Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-statement-06.txt
Peter Musgrave <peter.musgrave@magorcorp.com> Wed, 04 May 2011 13:39 UTC
Return-Path: <peter.musgrave@magorcorp.com>
X-Original-To: sip-clf@ietfa.amsl.com
Delivered-To: sip-clf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id 4EBE3E0762 for <sip-clf@ietfa.amsl.com>;
Wed, 4 May 2011 06:39:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.066
X-Spam-Level:
X-Spam-Status: No, score=-103.066 tagged_above=-999 required=5 tests=[AWL=0.532,
BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1,
USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tTOq8+nfUZWH for
<sip-clf@ietfa.amsl.com>; Wed, 4 May 2011 06:39:47 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com
[209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 0F8DAE0682 for
<sip-clf@ietf.org>; Wed, 4 May 2011 06:39:46 -0700 (PDT)
Received: by ywi6 with SMTP id 6so469366ywi.31 for <sip-clf@ietf.org>;
Wed, 04 May 2011 06:39:46 -0700 (PDT)
Received: by 10.151.69.24 with SMTP id w24mr1067555ybk.263.1304516385897;
Wed, 04 May 2011 06:39:45 -0700 (PDT)
Received: from petermac.magor.local ([72.1.217.106]) by mx.google.com with
ESMTPS id u20sm507765yba.0.2011.05.04.06.39.44 (version=TLSv1/SSLv3
cipher=OTHER); Wed, 04 May 2011 06:39:44 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: multipart/alternative; boundary=Apple-Mail-52--208331340
From: Peter Musgrave <peter.musgrave@magorcorp.com>
In-Reply-To: <8CB1F01A-91E7-4A02-A984-718AEC84EE0B@magorcorp.com>
Date: Wed, 4 May 2011 09:39:43 -0400
Message-Id: <96B28772-470F-4010-A372-7432A43CBB0F@magorcorp.com>
References: <20110418143004.807.72505.idtracker@ietfc.amsl.com>
<A4BBEEE4-4420-4A3A-BD0D-EE72430A6A64@magorcorp.com>
<8CB1F01A-91E7-4A02-A984-718AEC84EE0B@magorcorp.com>
To: Peter Musgrave <peter.musgrave@magorcorp.com>
X-Mailer: Apple Mail (2.1084)
Cc: "sip-clf@ietf.org Mailing" <sip-clf@ietf.org>
Subject: Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-statement-06.txt
X-BeenThere: sip-clf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP Common Log File format discussion list <sip-clf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sip-clf>,
<mailto:sip-clf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-clf>
List-Post: <mailto:sip-clf@ietf.org>
List-Help: <mailto:sip-clf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>,
<mailto:sip-clf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 May 2011 13:39:48 -0000
As promised here my "as individual" review of the examples:
In section 9.2:
To: sip:bob@example.net
R-URI: sip:bob@bob1.example.net
I am trying to reconcile these. It is not stated in the start that bob is registered to p2. I am assuming that p2 is authoritative for bob (Hence the value in the To: header) ?
Should the intro state that Bob is registered to p2?
Went through the rest fairly carefully. All looks good.
Cheers,
Peter Musgrave
On 2011-04-27, at 2:42 PM, Peter Musgrave wrote:
> (as individual)
>
> Overall, I think this is in excellent shape. I have a few specific observations/questions:
>
> Last sentence of abstract could be simplified just to SIP devices? (In section 4 UA is explicitly mentioned - and it's not in the abstract which has a list of SIP server type devices).
>
> 8.1 From/To Header
> Both contain the statement "it is not necessary to log any URI parameters".
> Perhaps this should be in normative language? URI parameters MUST NOT be logged (they can be logged separately using an option field)
>
> R-URI: URI parameters MUST be logged?
>
> 8.2 Is it necessary to indicate what a UAS-half and UAC-half are? I can see that for a proxy a request is both received and forwarded (although I am not sure I would use the term UAC-half for the sent side of a message.) As for a B2BUA I tend to think of the two sides as a UAC and a UAS (and not a "half")
>
> [I have set aside the examples for now - I will finish reviewing that before the WGLC ends].
>
> Cheers,
>
> Peter
>
>
>
>
>
> On 2011-04-18, at 3:11 PM, Peter Musgrave wrote:
>
>> Greetings CLF-ers,
>>
>> I would like to start a two week WGLC on the problem statement doc (in accordance with our discussion in Prague).
>>
>> Please make you comments on the list by Wed. May 4th (I have added a few days to account for the Easter break).
>>
>> We need reviewers and fresh eyes - so if you can make time to read this it is much appreciated!
>>
>> Thanks,
>>
>> Peter Musgrave
>> Chair, sip-clf
>>
>> Begin forwarded message:
>>
>>> From: Internet-Drafts@ietf.org
>>> Date: April 18, 2011 10:30:04 AM EDT
>>> To: i-d-announce@ietf.org
>>> Cc: sip-clf@ietf.org
>>> Subject: [sip-clf] I-D Action:draft-ietf-sipclf-problem-statement-06.txt
>>>
>>> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>>> This draft is a work item of the SIP Common Log Format Working Group of the IETF.
>>>
>>>
>>> Title : The Common Log Format (CLF) for the Session Initiation Protocol (SIP)
>>> Author(s) : V. Gurbani, et al.
>>> Filename : draft-ietf-sipclf-problem-statement-06.txt
>>> Pages : 34
>>> Date : 2011-04-18
>>>
>>> Well-known web servers such as Apache and web proxies like Squid
>>> support event logging using a common log format. The logs produced
>>> using these de-facto standard formats are invaluable to system
>>> administrators for trouble-shooting a server and tool writers to
>>> craft tools that mine the log files and produce reports and trends.
>>> Furthermore, these log files can also be used to train anomaly
>>> detection systems and feed events into a security event management
>>> system. The Session Initiation Protocol does not have a common log
>>> format, and as a result, each server supports a distinct log format
>>> that makes it unnecessarily complex to produce tools to do trend
>>> analysis and security detection. We propose a common log file format
>>> for SIP servers that can be used uniformly by proxies, registrars,
>>> redirect servers as well as back-to-back user agents.
>>>
>>> A URL for this Internet-Draft is:
>>> http://www.ietf.org/internet-drafts/draft-ietf-sipclf-problem-statement-06.txt
>>>
>>> Internet-Drafts are also available by anonymous FTP at:
>>> ftp://ftp.ietf.org/internet-drafts/
>>>
>>> Below is the data which will enable a MIME compliant mail reader
>>> implementation to automatically retrieve the ASCII version of the
>>> Internet-Draft.
>> <Mail Attachment>
>>> _______________________________________________
>>> sip-clf mailing list
>>> sip-clf@ietf.org
>>> https://www.ietf.org/mailman/listinfo/sip-clf
>>
>
- [sip-clf] I-D Action:draft-ietf-sipclf-problem-st… Internet-Drafts
- [sip-clf] WGLC:draft-ietf-sipclf-problem-statemen… Peter Musgrave
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Peter Musgrave
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Elwell, John
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Peter Musgrave
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Peter Musgrave
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Gonzalo Salgueiro
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Vijay K. Gurbani
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Peter Musgrave