RE: [Sip] Privacy statements and History (draft-ietf-sip-history- info-04.txt)
"Mary Barnes" <mary.barnes@nortelnetworks.com> Mon, 08 November 2004 21:27 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA03520 for <sip-web-archive@ietf.org>; Mon, 8 Nov 2004 16:27:08 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CRH3E-0006EN-VN for sip-web-archive@ietf.org; Mon, 08 Nov 2004 16:27:49 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CRGng-0000yH-Ns; Mon, 08 Nov 2004 16:11:44 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CRGZm-0001r4-Jl for sip@megatron.ietf.org; Mon, 08 Nov 2004 15:57:23 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA00985 for <sip@ietf.org>; Mon, 8 Nov 2004 15:57:20 -0500 (EST)
Received: from zcars04f.nortelnetworks.com ([47.129.242.57]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CRGaO-0005Ot-4z for sip@ietf.org; Mon, 08 Nov 2004 15:58:00 -0500
Received: from zrtpd0j7.us.nortel.com (zrtpd0j7.us.nortel.com [47.140.203.25]) by zcars04f.nortelnetworks.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id iA8Kuht02939; Mon, 8 Nov 2004 15:56:43 -0500 (EST)
Received: by zrtpd0j7.us.nortel.com with Internet Mail Service (5.5.2653.19) id <WP4QMBM8>; Mon, 8 Nov 2004 15:56:43 -0500
Message-ID: <E3F9D87C63E2774390FE67C924EC99BB022C44CB@zrc2hxm1.corp.nortel.com>
From: Mary Barnes <mary.barnes@nortelnetworks.com>
To: Mary Barnes <mary.barnes@nortelnetworks.com>, 'GARCIN Sebastien RD-CORE-ISS' <sebastien.garcin@francetelecom.com>, "'sip@ietf.org'" <sip@ietf.org>
Subject: RE: [Sip] Privacy statements and History (draft-ietf-sip-history- info-04.txt)
Date: Mon, 08 Nov 2004 15:56:32 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
X-Spam-Score: 0.9 (/)
X-Scan-Signature: 55503977758b6a5197d8a2b5141eae86
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0354939101=="
Sender: sip-bounces@ietf.org
Errors-To: sip-bounces@ietf.org
X-Spam-Score: 0.9 (/)
X-Scan-Signature: 4cbeb0f20efb229aa93fae1468d20275
My initial response is awaiting approval by moderator due to the size, so I've snipped and am resending. Mary -----Original Message----- From: Barnes, Mary [NGC:B601:EXCH] Sent: Monday, November 08, 2004 1:43 PM To: 'GARCIN Sebastien RD-CORE-ISS'; sip@ietf.org Subject: RE: [Sip] Privacy statements and History (draft-ietf-sip-history-info-04.txt) Sébastien, Thanks for reviewing the draft; my response to your comments is embedded below [MB]. Mary -----Original Message----- From: GARCIN Sebastien RD-CORE-ISS [mailto:sebastien.garcin@francetelecom.com] Sent: Monday, November 08, 2004 10:11 AM To: Barnes, Mary [NGC:B601:EXCH]; sip@ietf.org Subject: [Sip] Privacy statements and History (draft-ietf-sip-history-info-04.txt) Hi mary, all When reading draft-ietf-sip-history-info-04.txt, I have trouble in understanding some of the statements which relate to the forwarding rules for history-entries subject to privacy. It is an important requirement that History-entrie(s) with a Privacy=history, session, or header are indeed forwarded to entities which belong to the same trust domain. The removal of specific history-entries should only occur if the peer does not belong to the trust domain. In the current text (section 4.3.3.1.1) : If a request is being forwarded to a Request URI associated with a domain for which the proxy is not responsible and there is a Privacy header in the request with a priv-value of "session", "header" or "history", the proxy MUST remove any hi-entry(s) prior to forwarding. The current wording is misleading since it gives the impression (maybe intentionnal) that it is not possible to forward history-entries with Privacy statements to domains under the responsability of e.g. another operator belonging to the same trust domain. [MB]: Current wording is consistent with terminology in RFC 3261 in terms of describing who is able to change the Request URI in a specific request (based on section 16.5): " A proxy MUST NOT add additional targets to the target set if the Request-URI of the original request does not indicate a resource this proxy is responsible for. A proxy can only change the Request-URI of a request during forwarding if it is responsible for that URI. " Since History-Info (and associated privacy) are only added to the request, when an entity that is allowed to change the Request-URI retargets the request, it seemed sensible to use consistent wording to explain that. [/MB] The concept of "trust domain" should be used when discussing the forwarding rules pertaining to information subject to privacy. Furthermore, the requirement for forwarding history-entries to trusted entities should be stated more clearly in the draft. [MB]: The whole concept of what defines privacy in terms of the proxy's use of the privacy header is outside the scope of History-Info functionality and really a matter of local policy. I think the functionality that you want is a matter of local implementation and policy in terms of operators establishing this "trust domain" model to which you refer. History-Info defines the mechanism to ensure the privacy of the requests, but it doesn't explicitly define how the proxy knows whether it is responsible for that resource. I don't think this is a matter of standardization. I thought the use of the term "domain" rather than "resouce" would be helpful, but perhaps changing it to the more general "resource" would resolve this concern and/or a statement clarifying what I've just described should be added in the draft. [/MB] Thank you for clarifying this point. Best regards, sébastien ------Remainder of non-related part of this thread has been deleted by Mary------------------
_______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors@cs.columbia.edu for questions on current sip Use sipping@ietf.org for new developments on the application of sip
- RE: [Sip] Privacy statements and History (draft-i… Mary Barnes
- RE: [Sip] Privacy statements and History (draft-i… Mary Barnes
- RE: [Sip] Privacy statements and History (draft-i… Mary Barnes
- RE: [Sip] Privacy statements and History (draft-i… Mary Barnes