Re: [P2PSIP] Stephen Farrell's No Objection on draft-ietf-p2psip-sip-20: (with COMMENT)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 20 April 2016 09:53 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C439D12E5D7; Wed, 20 Apr 2016 02:53:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.297
X-Spam-Level:
X-Spam-Status: No, score=-5.297 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DFlQP3TP_aze; Wed, 20 Apr 2016 02:53:32 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCF6A12DBD6; Wed, 20 Apr 2016 02:53:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id E5F2DBE54; Wed, 20 Apr 2016 10:53:30 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sm0J-GHkSDd9; Wed, 20 Apr 2016 10:53:30 +0100 (IST)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 42189BE2F; Wed, 20 Apr 2016 10:53:30 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1461146010; bh=7pnes4/CmLAsu8feJFoz2Y2lZ4N17BHBd+9IjC3Rv8k=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=JxKPxFWeYIsJRrL/WU2Ss8hiKEMbRNvVmUSlCov5jx7WQv4kvypCPuK+KIhDN0Tm6 vK2lIQhuuVeUXlUML73L2gfpvfLzyZfZ/BVdCrUU7gkFyvT/atGhZEe5d8pXfXSIx5 gmSgjjRwpYptGoi8eu9CgKvtIzPf8aj+0m8sB/M0=
To: "Thomas C. Schmidt" <t.schmidt@haw-hamburg.de>, The IESG <iesg@ietf.org>
References: <903bea94d5c1456eb2415a9328fb6f21@HUB01.mailcluster.haw-hamburg.de> <5716A67E.9010208@haw-hamburg.de>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <5717519A.7080600@cs.tcd.ie>
Date: Wed, 20 Apr 2016 10:53:30 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <5716A67E.9010208@haw-hamburg.de>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms060507020508010800030706"
Archived-At: <http://mailarchive.ietf.org/arch/msg/p2psip/VURS1hYv18xhQdYVY-mTm-Cfts4>
Cc: "p2psip-chairs@ietf.org" <p2psip-chairs@ietf.org>, "draft-ietf-p2psip-sip@ietf.org" <draft-ietf-p2psip-sip@ietf.org>, "p2psip@ietf.org" <p2psip@ietf.org>
Subject: Re: [P2PSIP] Stephen Farrell's No Objection on draft-ietf-p2psip-sip-20: (with COMMENT)
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/p2psip/>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Apr 2016 09:53:35 -0000

Hi Thomas,

On 19/04/16 22:43, Thomas C. Schmidt wrote:
> Hi Stephen,
> 
> On 19.04.2016 23:05, Stephen Farrell wrote:
> 
>>
>> ----------------------------------------------------------------------
>> COMMENT:
>> ----------------------------------------------------------------------
>>
>>
>> - 5.1: I guess it's too late to ask, but I'll ask
>> anyway, just in case this hasn't yet been implemented
>> and it's not too late... I can see why you want to
>> support SIP URIs and can't e.g. only support SIPS URIs
>> here.  But in supporting SIP URIs couldn't you have
>> taken an opportunistic security approach to using TLS
>> and e.g. maybe treated a SIP URI as if it's a SIPS URI
>> except for the certificate validation step? I do get
>> that that might restrict re-use of unmodified SIPS
>> stacks but maybe that'd be ok in this context. Any
>> chance of considering that or is it too late or a case
>> where there's not enough energy/interest?  (EIther form
>> of "no" is a very reasonable answer.)
>>
> 
> I guess, something similar to opportunistic security is actually
> happening on the RELOAD overlay. All links are (D)TLS encrypted. Further
> security additives are out of scope for the moment, I would be tempted
> to say.
> 
>> - Just out of curiosity, are folks deploying this
>> anywhere?
>>
> 
> The whole P2PSIP story is suffering from a much delayed standards
> process (it started in 2006). For example, we had a joint implementation
> with Deutsche Telekom and quite a number of others had efforts, too. All
> this seems quite a while ago. Currently, we are more on finishing the
> work that unfortunately had circulated way too long in the WG.

Understood. In that case, I'm fine with you not trying to polish
it more.

Cheers,
S.


> 
> Cheers,
>  Thomas