Re: [Insipid] draft-ietf-insipid-session-id-14: comments and questions

Brett Tate <> Fri, 02 October 2015 15:42 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 97E5D1B2C10 for <>; Fri, 2 Oct 2015 08:42:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id zzCn9EiGt3EX for <>; Fri, 2 Oct 2015 08:42:31 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AD2BA1B2C5C for <>; Fri, 2 Oct 2015 08:41:35 -0700 (PDT)
Received: by wicfx3 with SMTP id fx3so36401241wic.0 for <>; Fri, 02 Oct 2015 08:41:34 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:from:mime-version:thread-index:date:message-id :subject:to:content-type; bh=eu3s3z4NE4xrRRHcpXv8Y6654yB2TPHgKhvH3I1dtm4=; b=RApa4n108e9rOL2v0BZhN7PkSatMMehGZ3bS4LSoDZ6oeS5Uj1CLbjVFmZqvWM2OLg byyuisS4oz8BDA5s9YPy/lcnjbVBeixSIrXH84eWF8Hmq5PJ2omnsv1kkUFcUd9muw0C 3fuiUTQenP3aGAQUv9zfEgvWQUj6TTmh9sYJnxpyOZBWWBAL53PYDvAVM57YsumC1eiv JYRGb82F/XOrYxgG1hLs7PLZSvCe5hX9PJQuITmVZ9P5PZEAUsR/xk5Le83yT0sLTwF7 32NoznawbaXk7trIXQr+qFd8eaf7ulL0hjtf3PHp1HkGVaZ3ocUILBQd6eAVaY/8dSZ5 EIqw==
X-Gm-Message-State: ALoCoQk04R+bzN6/vco57M0+51dly4BagFgylRh6ytZevKv/afm2MTNZEBz2WPq8dTQxBA6mEuqk
X-Received: by with SMTP id n7mr16254048wjf.112.1443800494287; Fri, 02 Oct 2015 08:41:34 -0700 (PDT)
From: Brett Tate <>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdD9KMPwQaWzXJatREWrT6Mz+vK1bw==
Date: Fri, 02 Oct 2015 11:41:38 -0400
Message-ID: <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Subject: Re: [Insipid] draft-ietf-insipid-session-id-14: comments and questions
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Session-ID discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 02 Oct 2015 15:42:37 -0000

Hi Paul,

Thanks the response; reply is inline.  I'll send
draft-ietf-insipid-session-id-15 comments/questions separately.

> >General comment: I find the concepts of endpoint and
> >intermediary confusing within the draft.  For instance if
> >a proxy/B2BUA decides to reject an INVITE during call
> >setup, does section 6 or section 7 apply? I assume that
> >section 6 applies (if it didn't relay the related request).
> >If the proxy/B2BUA rejects a mid-dialog request (while
> >acting as an intermediary for the session), section 7
> >applies.  Adding something to section 2 to clarify
> >ambiguity might help.  If a device which can act as endpoint
> >or intermediary rejects a re-INVITE for an unknown dialog
> >by sending 481, should it do so following section 6 or
> >section 7?
> Yes, this would be useful.  And it goes along with your
> next issue.
> >General comment: I find the use of UA within draft
> >occasionally ambiguous concerning if it includes or
> >excludes intermediaries such as B2BUA and proxy's UAS
> >when it is used.
> I've made an attempt to address this confusion and to be
> more consistent in terminology, adding some language to
> Section 2 as you suggest, as well.

It helps address the above two comments.  Since it looks like it conflicts
with my mentioned call setup assumption, I'll likely have additional

> >Section 5 paragraph 7: In my opinion, the MUST should
> >be changed to SHOULD (along with similar changes
> >elsewhere); however since I guess the working group
> >disagrees... Should add text somewhere concerning the
> >impacts of race conditions, retries, CANCEL,
> >authentication, overload, et cetera upon the "most
> >recently received UUID" algorithm.  For instance if
> >"most recently received UUID" was processed as a retry,
> >it potentially isn't the best choice for inclusion as
> >the remote-uuid.

Retry was potentially addressed good enough since I don't think implementers
would interpret "peer endpoint MAY change at any time" as including retries.
However since it doesn't need to pass authentication (and draft overrides
RFC 3261 section 8.2's "all state changes MUST NOT be performed"), I'm not
sure where within the processing steps (like RFC 3261 section 8.2) they will
place the decision to update the stored remote UUID.

Unknown or unsupported request situations are interesting.  Even though the
request is unknown or unsupported, the draft still mandates allowing it to
update the UUID.

Malformed message situations are interesting.  The draft currently allows a
malformed messages to update the UUID.  I can't wait until I hear "I sent
you a malformed message containing Session-ID, why didn't you update the
stored remote UUID?"

Large SIP message situations are interesting.  Even though a device might
reject large messages, the draft still mandates processing the message
enough to update the UUID.

> >Since CANCEL can contain an older UUID, it potentially
> >isn't the best choice for inclusion as the remote-uuid.

You should likely discuss the impacts of CANCEL if you are really intending
to allow it to roll back the UUID.  Otherwise, implementers might not think
that the draft truly intended for the rollback to occur.

> >Because of race conditions, the "most recently received
> >UUID" is not necessarily the most recent UUID sent by
> >the remote endpoint.

Potentially addressed good enough.  However, adding a statement about race
conditions within the draft would help silence complaints if anyone was
thinking that the draft provides a way to ensure all of the devices truly
know the current Session-ID.

> >If a device returns 500 because lower CSeq, it seems
> >strange that the UAS MUST update the stored UUID.

Potentially addressed good enough since I don't think implementers would
interpret "peer endpoint MAY change at any time" as including requests
containing lower cseq.

> >If the "most recently received UUID" hasn't passed
> >authentication (i.e. returning 401, 407, or 403), should
> >the request (or the related ACK) still be allowed to
> >alter the stored UUID?

As far as I know, the draft indicates yes.  Is this acceptable?

> >If an overloaded device returns a failure response
> >(such as 503), is the overloaded device actually
> >supposed to still update the stored UUID to be
> >compliant with this mandate?  If this draft is
> >mandating an overloaded server process an
> >unauthenticated request to update stored information,
> >it should be mentioned within section 11.
> Whew!  OK, that's a lot to chew on. :)

As far as I know, the draft indicates yes.  Is this acceptable and should it
be mentioned within section 11?  I'm glad that the draft only indicates that
the B2BUA SHOULD (instead of MUST) communicate the update to the remote

> >Section 6 paragraph 2: Should clarify authentication behavior.
> >For instance, RFC 3261 allows the challenger to behave mostly
> >stateless (such as by not retrying 401/407); however this draft
> >currently appears to mandate maintaining additional information
> >and perform related modifications.
> I see value in keeping that state.  This is in line with also
> maintaining the UUID value even in the face of getting a 3xx,
> too.  We want this to effectively persist from the moment the
> user lifts the handset and makes a call to the moment the user
> hangs up the phone.

Sounds okay from a UAC perspective; however since the Call-ID can change, I
don't see how that mandate is always possible from a UAS perspective.

> >Section 7 paragraph 3: If the intermediary knows it is relaying
> >the request to a different session, can it fix the remote-uuid
> >(such as changing it to null)?
> For the response aggregation case, definitely.  For what other
> cases are you thinking that should happen?

Basically any cases where the B2BUA likely has a more accurate view of the
current remote UUID.  For instance, section 9.3 example.  Similarly, the
endpoint may be incorrect concerning section 6's "believes may be a new peer
endpoint" check and included non-null remote UUID.  Similarly, consider race
conditions (although it could also cause B2BUA to be wrong).