IETF Logo Mail Archive

Re: [Insipid] Reviews for INSIPID Session-ID solution draft Version 11

"Paul E. Jones" <paulej@packetizer.com> Wed, 07 January 2015 04:28 UTC

Return-Path: <paulej@packetizer.com>
X-Original-To: insipid@ietfa.amsl.com
Delivered-To: insipid@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E12281A0A6A for <insipid@ietfa.amsl.com>; Tue, 6 Jan 2015 20:28:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.402
X-Spam-Level:
X-Spam-Status: No, score=-0.402 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, DKIM_SIGNED=0.1, J_CHICKENPOX_21=0.6, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xmSyYLsADEWE for <insipid@ietfa.amsl.com>; Tue, 6 Jan 2015 20:28:24 -0800 (PST)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2395C1A0673 for <insipid@ietf.org>; Tue, 6 Jan 2015 20:28:24 -0800 (PST)
Received: from [192.168.1.20] (cpe-098-027-048-015.nc.res.rr.com [98.27.48.15]) (authenticated bits=0) by dublin.packetizer.com (8.14.5/8.14.5) with ESMTP id t074SHIY015195 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO); Tue, 6 Jan 2015 23:28:18 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=packetizer.com; s=dublin; t=1420604898; bh=x40GiAD2zyS0nqtkIcwc7/yVYDNxGVd3Ny8PdPGeUCE=; h=From:To:Subject:Cc:Date:Message-Id:In-Reply-To:Reply-To: Mime-Version:Content-Type:Content-Transfer-Encoding; b=RV4TNBFOyIwxcbUfynk8DywA+jnel93I1yJyAMHTWdP4sF8FfISOiAp9kS4emUqY1 M9to8Gy6k72Pn1oUSrPgTAcajp2K9McvfDMwNSgkhyJNM0P0EM22HHua4/0lWaVcmU eY0BKP1DtGa5TPsmJSgQPnZC7PG1ol09uLqU2xQc=
From: "Paul E. Jones" <paulej@packetizer.com>
To: R.Jesske@telekom.de, R.Jesske@telekom.de, gsalguei@cisco.com, insipid@ietf.org
Date: Wed, 07 Jan 2015 04:28:37 +0000
Message-Id: <em66cbd059-35a2-4826-8bfe-76937b83cc82@sydney>
In-Reply-To: <058CE00BD4D6B94FAD033A2439EA1E4B01E4FF82FE2B@HE113667.emea1.cds.t-internal.com>
User-Agent: eM_Client/6.0.21034.0
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/insipid/ul8TGFR0Af9oZbzWo9YNALOxogU
Cc: insipid-chairs@tools.ietf.org
Subject: Re: [Insipid] Reviews for INSIPID Session-ID solution draft Version 11
X-BeenThere: insipid@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:insipid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/insipid/>
List-Post: <mailto:insipid@ietf.org>
List-Help: <mailto:insipid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:insipid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jan 2015 04:28:27 -0000

Roland,

Also, please accept my apologies for the late reply.  See my comments 
below:


>comment on Abstract
>
>Do we need really the hint to "in the wild" implementation?
>I would propose to refer only to implementations existing based on 
>UUID.
>i.e. the Kaplan draft which is now RFC is within this scope.

I agree that's not desirable.

We now have an RFC for this "in the wild" behavior (RFC 7329).  Is it 
acceptable to refer to the RFC in the abstract?  Perhaps replace "in the 
wild" with "(RFC 7329)"?  Generally there should not be references in 
Abstracts, but I'm thinking that might be helpful in this case.  Or 
shall we just remove the text and have no reference?


>Section 4.1 (and Section 5)
>
>Would it be worth to mention if the Session-id is case sensitive.
>Since when we will need to implement it we have to explicit state it if 
>it is case sensitive or not.

Per RFC 3261, "field names are always case-insensitive". I don't think 
that needs to be repeated here.


>
>I think it would be worth to mention that the UUID is case insensitive 
>as defined in RFC 4122

The text currently states that the UUID characters are lower-case.  The 
syntax also enforces this.  The RFC 4122 text is funny, because it says 
"lower case characters and are case insensitive".  I don't know what 
that means, except that "F" is not a valid character.  Rather than 
create confusing language, I'd rather just leave the text as it is in 
saying the characters are lowercase.

>
>Section 5 (editorial minor)
>
>Text:
>In the case where an entity compliant with this specification is
>    interworking with an entity that implemented [RFC7329], the "remote"
>    parameter might be absent, but otherwise the remote parameter MUST 
>be
>    present.
>
>I would propose to replace might by may. This is from my point of view 
>better for standard ruling if this is a option = may (but the decision 
>I led to the English grammar experts ;-))
>
>Proposal:
>In the case where an entity compliant with this specification is
>    interworking with an entity that implemented [RFC7329], the "remote"
>    parameter may be absent, but otherwise the remote parameter MUST be
>    present.

