Re: [Insipid] draft-ietf-insipid-session-id-14: comments and questions

Brett Tate <> Wed, 06 January 2016 16:50 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id ACB991A909D for <>; Wed, 6 Jan 2016 08:50:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.279
X-Spam-Status: No, score=-1.279 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Ojv1GJS_iN9D for <>; Wed, 6 Jan 2016 08:50:02 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 62FB91A8A68 for <>; Wed, 6 Jan 2016 08:50:02 -0800 (PST)
Received: by with SMTP id l65so66165076wmf.1 for <>; Wed, 06 Jan 2016 08:50:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=from:mime-version:thread-index:date:message-id:subject:to :content-type; bh=CfQTWBRmQ0zAv3AgQnjSKAn4ZkEgArOQ9r3raMZkL1Q=; b=wS6tdbDoEUiIOuCnXkBCE0SkbPKEtZpsStQpRFGpNT3yn50IsTdm3v2W1lFe5dGfJE 00Za6etDP1I8R3BD5yUWmT9wbb9AwFXuZjM6+DRaae5qfvQCEPmyrGahb+tNk5jyh60W Bl5UyNhdjVTCXMseMWE3aCALF6GigtRqyZwL9SRagx5e0koN6g7f+/i5I7mHZHlVhSb+ iuo+vj9vjcnar0pVcLRYpj1du7W61T83xhljQ+UeuXdBABmiYhpfLg/MgzTu2HR4kM1v S+NnkogUdRe77cU3FjPNDFq2vl43mZcJg9a0jrRflch032M5iczu6T1fsMQhD4jp1dx3 4Yzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:from:mime-version:thread-index:date:message-id :subject:to:content-type; bh=CfQTWBRmQ0zAv3AgQnjSKAn4ZkEgArOQ9r3raMZkL1Q=; b=HP9NmqN7Pmb3d1Oc5hi7q4qPQdE6yRYMTg9qf3lI6hcUrJMSY1JPPJT1NJn/S9Q4VP Uk2T+NffEA/DxxUGYsvQWbzYH1zK8K9lOjgdzKvGwStVkU1xsRTRDUWkIq3cfBYZvylG vZ+PxfNw1MuTCiQY59OtGf34mLPYSfUmAU79HWQfNbbz99eu2toF472QUY41hpnsCcrP dQoubUFGrjONFYToSqpK/0/jIFj525QT4vMpSs71QCnjdT1IncrCP+kAq3aqqfUYfo5W 3Vuo63WQymFXqwciaOtPT7ZwdeHUJ0+DLvXVroLuhXfwxCHHyAaaZFjOhxPzEsFFZdBv 44Cg==
X-Gm-Message-State: ALoCoQmOSrsOKvN42RYdxtDFuqmmcAjZSMSpYemSp9wuL0BLnpxi16JiKOAHxpk6NlvIqL6Wc5i6LxNL4O5Mefb0iO9LXS/NMVdiMUe0b37rPFwctjfiVJQ=
X-Received: by with SMTP id qo3mr107626078wjc.51.1452099000947; Wed, 06 Jan 2016 08:50:00 -0800 (PST)
From: Brett Tate <>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdFIohM1YHO8moVkQROqUBIiVRDGFw==
Date: Wed, 06 Jan 2016 11:50:00 -0500
Message-ID: <>
To: "Paul Giralt (pgiralt)" <>,
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Subject: Re: [Insipid] draft-ietf-insipid-session-id-14: comments and questions
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Session-ID discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 06 Jan 2016 16:50:03 -0000


> I still think the situations under which there are
> inaccurate Session-IDs are very isolated.

Yes; it is limited only to situations involving a changed uuid.

At worst, there are situations where an intermediary can send a request
containing Session-ID with both uuid values being incorrect.

At best, the inconsistency might eventually get corrected by subsequent
messaging.  However, it may take until the endpoint sends a BYE response (or
the endpoint might not respond to BYE).