Re: [P2PSIP] Spencer Dawkins' Yes on draft-ietf-p2psip-sip-19: (with COMMENT)

["Thomas C. Schmidt" <t.schmidt@haw-hamburg.de>]

Hi Spencer,

many thanks for the feedback - please see inline.

On 19.04.2016 16:03, Spencer Dawkins wrote:

>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> This was a bit confusing to me.
>
>     AOR domain not supported by overlay?  If the domain part of the AOR
>        is not supported in the current overlay, the user SHOULD query the
>        DNS (or other discovery services at hand) to search for an
>        alternative overlay that services the AOR under request.
>        Alternatively, standard SIP procedures for contacting the callee
>        SHOULD be used.
>
> If you don't query the DNS (or other discovery services), and you don't
> use standard SIP procedures, are there any other choices? With both of
> these being SHOULDs, a conformant implementation might not do either of
> them. Is that expected?
>
> If you need this to be RFC 2119 language, I'm guessing this would be
> "MUST either do X or Y", but I'm not sure it needs to be RFC 2119.
>
> If you really do need two alternative SHOULDs, it's not required to
> explain why a SHOULD is not a MUST, but since the goal is that an
> implementer is making an informed choice, helping the implementer
> understand why one might not want to do what one SHOULD do is usually
> helpful.
>

I see - the normative SHOULDs appear indeed a bit strong. The described 
case is "you query the wrong overlay, so we give some hints on what else 
you could do".

Suggested rephrase:

    AOR domain not supported by overlay?  If the domain part of the AOR
       is not supported in the current overlay, the user MAY query the
       DNS (or other discovery services at hand) to search for an
       alternative overlay that services the AOR under request.
       Alternatively, standard SIP procedures for contacting the callee
       might be used.

O.K.?

> I think that
>
>     A callee MAY choose to listen on both
>     SIP and SIPS ports and accept calls from either SIP schemes, or
>     select a single one.
>
> is using "SIP schemes" generically, but this might be clearer if you just
> said "either scheme".
>

O.K., done.

> I'm not on top of SIPS these days, but I didn't think
>
>     SIPS requires end-to-end protection that may include client links and
>     endpoint certificates.
>
> was "end-to-end protection". Is it? I thought that it was
> protected-hop-by-protected-hop. Or maybe you only mean SIPS in P2PSIP?
>

oops, that's a lapse. It should be all links including client links (if 
present). So we propose to rephrase

     SIPS requires protection of all links that may include client links 
(if present) and
     endpoint certificates.

> Sorry if I'm confused (and the SIP Forum will be thrilled to hear this,
> if I'm just confused).
>
> I can figure out what "fork explosion" and "fork bomb" are, but are these
> terms in common usage in the SIP community? Is there a definition or
> reference for them?
>

I could not find a document defining exactly these terms (or 
equivalents), but the phenomena are broadly discussed (e.g. RFC 5393). 
I'm happy to rephrase, if there is a term striking better - any suggestions?

Thanks again,

  thomas
-- 

Prof. Dr. Thomas C. Schmidt
° Hamburg University of Applied Sciences                   Berliner Tor 7 °
° Dept. Informatik, Internet Technologies Group    20099 Hamburg, Germany °
° http://www.haw-hamburg.de/inet                   Fon: +49-40-42875-8452 °
° http://www.informatik.haw-hamburg.de/~schmidt    Fax: +49-40-42875-8409 °