Re: [Simple] Fwd: Evaluation: draft-ietf-simple-winfo-package - A Session Initiation Protocol (SIP)Event Template-Package for Watcher Information to Proposed Standard
Jonathan Rosenberg <jdrosen@dynamicsoft.com> Mon, 20 January 2003 22:36 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA03154 for <simple-archive@odin.ietf.org>; Mon, 20 Jan 2003 17:36:03 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h0KMrIY21372 for simple-archive@odin.ietf.org; Mon, 20 Jan 2003 17:53:18 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0KMrIJ21369 for <simple-web-archive@optimus.ietf.org>; Mon, 20 Jan 2003 17:53:18 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA03150 for <simple-web-archive@ietf.org>; Mon, 20 Jan 2003 17:35:31 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0KMr1J21350; Mon, 20 Jan 2003 17:53:01 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0KMqCJ21322 for <simple@optimus.ietf.org>; Mon, 20 Jan 2003 17:52:12 -0500
Received: from mail3.dynamicsoft.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA03129 for <simple@ietf.org>; Mon, 20 Jan 2003 17:34:25 -0500 (EST)
Received: from dynamicsoft.com (dyn-tx-app-004.dfw.dynamicsoft.com [63.110.3.2]) by mail3.dynamicsoft.com (8.12.1/8.12.1) with ESMTP id h0KMbaYH004503; Mon, 20 Jan 2003 17:37:41 -0500 (EST)
Message-ID: <3E2C7A2B.90208@dynamicsoft.com>
From: Jonathan Rosenberg <jdrosen@dynamicsoft.com>
Organization: dynamicsoft
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Harald Tveit Alvestrand <harald@alvestrand.no>
CC: Patrik Fältström <paf@cisco.com>, simple@ietf.org, Allison Mankin <mankin@psg.com>
Subject: Re: [Simple] Fwd: Evaluation: draft-ietf-simple-winfo-package - A Session Initiation Protocol (SIP)Event Template-Package for Watcher Information to Proposed Standard
References: <8AA01134-23F4-11D7-871D-0003934B2128@cisco.com> <3E274D76.3080604@dynamicsoft.com> <566820000.1042789903@askvoll.hjemme.alvestrand.no>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Sender: simple-admin@ietf.org
Errors-To: simple-admin@ietf.org
X-BeenThere: simple@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/simple>, <mailto:simple-request@ietf.org?subject=unsubscribe>
List-Id: SIP for Instant Messaging and Presence Leveraging Extensions <simple.ietf.org>
List-Post: <mailto:simple@ietf.org>
List-Help: <mailto:simple-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/simple>, <mailto:simple-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/simple/>
Date: Mon, 20 Jan 2003 17:37:31 -0500
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
thanks for the quick response. Followups inline. Harald Tveit Alvestrand wrote: > > > --On torsdag, januar 16, 2003 19:25:26 -0500 Jonathan Rosenberg > <jdrosen@dynamicsoft.com> wrote: > >>>> This has two problems: >>>> >>>> 1) If a client uses SIP, he presumably has SIP URIs for himself. So he >>>> will use that SIP URI in the From field of a SUBSCRIBE, even though he >>>> also has his own PRES URI. >>>> If the SUBSCRIBE has to be gatewayed to a non-SIP domain, per CPIM, >>>> how is the gateway to find the corresponding PRES URI? >>> >> >> Thus, I would ask you, in your experience with other protocols, do you >> feel that given, (1) we will still have the issue you are worried about >> even if we make it a SHOULD to use the pres URI when you know both, and >> (2) there may be short term interoperability and deployment problems, >> that the benefit of this outweighs the cost? > > > If we were to change the document to say "SHOULD use pres: when one > knows both pres: and sip:", I would be much happier. One may even > include an explanatory paragraph that the reason it's not a MUST is for > communication to environments with legacy SIP-only systems. If we agree > that this is the only problem. I think its the only problem, with the caveat that there are a lot of mini-problems encapsulated within it. For example, there is a whole body of work going on in the area of identity assertion. We have one RFC on this topic, RFC 3325, which specifies a private extension (not for general use on the Internet), for asserted identity across trusted elements. Interestingly, that mechanism as defined only supports the sip and tel URI. They would not be able to use it to assert a pres URI as an identity. Whether thats good or bad depends on whether you are a fan of that mechanism or not ;) The more general work, using cryptographic identities: http://www.ietf.org/internet-drafts/draft-ietf-sip-identity-00.txt runs into an issue too. How does the authentication service (which asserts an identity by signing a SIP message fragment whose From header identifies the user) determine WHICH identity to assert? Does it assert the pres or sip URI? That depends on what the user is trying to do. I suppose it could assume that if it was signing a SUBSCRIBE request with the event presence, it should assert a pres URI. Anyway, given the benefits of the pres URI over the <encoded-URI>@gateway approach, I would propose