Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-statement-06.txt
Peter Musgrave <peter.musgrave@magorcorp.com> Wed, 04 May 2011 13:39 UTC
Return-Path: <peter.musgrave@magorcorp.com>
X-Original-To: sip-clf@ietfa.amsl.com
Delivered-To: sip-clf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EBE3E0762 for <sip-clf@ietfa.amsl.com>; Wed, 4 May 2011 06:39:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.066
X-Spam-Level:
X-Spam-Status: No, score=-103.066 tagged_above=-999 required=5 tests=[AWL=0.532, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tTOq8+nfUZWH for <sip-clf@ietfa.amsl.com>; Wed, 4 May 2011 06:39:47 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 0F8DAE0682 for <sip-clf@ietf.org>; Wed, 4 May 2011 06:39:46 -0700 (PDT)
Received: by ywi6 with SMTP id 6so469366ywi.31 for <sip-clf@ietf.org>; Wed, 04 May 2011 06:39:46 -0700 (PDT)
Received: by 10.151.69.24 with SMTP id w24mr1067555ybk.263.1304516385897; Wed, 04 May 2011 06:39:45 -0700 (PDT)
Received: from petermac.magor.local ([72.1.217.106]) by mx.google.com with ESMTPS id u20sm507765yba.0.2011.05.04.06.39.44 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 04 May 2011 06:39:44 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: multipart/alternative; boundary="Apple-Mail-52--208331340"
From: Peter Musgrave <peter.musgrave@magorcorp.com>
In-Reply-To: <8CB1F01A-91E7-4A02-A984-718AEC84EE0B@magorcorp.com>
Date: Wed, 04 May 2011 09:39:43 -0400
Message-Id: <96B28772-470F-4010-A372-7432A43CBB0F@magorcorp.com>
References: <20110418143004.807.72505.idtracker@ietfc.amsl.com> <A4BBEEE4-4420-4A3A-BD0D-EE72430A6A64@magorcorp.com> <8CB1F01A-91E7-4A02-A984-718AEC84EE0B@magorcorp.com>
To: Peter Musgrave <peter.musgrave@magorcorp.com>
X-Mailer: Apple Mail (2.1084)
Cc: "sip-clf@ietf.org Mailing" <sip-clf@ietf.org>
Subject: Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-statement-06.txt
X-BeenThere: sip-clf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP Common Log File format discussion list <sip-clf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-clf>
List-Post: <mailto:sip-clf@ietf.org>
List-Help: <mailto:sip-clf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 May 2011 13:39:48 -0000
As promised here my "as individual" review of the examples: In section 9.2: To: sip:bob@example.net R-URI: sip:bob@bob1.example.net I am trying to reconcile these. It is not stated in the start that bob is registered to p2. I am assuming that p2 is authoritative for bob (Hence the value in the To: header) ? Should the intro state that Bob is registered to p2? Went through the rest fairly carefully. All looks good. Cheers, Peter Musgrave On 2011-04-27, at 2:42 PM, Peter Musgrave wrote: > (as individual) > > Overall, I think this is in excellent shape. I have a few specific observations/questions: > > Last sentence of abstract could be simplified just to SIP devices? (In section 4 UA is explicitly mentioned - and it's not in the abstract which has a list of SIP server type devices). > > 8.1 From/To Header > Both contain the statement "it is not necessary to log any URI parameters". > Perhaps this should be in normative language? URI parameters MUST NOT be logged (they can be logged separately using an option field) > > R-URI: URI parameters MUST be logged? > > 8.2 Is it necessary to indicate what a UAS-half and UAC-half are? I can see that for a proxy a request is both received and forwarded (although I am not sure I would use the term UAC-half for the sent side of a message.) As for a B2BUA I tend to think of the two sides as a UAC and a UAS (and not a "half") > > [I have set aside the examples for now - I will finish reviewing that before the WGLC ends]. > > Cheers, > > Peter > > > > > > On 2011-04-18, at 3:11 PM, Peter Musgrave wrote: > >> Greetings CLF-ers, >> >> I would like to start a two week WGLC on the problem statement doc (in accordance with our discussion in Prague). >> >> Please make you comments on the list by Wed. May 4th (I have added a few days to account for the Easter break). >> >> We need reviewers and fresh eyes - so if you can make time to read this it is much appreciated! >> >> Thanks, >> >> Peter Musgrave >> Chair, sip-clf >> >> Begin forwarded message: >> >>> From: Internet-Drafts@ietf.org >>> Date: April 18, 2011 10:30:04 AM EDT >>> To: i-d-announce@ietf.org >>> Cc: sip-clf@ietf.org >>> Subject: [sip-clf] I-D Action:draft-ietf-sipclf-problem-statement-06.txt >>> >>> A New Internet-Draft is available from the on-line Internet-Drafts directories. >>> This draft is a work item of the SIP Common Log Format Working Group of the IETF. >>> >>> >>> Title : The Common Log Format (CLF) for the Session Initiation Protocol (SIP) >>> Author(s) : V. Gurbani, et al. >>> Filename : draft-ietf-sipclf-problem-statement-06.txt >>> Pages : 34 >>> Date : 2011-04-18 >>> >>> Well-known web servers such as Apache and web proxies like Squid >>> support event logging using a common log format. The logs produced >>> using these de-facto standard formats are invaluable to system >>> administrators for trouble-shooting a server and tool writers to >>> craft tools that mine the log files and produce reports and trends. >>> Furthermore, these log files can also be used to train anomaly >>> detection systems and feed events into a security event management >>> system. The Session Initiation Protocol does not have a common log >>> format, and as a result, each server supports a distinct log format >>> that makes it unnecessarily complex to produce tools to do trend >>> analysis and security detection. We propose a common log file format >>> for SIP servers that can be used uniformly by proxies, registrars, >>> redirect servers as well as back-to-back user agents. >>> >>> A URL for this Internet-Draft is: >>> http://www.ietf.org/internet-drafts/draft-ietf-sipclf-problem-statement-06.txt >>> >>> Internet-Drafts are also available by anonymous FTP at: >>> ftp://ftp.ietf.org/internet-drafts/ >>> >>> Below is the data which will enable a MIME compliant mail reader >>> implementation to automatically retrieve the ASCII version of the >>> Internet-Draft. >> <Mail Attachment> >>> _______________________________________________ >>> sip-clf mailing list >>> sip-clf@ietf.org >>> https://www.ietf.org/mailman/listinfo/sip-clf >> >
- [sip-clf] I-D Action:draft-ietf-sipclf-problem-st… Internet-Drafts
- [sip-clf] WGLC:draft-ietf-sipclf-problem-statemen… Peter Musgrave
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Peter Musgrave
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Elwell, John
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Peter Musgrave
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Peter Musgrave
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Gonzalo Salgueiro
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Vijay K. Gurbani
- Re: [sip-clf] WGLC:draft-ietf-sipclf-problem-stat… Peter Musgrave