IETF Logo Mail Archive

Re: [P2PSIP] Review of draft-ietf-p2psip-sip-06

Marc Petit-Huguenin <petithug@acm.org> Tue, 15 November 2011 00:19 UTC

Return-Path: <petithug@acm.org>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6577411E80D0 for <p2psip@ietfa.amsl.com>; Mon, 14 Nov 2011 16:19:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.62
X-Spam-Level:
X-Spam-Status: No, score=-102.62 tagged_above=-999 required=5 tests=[AWL=-0.020, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2y4JGA18TxLz for <p2psip@ietfa.amsl.com>; Mon, 14 Nov 2011 16:19:18 -0800 (PST)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id E9D9E1F0C8A for <p2psip@ietf.org>; Mon, 14 Nov 2011 16:19:09 -0800 (PST)
Received: from [IPv6:2001:df8:0:64:ca0a:a9ff:fe2e:a4f6] (unknown [IPv6:2001:df8:0:64:ca0a:a9ff:fe2e:a4f6]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client CN "petithug", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id 17E2520371 for <p2psip@ietf.org>; Tue, 15 Nov 2011 00:09:29 +0000 (UTC)
Message-ID: <4EC1AFFA.6060906@acm.org>
Date: Tue, 15 Nov 2011 08:19:06 +0800
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.23) Gecko/20111010 Icedove/3.1.15
MIME-Version: 1.0
To: P2PSIP Mailing List <p2psip@ietf.org>
References: <4E49B882.7060001@acm.org> <4EC159BA.5020909@acm.org>
In-Reply-To: <4EC159BA.5020909@acm.org>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Subject: Re: [P2PSIP] Review of draft-ietf-p2psip-sip-06
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Nov 2011 00:19:21 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/15/2011 02:11 AM, Marc Petit-Huguenin wrote:
> No response to this review, but I have an additional comment on this draft:
> 
> 11. Section 3
> 
> "Note that these rules permit Alice to forward calls to Bob without
>  his permission.  However, they do not permit Alice to forward Bob's
>  calls to her."
> 
> One way to allow Alice to forward Bob's calls to her (or someone else) in a
> secure way is to use the access control policy defined in
> draft-knauf-p2psip-share.  With -sip-06, only the owner of the certificate can
> store a SIP-REGISTRATION, that we can represent like this:
> 
> Resource     Kind   Node-ID       URI              signer
> bob@c.com------1--->0x12345678--->sip:bob@m.com    bob@c.com
> 
> What Share can bring here is the possibility to have an authorized third-party
> modifying the SIP registration:
> 
> Resource     Kind   Node-ID       URI              signer
> bob@c.com----1001-->0x12345678--->sip:bob@c.com    bob@c.com
> 
> Resource     Kind   Index        ACL                     signer
> bob@c.com-----18--->0x56780001-->bob@c.com   1001 true   bob@c.com
> bob@c.com-----18--->0x56780002-->alice@c.com 1001 false  bob@c.com
> 
> Here Bob (the boss) delegates to Alice (his assistant[1]) the right to modify
> its registration, so Alice can now change it:
> 
> Resource     Kind   Node-ID       URI              signer
> bob@c.com----1001-->0x12345678--->sip:alice@m.com  alice@c.com
> 
> One problem is that we cannot reuse the Kind 1 (SIP), because it is already
> bound to USER-NODE-MATCH, so we have to create a new kind (1001) that is bound
> to USER-CHAIN-ACL.  Unfortunately I do not see an easy solution to use the
> original Kind (1) with USER-CHAIN-ACL.
> 
> I would suggest to add an informative reference to draft-p2psip-knauf-share, and

I meant "add an informative reference in draft-ietf-p2psip-sip to
draft-knauf-p2psip-share".

> to add a similar example in an appendix.
> 
> 
> [1] For the record, the example I sent to the Share authors had Alice as the
> boss, and Bob as her assistant, but I had to invert the example to match the
> text in -sip.
> 
> On 08/16/2011 08:23 AM, Marc Petit-Huguenin wrote:
>> 1. Section 3: SipRegistration structure
>>
>> I would suggest to use "SipRegistration Resource Record" instead, to match the
>> terminology in -concepts.
>>
>> Same thing for SipRegistration PDU in the same section.
>>
>>
>> 2. Section 3: 1st paragraph
>>
>> s/This uses the SIP-REGISTRATION Kind-ID/This uses the SIP-REGISTRATION Kind/
>>
>>
>> 3. Section 3: opaque contact_prefs<0..2^16-1>;
>>
>> The format of the contact_prefs field is not described.  Is it RFC 3840 or RFC
>> 2533 (better in my opinion) or something else?
>>
>>
>> 4. Section 3: Destination destination_list<0..2^16-1>;
>>
>> I think it would be better to have a list of destination_list instead, to be
>> able to register different paths to the destination.  This could be useful if a
>> node decides to register as a client to multiple peers, using the procedure in
>> the second bullet of section 3.2.1 of -base.
>>
>>
>> 5. Section 3, second bullet of last list.
>>
>> It says that the storing peer must check that "[t]he certificate contains a
>> Node-ID that is the same as the dictionary key it is being stored at.", which is
>> not exactly true when the certificate contains multiple Node-ID.  It would be
>> better to say:
>>
>> "The Node-ID of the signer is the same as the dictionary key it is being stored at."
>>
>>
>> 6. Section 4, first item in list
>>
>> "Check to see if the domain part of the AOR matches the domain name of an
>> overlay of which he is a member."
>>
>> The way I understand this sentence, the "sip:petithug@implementers.org" AOR
>> matches an overlay named "overlay.implementers.org".  Was that the intent of
>> this rule, or was the intent that the "sip:petithug@implementers.org" AOR only
>> matches the "implementers.org" overlay?
>>
>>
>> 7. Section 5.
>>
>> "If certificate-based authentication is in use, the responding peer MUST present
>> a certificate with a Node-ID matching the terminal entry in the route list."
>>
>> If this sentence is about the AppAttach itself (and not about the connection
>> created by the AppAttach), isn't that rule already part of -base?
>>
>>
>> 8. Section 6. Second sentence.
>>
>> I do not understand what this sentence means.
>>
>>
>> 9. Section 8.1. "In this section we discuss security issues that are likely to
>> be relevant to any usage of RELOAD."
>>
>> There is no security issues discussed in section 8.1.
>>
>>
>> 10. Section 9
>>
>> Please change "TBD" by the code point that was already assigned (1, I think), so
>> early implementations can do interoperability testing.
>>
>>
>> Nits
>> ====
>>
>> - Abstract
>>
>> s/(RELOAD),/(RELOAD)./
>>
>> - Section 2
>>
>> s/consiered/considered/
>>
> 


- -- 
Marc Petit-Huguenin
Personal email: marc@petit-huguenin.org
Professional email: petithug@acm.org
Blog: http://blog.marc.petit-huguenin.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk7Br/gACgkQ9RoMZyVa61fCTgCfQqApyrWerSBJV55zmG/svCRi
zi0An33Zv3DsWywaChy+fWXNQz7aWi68
=L0Lf
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email