The reason for using "might" is just to avoid the normative word "may".  
I appreciate that the IETF "MAY" is different than the IETF "may", but I 
prefer to sidestep all confusion by using a word that is not normative.

That said, I'll accept your proposed changes since you think it is 
clearer.


>These are the only comments I have.
>Seen from my point of view the draft is ready for publication.

Thanks!  I am about ready with a new version, as soon as I can resolve 
Brett's comments.  Please watch the list this week for a new version (I 
hope!).

Paul


>
>Thank you and Best Regards
>
>Roland
>
>
>
>>  -----Ursprüngliche Nachricht-----
>>  Von: Jesske, Roland
>>  Gesendet: Montag, 28. Juli 2014 16:00
>>  An: 'Gonzalo Salgueiro (gsalguei)'; insipid@ietf.org
>>  Cc: insipid-chairs@tools.ietf.org
>>  Betreff: AW: Reviews for INSIPID Session-ID solution draft
>>
>>  Hi Gonzalo,
>>  I did a review of the draft till section 9.1 Here are my comments:
>>
>>  Section 2
>>
>>  Text:
>>     The terms "Session Identifier" and "Session ID" refer to the value 
>>of
>>     the identifier, whereas "Session-ID" refers to the header used to
>>     convey the identifier.
>>
>>  For me it is not really clear what th3e difference between "Session
>>  Identifier", "Session ID" and "Session-ID" is.
>>  It is really hard to read the whole text in mind of this description.
>>  Somebody who is not aware of the difference will struggle a little 
>>bit.
>>  I would propose to replace all "Session ID" with "Session 
>>Identifier".
>>
>>
>>  Section 4.1
>>
>>  I'm missing some more description in the start of section 4 that a 
>>local
>>  and remote UUID exists.
>>
>>  Old:
>>
>>  4.1. Constructing the Session Identifier
>>
>>     The Session Identifier comprises two UUIDs [RFC4122], with each 
>>UUID
>>     representing one of the endpoints participating in the session.
>>
>>  Proposal:
>>
>>  4.1. Constructing the Session Identifier
>>
>>    RFC4412 describes the construction of the Universally Unique
>>  Identifier (UUID).
>>     The Session Identifier comprises two UUIDs [RFC4122], with each 
>>UUID
>>     representing one of the endpoints (local UUID and remote UUID)
>>  participating in the session.
>>
>>  Section 4.1 uuid_t
>>
>>  This text:
>>  ...
>>
>>     When generating a version 5 UUID, endpoints or intermediaries MUST
>>     utilize the following "name space ID" (see Section 4.3 of 
>>[RFC4122]):
>>
>>       uuid_t NameSpace_SessionID = {
>>             /* a58587da-c93d-11e2-ae90-f4ea67801e29 */
>>             0xa58587da,
>>             0xc93d,
>>             0x11e2,
>>             0xae, 0x90, 0xf4, 0xea, 0x67, 0x80, 0x1e, 0x29
>>         }
>>
>>  ...
>>
>>  Is/was hard to understand what is here meant by. So if I understand
>>  correctly this is the specific name space definition for our "Session
>>  ID". Thus this is used to calculate our Session-ID/UUID local/remote.
>>
>>  So I would propose to change the following text:
>>
>>  New proposal:
>>     When generating a version 5 UUID, endpoints or intermediaries MUST
>>     Follow the procedures described in Section 4.3 of [RFC4122]. The
>>  following "name space ID" MUST be taken for the calculation of the 
>>UUID.
>>
>>     /* Name string is a Session ID */
>>       uuid_t NameSpace_SessionID = {
>>             /* a58587da-c93d-11e2-ae90-f4ea67801e29 */
>>             0xa58587da,
>>             0xc93d,
>>             0x11e2,
>>             0xae, 0x90, 0xf4, 0xea, 0x67, 0x80, 0x1e, 0x29
>>         }
>>
>>
>>
>>  Section 4.2 first Paragraph:
>>  ...
>>
>>
>>  ABNF: Section 5 (1st comment)
>>  This draft defines the header "session-id" (ABNF: session-id =
>>  "Session-ID" HCOLON local-uuid) while I-D.kaplan-insipid-session-id
>>  defines the header "Session-ID" (ABNF Session-ID = "Session-ID" 
>>HCOLON
>>  sess-id*( SEMI generic-param )).
>>  Seen from syntax there is no difference with regard to the value both
>>  are 32 bytes (32(DIGIT / %x61-66) ;32 chars of [0-9a-f]) Was this 
>>done
>>  by purpose or does this not care?
>>
>>
>>  ABNF: Section 5 (2nd comment)
>>  The definition sess-uuid = 32(DIGIT / %x61-66) ;32 chars of [0-9a-
