Re: [P2PSIP] Stephen Farrell's No Objection on draft-ietf-p2psip-sip-20: (with COMMENT)

"Thomas C. Schmidt" <t.schmidt@haw-hamburg.de> Tue, 19 April 2016 21:43 UTC

Return-Path: <t.schmidt@haw-hamburg.de>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE10112E5F4; Tue, 19 Apr 2016 14:43:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.896
X-Spam-Level:
X-Spam-Status: No, score=-2.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.996] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SBY8qEMDD0hm; Tue, 19 Apr 2016 14:43:41 -0700 (PDT)
Received: from mx6.haw-public.haw-hamburg.de (mx6.haw-public.haw-hamburg.de [141.22.6.3]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E07F12E74C; Tue, 19 Apr 2016 14:43:40 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.24,507,1454972400"; d="scan'208";a="39003775"
Received: from post.haw-hamburg.de (HELO HUB02.mailcluster.haw-hamburg.de) ([141.22.24.51]) by mail6.is.haw-hamburg.de with ESMTP/TLS/AES256-SHA; 19 Apr 2016 23:43:38 +0200
Received: from CAS04.mailcluster.haw-hamburg.de (2002:8d16:183f::8d16:183f) by HUB02.mailcluster.haw-hamburg.de (2002:8d16:1833::8d16:1833) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 19 Apr 2016 23:43:38 +0200
Received: from [10.1.0.99] (141.22.250.35) by haw-mailer.haw-hamburg.de (141.22.24.63) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 19 Apr 2016 23:43:37 +0200
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
References: <903bea94d5c1456eb2415a9328fb6f21@HUB01.mailcluster.haw-hamburg.de>
From: "Thomas C. Schmidt" <t.schmidt@haw-hamburg.de>
Message-ID: <5716A67E.9010208@haw-hamburg.de>
Date: Tue, 19 Apr 2016 23:43:26 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <903bea94d5c1456eb2415a9328fb6f21@HUB01.mailcluster.haw-hamburg.de>
Content-Type: text/plain; charset="windows-1252"; format=flowed
Content-Transfer-Encoding: 8bit
X-Originating-IP: [141.22.250.35]
Archived-At: <http://mailarchive.ietf.org/arch/msg/p2psip/qUyzyNi4dwHKyQkVUzGt63jKrKE>
Cc: "p2psip-chairs@ietf.org" <p2psip-chairs@ietf.org>, "draft-ietf-p2psip-sip@ietf.org" <draft-ietf-p2psip-sip@ietf.org>, "p2psip@ietf.org" <p2psip@ietf.org>
Subject: Re: [P2PSIP] Stephen Farrell's No Objection on draft-ietf-p2psip-sip-20: (with COMMENT)
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/p2psip/>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Apr 2016 21:43:44 -0000

Hi Stephen,

On 19.04.2016 23:05, Stephen Farrell wrote:

>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
>
> - 5.1: I guess it's too late to ask, but I'll ask
> anyway, just in case this hasn't yet been implemented
> and it's not too late... I can see why you want to
> support SIP URIs and can't e.g. only support SIPS URIs
> here.  But in supporting SIP URIs couldn't you have
> taken an opportunistic security approach to using TLS
> and e.g. maybe treated a SIP URI as if it's a SIPS URI
> except for the certificate validation step? I do get
> that that might restrict re-use of unmodified SIPS
> stacks but maybe that'd be ok in this context. Any
> chance of considering that or is it too late or a case
> where there's not enough energy/interest?  (EIther form
> of "no" is a very reasonable answer.)
>

I guess, something similar to opportunistic security is actually 
happening on the RELOAD overlay. All links are (D)TLS encrypted. Further 
security additives are out of scope for the moment, I would be tempted 
to say.

> - Just out of curiosity, are folks deploying this
> anywhere?
>

The whole P2PSIP story is suffering from a much delayed standards 
process (it started in 2006). For example, we had a joint implementation 
with Deutsche Telekom and quite a number of others had efforts, too. All 
this seems quite a while ago. Currently, we are more on finishing the 
work that unfortunately had circulated way too long in the WG.

Cheers,
  Thomas
-- 

Prof. Dr. Thomas C. Schmidt
° Hamburg University of Applied Sciences                   Berliner Tor 7 °
° Dept. Informatik, Internet Technologies Group    20099 Hamburg, Germany °
° http://www.haw-hamburg.de/inet                   Fon: +49-40-42875-8452 °
° http://www.informatik.haw-hamburg.de/~schmidt    Fax: +49-40-42875-8409 °