Re: [Insipid] Review of draft-ietf-insipid-logme-reqs-11

Paul Kyzivat <paul.kyzivat@comcast.net> Tue, 10 January 2017 17:33 UTC

Return-Path: <paul.kyzivat@comcast.net>
X-Original-To: insipid@ietfa.amsl.com
Delivered-To: insipid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1A4D1296EF for <insipid@ietfa.amsl.com>; Tue, 10 Jan 2017 09:33:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.899
X-Spam-Level:
X-Spam-Status: No, score=-5.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-3.199, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jhia_sT26qel for <insipid@ietfa.amsl.com>; Tue, 10 Jan 2017 09:33:21 -0800 (PST)
Received: from resqmta-po-03v.sys.comcast.net (resqmta-po-03v.sys.comcast.net [IPv6:2001:558:fe16:19:96:114:154:162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2A5F129541 for <insipid@ietf.org>; Tue, 10 Jan 2017 09:33:21 -0800 (PST)
Received: from resomta-po-07v.sys.comcast.net ([96.114.154.231]) by resqmta-po-03v.sys.comcast.net with SMTP id R0HoczZ9HcKypR0IScYISG; Tue, 10 Jan 2017 17:33:20 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20161114; t=1484069600; bh=4AukQsG5rSLQEWb2OcYQ2AzoC75dFYzsR1PyZIz0TWI=; h=Received:Received:Subject:To:From:Message-ID:Date:MIME-Version: Content-Type; b=CtaVdKY7mVEDQXarKi/LKzu7E9KABiDkoHlXm/IfGrzohZruFk3G1x932kKH5AUg+ cvu6fQkjPW3libHl7E6iuJE28lkuWwpJWejAH70lPAHnNbtKYvOKWyQiD3rPjraA7P aps2ajaHYNJwu1V0jwv65O9l+EwESzgqX/HH71eCeowJJrMjVA4o/svdrZLmyTP9bg wM1l3UmIw6xXrVkcm7zq07/XOx130Tqm6nan7xI1KhAx8soNw9zPL6WDJsPGHO2yoP 4dp6/iKJP4uwIrnI+Xf4oxcKA9Ml8NHmf15+/u4by1JR21eh+Vc0DHn0+3IN3ORCps H3TDlef53lkVw==
Received: from [192.168.1.110] ([73.186.127.100]) by resomta-po-07v.sys.comcast.net with SMTP id R0IRcaVhMaRT1R0IRc7IZB; Tue, 10 Jan 2017 17:33:20 +0000
To: insipid@ietf.org
References: <148375779374.17442.8516164323586796119.idtracker@ietfa.amsl.com> <4A4F136CBD0E0D44AE1EDE36C4CD9D99C8C4D0D0@VOEXM31W.internal.vodafone.com>
From: Paul Kyzivat <paul.kyzivat@comcast.net>
Message-ID: <327a9ba3-a587-b87e-a3b8-f2d0055f733e@comcast.net>
Date: Tue, 10 Jan 2017 12:33:19 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.6.0
MIME-Version: 1.0
In-Reply-To: <4A4F136CBD0E0D44AE1EDE36C4CD9D99C8C4D0D0@VOEXM31W.internal.vodafone.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-CMAE-Envelope: MS4wfHEUG12vmc0rVcGJ6CGa8x3m3W+SH01SEetmoZlQztEDM3/cxJiI1weMpJRmvsxpFayFXl/xnfScP9XuqCDYKa1Ks0Dac6DKyTeQ7+dCqQUl551C/+nx i/Zju3IvMFhudHUQEYhJ5EctpePNoNpd71ml4ZSV6kC4ixRgjtEPfdasUw9z/tey/6ZFYb5OZJJ0gQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/insipid/pcRw66wjujhx_Gw1oehc8ZDGsbE>
Subject: Re: [Insipid] Review of draft-ietf-insipid-logme-reqs-11
X-BeenThere: insipid@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:insipid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/insipid/>
List-Post: <mailto:insipid@ietf.org>
List-Help: <mailto:insipid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:insipid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2017 17:33:23 -0000

I have a couple of comments:

On 1/10/17 9:51 AM, Dawes, Peter, Vodafone Group wrote:

>> 1) s5.1: REQ1 - Did you mean to say "using SIP standard logging format"?  Is
>> there another logging format other than SIP CLF?
>
> We am not aware of any other SIP logging formats and SIP CLF is expected to be used, but the logging format will be defined in the solutions draft.

IIUC, the mechanism for retrieval of the logs is out of scope for this 
document and the corresponding mechanism document. So why is the format 
of the logs of any relevance here?

>> 6) Is there a missing requirement based on the security considerations that
>> requires the this marker MUST be removed at the earliest opportunity if it
>> has been incorrectly inserted?
>
> We can move the text "The presence of a "log me" marker might cause some SIP entities to log signaling.  Therefore, this marker MUST be removed at the earliest opportunity if it has been incorrectly inserted."
> from s6.2.1 and add a REQ12 in s5.3.

What do you mean by "incorrectly inserted"?

If this is a syntax issue, then presumably it will be dealt with as a 
syntax error of the sip message. If the standard sip handling mechanism 
is "ignore", then how will it be recognized as a "log me" marker so that 
it may be removed?

To act on this the marker must parse syntactically as a "log me" marker 
(whatever that syntax turns out to be) yet violate some semantic rule.

	Thanks,
	Paul