Re: [Insipid] draft-ietf-insipid-session-id-12: comments

"Paul E. Jones" <> Fri, 23 January 2015 23:54 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id ED96D1AD0D0 for <>; Fri, 23 Jan 2015 15:54:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.012
X-Spam-Status: No, score=-2.012 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7U1AOgQ5qgsa for <>; Fri, 23 Jan 2015 15:54:01 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 243E71A8906 for <>; Fri, 23 Jan 2015 15:54:01 -0800 (PST)
Received: from [] ( []) (authenticated bits=0) by (8.14.9/8.14.9) with ESMTP id t0NNrwSr023949 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 23 Jan 2015 18:53:59 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=dublin; t=1422057239; bh=Ffgz8FVX6/n19hmpNvoVr7YI7ggH2lG94n8MaJYD/ss=; h=From:To:Subject:Date:In-Reply-To:Reply-To; b=BlxB5XdP0WyEZjnFBBnvzfH0hmbHBspJDnW0NKFpjkEx+i5/TIf6FQbok94n1V8Kp xwlxbsik8tFCBeAGmsDrYEdnYkeiqIDaeRV1ahAaY1G5tsKXZpkKFWIJRMnScNYR/D Dbq4Qiu5JRIthz8qg8NbCNQV1I7QyAxIkDq40R6g=
From: "Paul E. Jones" <>
To: Brett Tate <>,,
Date: Fri, 23 Jan 2015 23:54:09 +0000
Message-Id: <eme20219cc-2d4b-4733-8489-88c94b8214a9@sydney>
In-Reply-To: <>
User-Agent: eM_Client/6.0.21372.0
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [Insipid] draft-ietf-insipid-session-id-12: comments
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: "Paul E. Jones" <>
List-Id: SIP Session-ID discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 23 Jan 2015 23:54:03 -0000


>>  >Section 10 bullets 2 and 6: Bullet 2 isn't necessarily
>>  >true since it can occur within dialog after bullet 6.
>>  This is just a statement of fact, no? Shouldn't we keep
>>  it just to be clear and set a firm foundation? And 6 is
>>  about the response, whereas 2 is about the request.
>I was just highlighting that the bullet 2 is only potentially true 
>since the
>RFC 7329 device may send requests with the same exact Session-ID that 
>draft compliant device sent within an originating INVITE. Bullet 6 is
>potentially adequate to help ensure that a draft compliant device won't
>think that the remote party has become draft compliant mid dialog 
>because of
>bullet 2.

OK, I see your point now.  However, bullet 6 doesn't cover that initial 
INVITE.  When Bob receives that initial INVITE message, Bob needs to 
know whether it's a 7329 or a newer device.  It needs to know how to 
respond.  However, between bullet 3 and 6, I think you're right that it 
might be redundant.  Still, I think it's best to leave it here.  That 
way nobody has to read between the lines.

However, we really don't know if the 7329 device will ever send a 
request with the exact same Session-ID as was originally sent by an 
endpoint or not. It might echo the Session-ID exactly as it was 
received, or it might remove the "remote" parameter.  Behavior of 
devices in the wild is not entirely known.  So, you might be right.  We 
just don't know and, therefore, can't guarantee this is always correct.

>Concerning my adjusted RFC 3725 figure 13 example, there is currently
>nothing to help the media server from incorrectly thinking that the 
>device is draft compliant since hit bullet 2. A fix could be introduced 
>allowing the B2BUA to indicate the non-compliance (by header or 
>to the media server. However, introducing extra signaling complexity to
>avoid the misinterpretation is potentially not worth it.

Yeah, I can see this being a battle for a while. It will introduce more 
complexity that folks will not like.

The B2BUA should know what kind of endpoint it's dealing with usually, 
though.  I think this can be handled by implementations.  Still, if it 
connects A (new) and B (old), A and B might be stubborn about switching 
behavior.  We could give guidance about that (e.g., B2BUA modify the 
Session-ID), but that guidance would very much go against what we're 
arguing for in the document of taking a hands-off approach.  A  smart 
newer endpoint should also figure this out, too.  It's either going to 
get what looks like a proper reply or one of the following:
1) An echo of what it sends in its next message
2) A single UUID (indicating 7329 behavior)
3) A response with two unknown UUIDs.  More more message exchange with 
that entity will help to determine if it's new or old, as the old device 
will continue to operate as either (1) or (2).