Re: [P2PSIP] HBH vs. E2E SIP in P2PSIP
"Eunsoo Shim" <eunsooshim@gmail.com> Sun, 15 July 2007 03:01 UTC
Return-path: <p2psip-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9uMQ-0000wk-AQ; Sat, 14 Jul 2007 23:01:26 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9uMO-0000rb-DN for p2psip@ietf.org; Sat, 14 Jul 2007 23:01:24 -0400
Received: from nf-out-0910.google.com ([64.233.182.189]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I9uMJ-0003Fn-K6 for p2psip@ietf.org; Sat, 14 Jul 2007 23:01:24 -0400
Received: by nf-out-0910.google.com with SMTP id c10so60736nfd for <p2psip@ietf.org>; Sat, 14 Jul 2007 20:01:19 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=cM17TWlVCnetkyFtxzg/1ffcqm26dVmSC8gEcFJLZTgpPgEqYiFw9/KLTie3OL5KvVXbyqxDj5qsyuKcFagUnYasD59BC8qvoXI3gnASmLVho23eWIsVWX3FOA/VNk2vvsb09iygvV53Qdcaz4uHZlXEsbFr17Ga139lRhQao6M=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=h934x2/e6T67Gif0PnOeJuvK8sR79oAcsON4olmIFAg287QB9bKbqhDH8N4huzJloCMwAFYTz8zmojRdRrdDBtmhNHbD2hBAUuXR4u95OG2vb9XA65ZKNmgilHNkH1+3Hl5rBNHB+4obHVPwH01xshuICxUTPK+VgjhK9KhFoPk=
Received: by 10.78.185.15 with SMTP id i15mr839049huf.1184468478726; Sat, 14 Jul 2007 20:01:18 -0700 (PDT)
Received: by 10.78.53.20 with HTTP; Sat, 14 Jul 2007 20:01:18 -0700 (PDT)
Message-ID: <7b683f3f0707142001o8df5ecdhf4bd3c9e07b995d7@mail.gmail.com>
Date: Sat, 14 Jul 2007 23:01:18 -0400
From: Eunsoo Shim <eunsooshim@gmail.com>
To: Jonathan Rosenberg <jdrosen@cisco.com>
Subject: Re: [P2PSIP] HBH vs. E2E SIP in P2PSIP
In-Reply-To: <4697F367.6000809@cisco.com>
MIME-Version: 1.0
References: <4697F367.6000809@cisco.com>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 5ebbf074524e58e662bc8209a6235027
Cc: P2PSIP WG <p2psip@ietf.org>
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1522525304=="
Errors-To: p2psip-bounces@ietf.org
I agree with Jonathan's suggestion. That's what I have been proposing for almost two years. And that's why a client protocol different from SIP brings a clean separation between the protocols for the overlay and SIP. Thanks. Eunsoo On 7/13/07, Jonathan Rosenberg <jdrosen@cisco.com> wrote: > > draft-bryan-p2psip-requirements-00 talks about how SIP relates to the > P2P protocol. It says: > > > The above discussion suggests at least two paradigms for SIP > > operation in a p2p setting: the end-to-end paradigm where a SIP user > > agent uses the p2p location service to discover the location of > > callee, and then send the SIP message directly to the callee, or a > > hop-by-hop paradigm where each peer forwards the SIP request to a > > peer which is more 'closer' to the callee. The former can be thought > > of as a RPC whereas the later can be thought of as a local procedure > > call to determine the next hop. > > I'd like to propose that, any model which views the peers in the p2p > network as proxies (things that add Via headers, follow proxy rules as > defined in RFC 3261, and so on), is basically fatally flawed from a > security perspective. > > SIP was not designed on a model of untrusted proxies. I know this keeps > coming up time and time again in the core SIP mailing list. The problem > is, the design of SIP quite purposefully gives SIP proxies pretty wide > latitude in manipulating message contents and doing things. We have some > limited protection, if you believe in things like S/MIME, but by its > very definition, SIP allows proxies to do lots of stuff. They can send > requests to different places, they can fork, they can send responses, > they can add and remove headers, they can change the destination of a > request. All of it is legal and makes sense in a proxy-routed model. > > However, in P2PSIP, if you think of the peers as proxies, you enter a > use case where you trust none of the proxies, and in fact every call has > a whole lot of them on the signaling path (O(logN)). I guarantee you > that these untrusted proxies will launch attacks that are hard to fix > without basically completely changing the way the SIP protocol works. > > So, don't do it. > > The way you limit what peers can do is by using a protocol to > communicate with peers whose very design limits what can be done. A > protocol built from the ground up to do nothing but give an intermediary > the ability to move a message around based on DHT topology. You wouldn't > need to worry about things modifying media destinations since there is > no SDP. You needn't worry about spoofing caller ID since there is no > caller ID in the protocol. All you do is use this protocol to allow you > to set up a secure, e2e, TLS connection between you and the UA you want > to talk to, and then run SIP over that. > > The great benefit is that SIP already allows UA to UA communications. It > always has. P2PSIP then slides in as a pure, clean replacement for > RFC3263, allowing you to identify the target UA that you want to connect > to, and provide a means for connecting to them through firewalls and NATs. > > Thus I'd like to suggest that the E2E SIP model described in the > requirements document be the one we are shooting for. > > Thanks, > Jonathan R. > > > -- > Jonathan D. Rosenberg, Ph.D. 600 Lanidex Plaza > Cisco Fellow Parsippany, NJ 07054-2711 > Cisco Systems > jdrosen@cisco.com FAX: (973) 952-5050 > http://www.jdrosen.net PHONE: (973) 952-5000 > http://www.cisco.com > > _______________________________________________ > P2PSIP mailing list > P2PSIP@ietf.org > https://www1.ietf.org/mailman/listinfo/p2psip >
_______________________________________________ P2PSIP mailing list P2PSIP@ietf.org https://www1.ietf.org/mailman/listinfo/p2psip
- [P2PSIP] HBH vs. E2E SIP in P2PSIP Jonathan Rosenberg
- RE: [P2PSIP] HBH vs. E2E SIP in P2PSIP Henry Sinnreich
- Re: [P2PSIP] HBH vs. E2E SIP in P2PSIP Dean Willis
- Re: [P2PSIP] HBH vs. E2E SIP in P2PSIP Bruce Lowekamp
- Re: [P2PSIP] HBH vs. E2E SIP in P2PSIP Eunsoo Shim
- RE: [P2PSIP] HBH vs. E2E SIP in P2PSIP marcin.matuszewski
- RE: [P2PSIP] HBH vs. E2E SIP in P2PSIP JiangXingFeng
- Re: [P2PSIP] HBH vs. E2E SIP in P2PSIP Vijay K. Gurbani