to go with your proposal, making it a SHOULD to use the pres URI. I'd also like to add a bunch of explanatory text around this. Here is my proposed text: > {\SUBSCRIBE} messages also contain logical identifiers that define the > originator and recipient of the subscription (the \header{To} and > \header{From} header fields). These headers can take either a pres or > SIP URI. When the subscriber is aware of both a pres and SIP URI for > its own identity, it SHOULD use the pres URI in the From header > field. Similarly, when the subscriber is aware of both a pres and a > SIP URI for the desired presentity, it SHOULD use the pres URI in the > To header field. The usage of the pres URI supports interoperability through > gateways to other CPP-compliant systems. It provides a > protocol-independent form of identification which can be passed > between systems. Without such an identity, gateways would be forced to > map SIP URIs into the addressing format of other protocols. Generally, > this is done by converting the SIP URI to the form > <foreign-protocol-scheme>:<encoded SIP URI>@<gateway>. This is > commonly done in email systems, and has many known problems. The usage > of the pres URI is a SHOULD, and not a MUST, to allow for cases where > it is known that there are no gateways present, or where the usage of > the pres URI will cause interoperability problems with SIP components > that do not support the pres URI. Harald further writes: > >>>> 2) If a client starts with the PRES URI, and later learns the SIP URI >>>> of someone, and those two identities part way for some reason (perhaps >>>> the client stops using SIP, or the SIP URI was to a proxy service, or >>>> something) - how does the client learn that it's time to go back to >>>> the PRES URI? >>> >> >> Another good question. >> >> Really, it comes down to how you learn these URI in the first place. I >> might send a SIP SUBSCRIBE to a pres URI, and the Contact header that >> comes back in the 200 OK will definitely be a SIP URI. It identifies the >> specific SIP user agent device I am in contact with. Perhaps you would >> then use this SIP URI instead for future SUBSCRIBE. However, RFC 3261 >> intends for the Contact URI to be scoped (in terms of temporal validity) >> to the duration of the dialog (aka subscription). Combing over the text >> in RFC3261 its not fabulously clear on this point, but thats the intent. >> So, there is a built in expiration mechanism which would make it invalid >> for future use. The SIP redirect response could also provide a SIP URI >> for the presence URI. Redirect responses have a built in mechanism for >> declaring the lifetime of the mapping, through the Expires header field. >> >> Alternatively, if you somehow got the SIP URI from DNS when looking up >> the pres URI (note that the SRV spec does NOT give you back the SIP URI, >> but let us assume it did), the DNS TTLs would tell you when it expires. > > > I would be happier with this part if it added a note saying something like: > "NOTE: For many mechanisms that allow users to learn URIs, there is a > validity period implied; for instance, RFC 3261 Contact: headers are > implicitly scoped to the duration of the dialog on which they are sent, > and URIs that are built using information from the DNS need to respect > DNS TTL values." > > Then it's up to the mechanisms from which you learn URIs to make sure > you have a TTL when you query - I guess you have already noted this > issue for the next time RFC 3261 is revised....:-) > > This is really an orthogonal issue to which format you want to give > preference to; the problem is equally valid for both possible preferences. I agree that it is orthogonal. I've added the following text that discusses the issue genreally: > In some instances, a user starts with one URI format, such as the pres > URI, and learns a URI in a different format through some protocol > means. As an example, a SUBSCRIBE request sent to a pres URI will > result in learning a SIP or SIPS URI for the presentity from the > Contact header field of the 200 OK to the SUBSCRIBE request. As > another example, a DNS mechanism might be defined that would allow > lookup of a pres URI to obtain a SIP or SIPS URI. In cases where one > URI is learned from another through protocol means, those means will > often provide some kind of scoping that limit the lifetime of the > learned URI. DNS, for example, provides a TTL which would limit the > scope of the URI. These scopes are very useful to avoid stale or > conflicting URIs for identifying the same resource. To ensure that a > user can always determine whether a learned URI is still valid, it is > RECOMMENDED that systems which provide lookup services for presence > URIs have some kind of scoping mechanism. > >> So, I would argue that the only real way a user can get a hold of both >> the pres and the SIP URI for the user, and not be sure for how long the >> SIP URI is valid, is if they were handed to that