>>  f] is shown, but there is no real hint that this value is at least 
>>the
>>  built UUID regarding RFC4412. I think we should spent some words of
>>  clarification.
>>
>>
>>  Section 6:
>>
>>  Reading this text is a little bit hard to distinguish the UAC/UAS
>>  behavior. I think it would be worth to spend a little bit more words 
>>to
>>  describe the UAC/UAS behavior in addition. Like what happens in the
>>  Initial request seen from UAC and first response from UAS.
>>
>>  Section 7 3rd paragraph:
>>
>>  Text:
>>     If an intermediary receives a SIP message without a Session-ID 
>>header
>>     value, the intermediary MAY assign a "local-uuid" value to 
>>represent
>>     the sending endpoint and insert that value into all signaling
>>     messages on behalf of the sending endpoint. If the intermediary is
>>     aware of a "remote" value that identifies the receiving UA, it 
>>MUST
>>     insert that value if also inserting the "local-uuid" value.
>>
>>  Perhaps a note would be valuable what such intermediary (e.g. Network
>>  border) could be.
>>  e.g.
>>  Note: Such an intermediary could be an entry point interconnecting to 
>>a
>>  network belonging to another domain or service provider which is not
>>  supporting the Session ID.
>>
>>  Would it be also worth to mention the Interworking behavior between
>>  PSTN/ISDN and SIP?
>>
>>  Section 9. /9.1
>>
>>  Would it be worth to show one example Request INVITE and on response.
>>  I know it is redundant text but people like to see an example to show
>>  how it looks like.
>>
>>  e.G.
>>
>>  INVITE sip:bob@example.com SIP/2.0
>>        Via: SIP/2.0/UDP 192.0.2.1:5060;branch=z9hG4bKnashds10
>>        From: Alice <sip:alice@example.net>;tag=1234567
>>        To: Bob <sip:bob@example.com>
>>        Call-Id: 123456mcmxcix@1.2.3.4
>>        Session-ID: ab30317f1a784dc48ff824d0d3715d86;
>>             remote=00000000000000000000000000000000
>>        CSeq: 1 INVITE
>>        Contact: <sip:alice@192.168.1.1>
>>
>>    SIP/2.0 200 OK
>>        Via: SIP/2.0/UDP b2bua.atlanta.com
>>           ;branch=z9hG4bK77ef4c2312983.1;received=192.0.2.2
>>        Via: SIP/2.0/UDP 192.0.2.1:5060;branch=z9hG4bKnashds10
>>        To: Bob <sip:bob@example.com>tag=a6c85cf
>>        From: Alice <sip:alice@example.net>;tag=1234567
>>        Call-Id: 123456mcmxcix@1.2.3.4
>>        Session-ID: ab30317f1a784dc48ff824d0d3715d86;
>>                    remote=47755a9de7794ba387653f2099600ef2
>>        CSeq: 1 INVITE
>>        Contact: <sip:bob@192.0.2.4>
>>
>>  So that are my comments till 9.1.
>>
>>  Editorial
>>  Page 8 last paragraph responseand --> response and Page 15 1st 
>>Paragraph
>>  and following is "passcode" correct or should it be "pass code" ?
>>  Page 25 last Paragraph "The authors would like to than" --> "The 
>>authors
>>  would like to thank"
>>
>>
>>  Best Regards
>>
>>  Roland
>>
>>  -----Ursprüngliche Nachricht-----
>>  Von: insipid [mailto:insipid-bounces@ietf.org] Im Auftrag von Gonzalo
>>  Salgueiro (gsalguei)
>>  Gesendet: Donnerstag, 24. Juli 2014 18:50
>>  An: insipid@ietf.org
>>  Cc: insipid-chairs@tools.ietf.org
>>  Betreff: [Insipid] Reviews for INSIPID Session-ID solution draft
>>
>>  Hi -
>>
>>  The chairs met and had a WG sync while here in Toronto. Conversations
>>  with the draft authors clearly indicate that we are getting very 
>>close
>>  to WGLC for the Session-ID draft (http://tools.ietf.org/html/draft-
>>  ietf-insipid-session-id). The chairs feel it would be helpful if we
>>  were to get additional reviews prior to WGLC. We have proactively
>>  reached out specifically to some obvious review candidates but we 
>>would
>>  welcome and appreciate partial or complete reviews from anyone in the
>>  WG.
>>
>>
>>  Cheers,
>>
>>  Gonzalo
>>  (as co-chair)
>>  _______________________________________________
>>  insipid mailing list
>>  insipid@ietf.org
>>  https://www.ietf.org/mailman/listinfo/insipid
>
>_______________________________________________
>insipid mailing list
>insipid@ietf.org
>https://www.ietf.org/mailman/listinfo/insipid

v2.23.0 | Report a Bug | By Email