Re: R: R: [Sip] a question about IETF draft location conveyance 09
Dean Willis <dean.willis@softarmor.com> Wed, 28 November 2007 05:57 UTC
Return-path: <sip-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IxFvR-00082S-7w; Wed, 28 Nov 2007 00:57:33 -0500
Received: from sip by megatron.ietf.org with local (Exim 4.43) id 1IxFvP-0007zI-Mh for sip-confirm+ok@megatron.ietf.org; Wed, 28 Nov 2007 00:57:31 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IxFvP-0007z6-Bm for sip@ietf.org; Wed, 28 Nov 2007 00:57:31 -0500
Received: from nylon.softarmor.com ([66.135.38.164]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IxFvO-0000TQ-RO for sip@ietf.org; Wed, 28 Nov 2007 00:57:31 -0500
Received: from [206.176.144.210] (206-176-144-210.waymark.net [206.176.144.210]) (authenticated bits=0) by nylon.softarmor.com (8.13.8/8.13.8/Debian-3) with ESMTP id lAS5v8fJ032602 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 27 Nov 2007 23:57:10 -0600
Message-ID: <474D032F.7000902@softarmor.com>
Date: Tue, 27 Nov 2007 23:57:03 -0600
From: Dean Willis <dean.willis@softarmor.com>
User-Agent: Icedove 1.5.0.14pre (X11/20071018)
MIME-Version: 1.0
To: Matt Lepinski <mlepinski@bbn.com>
Subject: Re: R: R: [Sip] a question about IETF draft location conveyance 09
References: <4742BDF5.9040302@unibo.it> <XFE-SJC-212qXLFfJNw000012bf@xfe-sjc-212.amer.cisco.com> <p06240607c36a38613297@[67.169.50.136]> <XFE-SJC-211EAOeIiGX000013f8@xfe-sjc-211.amer.cisco.com> <p06240608c36a4849ecf3@[67.169.50.136]> <XFE-SJC-212AOmAfjuU000013bb@xfe-sjc-212.amer.cisco.com> <p0624060ac36a6ec4f1c2@[67.169.50.136]> <A30B7FF9263D5340AD5DECB88A243C42015FEE65@EXBK03.personale.dir.unibo.it> <4745BDC7.30003@gmx.net> <A30B7FF9263D5340AD5DECB88A243C42015FEE67@EXBK03.personale.dir.unibo.it> <A3636D5F-1B88-4C38-8091-F083AD517D47@softarmor.com> <A30B7FF9263D5340AD5DECB88A243C42015FEE69@EXBK03.personale.dir.unibo.it> <5D1A7985295922448D5550C94DE2918001974BEC@DEEXC1U01.de.lucent.com> <XFE-SJC-212Ozyfyz5b00001699@xfe-sjc-212.amer.cisco.com> <474B4364.60609@bbn.com>
In-Reply-To: <474B4364.60609@bbn.com>
X-Enigmail-Version: 0.94.2.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e8a67952aa972b528dd04570d58ad8fe
Cc: IETF SIP List <sip@ietf.org>, "James M. Polk" <jmpolk@cisco.com>, "DRAGE, Keith (Keith)" <drage@alcatel-lucent.com>
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Errors-To: sip-bounces@ietf.org
Matt Lepinski wrote: > James, > > I do believe that the intent of Ted (as well as others in the GEOPRIV > working group, including myself) is that if a UAC specifies > "recipient=endpoint" then a compliant proxy will not 'read' the location > body. In particular, "recipient=endpoint" indicates that a SIP proxy in > the signaling path does not have permission to store the location (or > any derived information) for longer than is necessary to forward the SIP > message and does not have permission to send the location to any third > party (for any reason including location-based routing) other than the > next-hop SIP proxy. That is, the intent of "recipient=endpoint" that if > a call requires location-based routing in order to succeed, then the > call should fail. RFC 2119 defines MUST NOT. It says: 6. Guidance in the use of these Imperatives Imperatives of the type defined in this memo must be used with care and sparingly. In particular, they MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmisssions) For example, they must not be used to try to impose a particular method on implementors where the method is not required for interoperability. 7. Security Considerations These terms are frequently used to specify behavior with security implications. The effects on security of not implementing a MUST or SHOULD, or doing something the specification says MUST NOT or SHOULD NOT be done may be very subtle. Document authors should take the time to elaborate the security implications of not following recommendations or requirements as most implementors will not have had the benefit of the experience and discussion that produced the specification I can't see any failure of interoperability that results if a proxy "reads" the location body in violation of the user's preference described by "recipient=endpoint". I can also see application scenarios (ex: emergency) where applications can be assured of not operating unless the proxy violates this prohibition. So we've missed the #6 guidance on "MUST NOT". Can we justify a "MUST NOT" based on security considerations? Given (as in emergency) that there are applications in which the application MUST read the location, I don't think so. What we really have is guidance that says, in normal operation, proxies don't include the location in application logic when recipient=endpoint is specified by the user, because in general this indicator means that the user is asking the proy to NOT include the location in application logic by attaching this modifier. So we're at the level of a "SHOULD NOT", not a "MUST NOT" as described by RFC 2119. And even then I suspect the discussion of this requirement needs careful elucidation as to the problems resulting (or likely to result) if a proxy violates this requirement. -- Dean _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors@cs.columbia.edu for questions on current sip Use sipping@ietf.org for new developments on the application of sip
- [Sip] a question about IETF draft location convey… Daniel Grotti
- Re: [Sip] a question about IETF draft location co… James M. Polk
- Re: [Sip] a question about IETF draft location co… Ted Hardie
- Re: [Sip] a question about IETF draft location co… James M. Polk
- Re: [Sip] a question about IETF draft location co… Ted Hardie
- Re: [Sip] a question about IETF draft location co… James M. Polk
- Re: [Sip] a question about IETF draft location co… Ted Hardie
- Re: [Sip] a question about IETF draft location co… Dean Willis
- R: [Sip] a question about IETF draft location con… daniel grotti
- Re: R: [Sip] a question about IETF draft location… Hannes Tschofenig
- R: R: [Sip] a question about IETF draft location … daniel grotti
- Re: R: R: [Sip] a question about IETF draft locat… Hannes Tschofenig
- R: R: R: [Sip] a question about IETF draft locati… daniel grotti
- Re: R: R: [Sip] a question about IETF draft locat… Dean Willis
- R: R: R: [Sip] a question about IETF draft locati… daniel grotti
- RE: R: R: [Sip] a question about IETF draft locat… DRAGE, Keith (Keith)
- RE: R: R: [Sip] a question about IETF draft locat… James M. Polk
- Re: R: R: [Sip] a question about IETF draft locat… Matt Lepinski
- Re: R: R: [Sip] a question about IETF draft locat… James M. Polk
- RE: R: R: [Sip] a question about IETF draft locat… Ted Hardie
- Re: R: R: [Sip] a question about IETF draft locat… Ted Hardie
- Re: R: R: [Sip] a question about IETF draft locat… Dean Willis
- Re: R: R: [Sip] a question about IETF draft locat… James M. Polk
- Re: R: [Sip] a question about IETF draft location… James M. Polk
- Re: [Sip] a question about IETF draft location co… James M. Polk
- Re: R: [Sip] a question about IETF draft location… Paul Kyzivat