IETF Logo Mail Archive

Re: [Insipid] Will the identifier pass unchanged through B2BUAs?

Robert Sparks <rjsparks@nostrum.com> Wed, 31 July 2013 07:18 UTC

Return-Path: <rjsparks@nostrum.com>
X-Original-To: insipid@ietfa.amsl.com
Delivered-To: insipid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A3FD21E8090 for <insipid@ietfa.amsl.com>; Wed, 31 Jul 2013 00:18:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.6
X-Spam-Level:
X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SPF_PASS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hIZ+MAO4o4Qm for <insipid@ietfa.amsl.com>; Wed, 31 Jul 2013 00:18:01 -0700 (PDT)
Received: from shaman.nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:267::2]) by ietfa.amsl.com (Postfix) with ESMTP id EB5C021E8051 for <insipid@ietf.org>; Wed, 31 Jul 2013 00:18:00 -0700 (PDT)
Received: from dhcp-632b.meeting.ietf.org (dhcp-632b.meeting.ietf.org [130.129.99.43]) (authenticated bits=0) by shaman.nostrum.com (8.14.3/8.14.3) with ESMTP id r6V7HwTw046268 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=OK) for <insipid@ietf.org>; Wed, 31 Jul 2013 02:17:59 -0500 (CDT) (envelope-from rjsparks@nostrum.com)
Message-ID: <51F8BA2B.3030100@nostrum.com>
Date: Wed, 31 Jul 2013 09:18:03 +0200
From: Robert Sparks <rjsparks@nostrum.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
To: insipid@ietf.org
References: <51F7A26B.1000704@ericsson.com> <C6504F53-FAF0-4DBF-811D-DD7960961B2B@oracle.com>
In-Reply-To: <C6504F53-FAF0-4DBF-811D-DD7960961B2B@oracle.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Received-SPF: pass (shaman.nostrum.com: 130.129.99.43 is authenticated by a trusted mechanism)
Subject: Re: [Insipid] Will the identifier pass unchanged through B2BUAs?
X-BeenThere: insipid@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:insipid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/insipid>
List-Post: <mailto:insipid@ietf.org>
List-Help: <mailto:insipid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:insipid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jul 2013 07:18:02 -0000

On 7/30/13 9:38 PM, Hadriel Kaplan wrote:
> Uhhh... just to be clear, I was making an individual comment in that email, not a corporate position statement or any some such.
>
> My point was that since the use-cases people are planning to do for INSIPID's Session-ID have now gone far beyond troubleshooting, the odds are we can't rely on it always being passed through end-to-end from originating Enterprises through various service providers to the far-end, without being modified in-transit.  I can't *prove* it won't be, but that's just my hunch, since we've seen this movie play out before.
>
> The good news is we don't need the Session-ID to be used in STIR for caller-id verification, so there's nothing to worry about.
Hadriel -

This wasn't a question about STIR, it was a question about the 
publication of this INSIPID document.

Look again at the requirement called out from the document below.

Is your assertion that the proposed solution is not going to satisfy 
that requirement, or are you saying there's a problem with this 
requirement document being inconsistent (by requiring things that won't 
pass unchanged through intermediaries). If the latter, please re-engage 
the working group and fix the document (you are on the author list).

RjS
> :)
>
> -hadriel
>
>
> On Jul 30, 2013, at 7:24 AM, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com> wrote:
>
>> Hi,
>>
>> I just got a publication request for the requirements document:
>>
>> http://tools.ietf.org/html/draft-ietf-insipid-session-id-reqts-08
>>
>> The following is one of the requirements in the draft, which was one of
>> the main reasons for creating this WG:
>>
>>>    REQ3: The solution must require that the identifier, if present, pass
>>>    unchanged through SIP B2BUAs or other intermediaries.
>> Hadriel, who works for an important SBC vendor and is one of the authors
>> of the requirements document, sent the comments below to the STIR list a
>> couple of weeks ago (see email below).
>>
>> How should I interpret those comments in the context of my AD review of
>> this document and, even more importantly, as the responsible AD for this
>> WG (as you know, we have had many scope-related discussions in the past)?
>>
>> Thanks,
>>
>> Gonzalo
>>
>>
>> -------- Original Message --------
>> Subject: 	Re: [stir] Rollout timeframe (was: RE: Draft STIR Charter)
>> Date: 	Tue, 16 Jul 2013 10:21:13 -0400
>> From: 	Hadriel Kaplan <hadriel.kaplan@oracle.com>
>> To: 	Richard Shockey <richard@shockey.us>
>> CC: 	IETF STIR Mail List <stir@ietf.org>
>>
>>
>> On Jul 16, 2013, at 9:35 AM, "Richard Shockey" <richard@shockey.us> wrote:
>>
>>> I actually believe INSIPID is equally important to the overall task
>> since it
>>> is the track and trace elements of this that can ultimately enable some
>>> enforcement. I wish there was some more discussion on how the mechanisms
>>> would work at the edge SIP/SS7 network gateways since that clearly has
>> been
>>> the center of most of the reported problems.  I still think something
>> needs
>>> to be done to police that traffic but that is still ultimately a
>> regulatory
>>> effort.
>> I agree we need a tracking/tracing mechanism, but in my opinion we
>> cannot and should not rely on INSIPID Session-ID at all for that.  They
>> have gone beyond benign troubleshooting-type purposes now, which means
>> there is absolutely no guarantee the Session-ID will make it intact
>> across service providers in all cases.  In fact, my hunch is it won't.
>>
>> Regardless, the Session-ID isn't what we really need for tracing a bad
>> caller-id call.  Even without Session-ID, the service provider's CDRs or
>> logs can be used to trace it back to the peering connection and peer
>> upstream provider the call came in from.  What we also need is a list of
>> SPIDs the call request has crossed through, so we can trace it back
>> further upstream.  Kinda like a Via header, but with very different
>> properties and purpose.  We've talked about doing that before, back when
>> there was talk about creating a registry of SPIDs.  What ever happened
>> to having a registry of SPIDs?
>>
>> -hadriel
>>
>> _______________________________________________
>> stir mailing list
>> stir@ietf.org
>> https://www.ietf.org/mailman/listinfo/stir
>>
>> _______________________________________________
>> insipid mailing list
>> insipid@ietf.org
>> https://www.ietf.org/mailman/listinfo/insipid
> _______________________________________________
> insipid mailing list
> insipid@ietf.org
> https://www.ietf.org/mailman/listinfo/insipid

v2.23.0 | Report a Bug | By Email