person, on a business >> card, or on a web page. > > > I'd be hesitant to predict the future. I suspect that there will be many > more ways than we currently think of that URIs are handed around. I > don't think we added TTL values to LDAP or the EPP protocol, for > instance.... True. Such things would exist as part of the schema, though. Indeed, the point of the above text is that your LDAP schema should include some kind of expiration. >> In such cases, I would argue that it is not the >> role of the IETF to dictate which is more authoritative. > > > I could agree with this argument, if the current document didn't say the > complete opposite.... if the IETF is to give guidance, I want the > guidance to be what's best for the Internet..... I was trying to argue that generally, I didn't want to impose a rule on determining which was authoritative, except to the extent that there were specific technical issues that would cause you to prefer one over the other. > >> After all, we do >> not say that if given an H.323 and a SIP URI you must use the SIP URI. >> Or, given a tel URI and a SIP URI, you must use the tel. This latter case >> is actually closer to the pres/sip case, since the tel URI can be looked >> up in DNS to obtain a SIP URI (using ENUM, RFC 2916). > > > [Red herring alert - arguing about analogous cases can lead the > discussion far astray..... but anyway.... > > I don't think they're analogous - someone using a pres: URI will > certainly have installed the <technology>._pres. DNS records for his > domain, since the pres: URI is meaningless without such installed records. > there are lots of reasons why people can have a valid tel: URI without > installing records into ENUM (including the fact that the ENUM subtree > for my country and your country aren't even delegated yet). Sure. In fact, [and now we are really getting off topic] I have argued on the iptel list that I felt that the tel URI as defined was really capturing two different functions. One was a true URN, where the implied semantics were to do a lookup in the DNS (using enum) to resolve it. The second was to identify a telephone network endpoint, so that the implied semantics were to connect to that endpoint on the telephone network. I argued to create two URI to represent these separately, in fact. But, like I said, that is really a separate discussion, which, if you are interested in, I welcome you to comment on on the iptel list. >> The reason that the draft states a preference here is that within SIP, >> there will be interoperability problems with placeing the pres URI into >> the request URI. In many cases, SIP user agents use an outbound proxy, >> similar to an http proxy. This proxy must understand the request URI >> format in order to forward the request. If I place the pres URI in the >> request URI, and this goes to the outbound proxy, and it doesnt >> understand how to process the pres URI, the subscription will fail. >> Ultimately, our aim is to use our own native addressing format within SIP >> networks, since that promotes maximum interoperability. > > > I think this is not the best thing for the Internet. > > Using the SIP addressing format exclusively within SIP networks promotes > maximum interoperability *within SIP networks*. It also promotes > "walling off the SIP garden", making the cost of communicating with SIP > users higher for people who are not using SIP services, and it does all > the lock-in and lack of flexibility that we've seen with > explictly-addressed email gateways. (No, I don't want to talk about > NATs....) > >> So, once more, I would ask - do you think that the benefits of using the >> pres URI in the request URI (which are, that it is possibly more >> authoritative, although I am not so sure), outweigh the drawback of >> potential interoperability issues? > > > I think so. > > No matter what you do, you will have interoperability issues. And if you > allow people to avoid supporting pres: URIs in the first rollout of the > service (when it can be added at the cost of a few extra DNS lookups), > you make it that much harder to add support for it in the next version > (when the "installed base" argument is a hundred times larger). OK, I will buy the argument that it is harder now than later. I changed the text to make usage of the pres URI a SHOULD. -Jonathan R. -- Jonathan D. Rosenberg, Ph.D. 72 Eagle Rock Ave. Chief Scientist First Floor dynamicsoft East Hanover, NJ 07936 jdrosen@dynamicsoft.com FAX: (973) 952-5050 http://www.jdrosen.net PHONE: (973) 952-5000 http://www.dynamicsoft.com _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple
- [Simple] Fwd: Evaluation: draft-ietf-simple-winfo… Patrik Fältström
- Re: [Simple] Fwd: Evaluation: draft-ietf-simple-w… Jonathan Rosenberg
- Re: [Simple] Fwd: Evaluation: draft-ietf-simple-w… Harald Tveit Alvestrand
- RE: [Simple] Fwd: Evaluation: draft-ietf-simple-w… hisham.khartabil
- Re: [Simple] Fwd: Evaluation: draft-ietf-simple-w… Jonathan Rosenberg