IETF Logo Mail Archive

Re: [Insipid] draft-ietf-insipid-session-id-14: comments and questions

Brett Tate <brett@broadsoft.com> Wed, 06 January 2016 16:50 UTC

Return-Path: <brett@broadsoft.com>
X-Original-To: insipid@ietfa.amsl.com
Delivered-To: insipid@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACB991A909D for <insipid@ietfa.amsl.com>; Wed, 6 Jan 2016 08:50:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.279
X-Spam-Level:
X-Spam-Status: No, score=-1.279 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ojv1GJS_iN9D for <insipid@ietfa.amsl.com>; Wed, 6 Jan 2016 08:50:02 -0800 (PST)
Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 62FB91A8A68 for <insipid@ietf.org>; Wed, 6 Jan 2016 08:50:02 -0800 (PST)
Received: by mail-wm0-x229.google.com with SMTP id l65so66165076wmf.1 for <insipid@ietf.org>; Wed, 06 Jan 2016 08:50:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadsoft-com.20150623.gappssmtp.com; s=20150623; h=from:mime-version:thread-index:date:message-id:subject:to :content-type; bh=CfQTWBRmQ0zAv3AgQnjSKAn4ZkEgArOQ9r3raMZkL1Q=; b=wS6tdbDoEUiIOuCnXkBCE0SkbPKEtZpsStQpRFGpNT3yn50IsTdm3v2W1lFe5dGfJE 00Za6etDP1I8R3BD5yUWmT9wbb9AwFXuZjM6+DRaae5qfvQCEPmyrGahb+tNk5jyh60W Bl5UyNhdjVTCXMseMWE3aCALF6GigtRqyZwL9SRagx5e0koN6g7f+/i5I7mHZHlVhSb+ iuo+vj9vjcnar0pVcLRYpj1du7W61T83xhljQ+UeuXdBABmiYhpfLg/MgzTu2HR4kM1v S+NnkogUdRe77cU3FjPNDFq2vl43mZcJg9a0jrRflch032M5iczu6T1fsMQhD4jp1dx3 4Yzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:mime-version:thread-index:date:message-id :subject:to:content-type; bh=CfQTWBRmQ0zAv3AgQnjSKAn4ZkEgArOQ9r3raMZkL1Q=; b=HP9NmqN7Pmb3d1Oc5hi7q4qPQdE6yRYMTg9qf3lI6hcUrJMSY1JPPJT1NJn/S9Q4VP Uk2T+NffEA/DxxUGYsvQWbzYH1zK8K9lOjgdzKvGwStVkU1xsRTRDUWkIq3cfBYZvylG vZ+PxfNw1MuTCiQY59OtGf34mLPYSfUmAU79HWQfNbbz99eu2toF472QUY41hpnsCcrP dQoubUFGrjONFYToSqpK/0/jIFj525QT4vMpSs71QCnjdT1IncrCP+kAq3aqqfUYfo5W 3Vuo63WQymFXqwciaOtPT7ZwdeHUJ0+DLvXVroLuhXfwxCHHyAaaZFjOhxPzEsFFZdBv 44Cg==
X-Gm-Message-State: ALoCoQmOSrsOKvN42RYdxtDFuqmmcAjZSMSpYemSp9wuL0BLnpxi16JiKOAHxpk6NlvIqL6Wc5i6LxNL4O5Mefb0iO9LXS/NMVdiMUe0b37rPFwctjfiVJQ=
X-Received: by 10.194.222.195 with SMTP id qo3mr107626078wjc.51.1452099000947; Wed, 06 Jan 2016 08:50:00 -0800 (PST)
From: Brett Tate <brett@broadsoft.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdFIohM1YHO8moVkQROqUBIiVRDGFw==
Date: Wed, 06 Jan 2016 11:50:00 -0500
Message-ID: <20dd08695aa25e204594da7f6fbc9ba4@mail.gmail.com>
To: "Paul Giralt (pgiralt)" <pgiralt@cisco.com>, insipid@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/insipid/g483zzgkDQM18OcIoblH8VzftV4>
Subject: Re: [Insipid] draft-ietf-insipid-session-id-14: comments and questions
X-BeenThere: insipid@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:insipid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/insipid/>
List-Post: <mailto:insipid@ietf.org>
List-Help: <mailto:insipid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:insipid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jan 2016 16:50:03 -0000

Hi,

> I still think the situations under which there are
> inaccurate Session-IDs are very isolated.

Yes; it is limited only to situations involving a changed uuid.

At worst, there are situations where an intermediary can send a request
containing Session-ID with both uuid values being incorrect.

At best, the inconsistency might eventually get corrected by subsequent
messaging.  However, it may take until the endpoint sends a BYE response (or
the endpoint might not respond to BYE).

Thanks,
Brett

v2.23.0 | Report a Bug | By Email