[Sip] Comments on sip-identity-03
Aki Niemi <aki.niemi@nokia.com> Mon, 08 November 2004 19:10 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA15435 for <sip-web-archive@ietf.org>; Mon, 8 Nov 2004 14:10:13 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CREuh-00029A-9p for sip-web-archive@ietf.org; Mon, 08 Nov 2004 14:10:52 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CREbX-0007b8-Id; Mon, 08 Nov 2004 13:51:03 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CREOZ-0004h0-L3 for sip@megatron.ietf.org; Mon, 08 Nov 2004 13:37:39 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA10799 for <sip@ietf.org>; Mon, 8 Nov 2004 13:37:36 -0500 (EST)
Received: from mgw-x2.nokia.com ([131.228.20.22]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CREP7-000198-1J for sip@ietf.org; Mon, 08 Nov 2004 13:38:16 -0500
Received: from esdks003.ntc.nokia.com (esdks003.ntc.nokia.com [172.21.138.158]) by mgw-x2.nokia.com (Switch-2.2.8/Switch-2.2.8) with ESMTP id iA8IbTF23108; Mon, 8 Nov 2004 20:37:29 +0200 (EET)
X-Scanned: Mon, 8 Nov 2004 20:37:13 +0200 Nokia Message Protector V1.3.31 2004060815 - RELEASE
Received: (from root@localhost) by esdks003.ntc.nokia.com (8.12.9/8.12.9) id iA8IbDAD031455; Mon, 8 Nov 2004 20:37:13 +0200
Received: from mgw-int2.ntc.nokia.com (172.21.143.97) by esdks003.ntc.nokia.com 000U0VfH; Mon, 08 Nov 2004 20:32:23 EET
Received: from esebh002.NOE.Nokia.com (esebh002.ntc.nokia.com [172.21.138.77]) by mgw-int2.ntc.nokia.com (Switch-2.2.8/Switch-2.2.8) with ESMTP id iA8IWNS12743; Mon, 8 Nov 2004 20:32:23 +0200 (EET)
Received: from [130.129.134.192] ([10.241.59.18]) by esebh002.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.6881); Mon, 8 Nov 2004 20:32:23 +0200
Message-ID: <418FBBB5.2090202@nokia.com>
Date: Mon, 08 Nov 2004 13:32:21 -0500
From: Aki Niemi <aki.niemi@nokia.com>
User-Agent: Mozilla Thunderbird 0.8 (X11/20040913)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: SIP WG <sip@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 08 Nov 2004 18:32:23.0255 (UTC) FILETIME=[49E87E70:01C4C5C1]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 93238566e09e6e262849b4f805833007
Content-Transfer-Encoding: 7bit
Cc: jon.peterson@neustar.biz
Subject: [Sip] Comments on sip-identity-03
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Sender: sip-bounces@ietf.org
Errors-To: sip-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a
Content-Transfer-Encoding: 7bit
Hi,
I read the draft and it looks reasonable. One comment though: in section
6 there is a recommended policy which instructs matching the username
asserted in the Digest authentication to the From header field.
I think this needs clarification. Someone might read it to mean the
contents of the username param is being matched, which I'm assuming is
not the intention. Rather, it should say that the account's URI for
which the username/passwd is for is matched against the URI in the From.
In addition, the section contains text about aliases and matching those
usernames, where this passage was quite hard to parse:
Accordingly, provided
the authentication service is aware of the relationships between
these accounts, it might allow a user providing credentials for one
account to assert a username associated with another account
controlled by the user name.
I think I got the idea, but rephrasing it would be in order.
Cheers,
Aki
_______________________________________________
Sip mailing list https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip
- [Sip] Comments on sip-identity-03 Aki Niemi
- [Sip] RE: Comments on sip-identity-03 Peterson, Jon