-f4ea67801e29 */ > 0xa58587da, > 0xc93d, > 0x11e2, > 0xae, 0x90, 0xf4, 0xea, 0x67, 0x80, 0x1e, 0x29 > } > >The procedure and syntax being described by the draft are not clear to >me. > >225 - 228 > >Note that if an intermediary is stateless and the endpoint on one end > of the call is replaced with another endpoint due to some service > interaction, the values used to create the UUID might change and, >if > so, the intermediary will compute a different UUID. > >a) If an endpoint is replaced then I would expect the UUID to always >change but the text says "might" >b) text says "the values used to create the UUID" but the draft does >not describe a UUID creation algorithm >c) text says that intermediary is stateless but also says that the >intermediary will compute a different UUID. Surely a stateless >intermediary does not compute a UUID > >327 > >null = 32("0") > >since 32 zeros is a valid UUID, it might be better to use the string >"null" for the NULL value. > >451 - 454 > >If an intermediary receives a SIP message without a Session-ID header > value , the intermediary MAY assign a "local-uuid" value to >represent > the sending endpoint and insert that value into all signaling > messages on behalf of the sending endpoint. > >a) Does the intermediary receive an empty Session-ID header field, or a >message with no Session-ID header field? >b) messages can be originated in both directions, so is it always >local-uuid that is assigned or is it sometimes remote-uuid? >c) the text "all signalling messages" does not seem specific enough >e.g. the sending endpoint might initiate a completely new dialog > >471 - 473 > >, the intermediary MUST > place the one known UUID in the "remote-uuid" field and set the > "local-uuid" field to the null UUID value. > >Might be clearer to say "use the one known UUID as the "remote-uuid" >since "remote-uuid" is not a header field or a header field parameter. >Likewise for "local-uuid" > >493 > >MUST construct a Session-ID header value > >MUST use a Session-ID header value > >511 > >MCUs, including cascaded MCUs , > >Is "cascaded MCU" a well understood term? > >543 - 546 > >Intermediary devices, such as proxies or session border controllers, > or network diagnostics equipment might assume that when they see two > or more sessions with different Session Identifiers, but with one > UUID in common, that the sessions are part of the same conference. > >Maybe proxies should be left off the list of devices that will examine >the session identifier > >566 > >"N" represents a null UUID > > > >585 - 586 > >UA-Alice populates the "local-uuid" portion of the Session-ID > header-value. > >This bullet seems to be redundant and could be deleted > >554 > >9. Various Call Flow Operations Utilizing the Session ID > >I think it would help if at least one of the signalling examples shows >SIP (and maybe SDP). For a while, I was confused about whether >"local-uuid" and "remote-uuid" were header field parameters and then >wondered why the only IANA registration was for a "remote" parameter. > >1423 > >11. Security Considerations > >At the London meeting, security was identified as an open issue that >needs to be fully analysed. Does this analysis still need to be done? > > > > > > > >From: insipid [mailto:insipid-bounces@ietf.org] On Behalf Of Paul E. >Jones >Sent: 10 April 2014 04:53 >To:insipid@ietf.org >Subject: [Insipid] Posted draft-ietf-insipid-session-id-06 > > > >Folks, > > > >I just uploaded a revised version of the Session ID solution draft. In >this draft, we did the following: > >Added text to Section 7 (intermediaries) to describe handling of >provisional responsesWIth one typo "intermediaries transmits" (will fix >that in the next version)Changed the UUID values used for OOD REFER >(Section 9.9) per list discussionAdded one new paragraph on security >considerations >Please have a look at the draft and suggest other things we need to >address, including any issues you believe we need to raise in the >security considerations. > > > >Thanks, > >Paul > > >
- [Insipid] Posted draft-ietf-insipid-session-id-06 Paul E. Jones
- Re: [Insipid] Posted draft-ietf-insipid-session-i… Dawes, Peter, Vodafone Group
- Re: [Insipid] Posted draft-ietf-insipid-session-i… Paul E. Jones
- Re: [Insipid] Posted draft-ietf-insipid-session-i… James Polk
- Re: [Insipid] Posted draft-ietf-insipid-session-i… Dawes, Peter, Vodafone Group
- Re: [Insipid] Posted draft-ietf-insipid-session-i… Dawes, Peter, Vodafone Group