IETF Logo Mail Archive

Re: [Sip] Re: SIP WGLC Draft draft-ietf-sip-acr-code-02.txt

Jonathan Rosenberg <jdrosen@cisco.com> Wed, 04 October 2006 03:10 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GUx9m-0001H2-K3; Tue, 03 Oct 2006 23:10:50 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GUx9k-0001GH-JU for sip@ietf.org; Tue, 03 Oct 2006 23:10:48 -0400
Received: from sj-iport-6.cisco.com ([171.71.176.117]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GUx9i-0004nt-48 for sip@ietf.org; Tue, 03 Oct 2006 23:10:48 -0400
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-6.cisco.com with ESMTP; 03 Oct 2006 20:10:45 -0700
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-2.cisco.com (8.12.11.20060308/8.12.11) with ESMTP id k943AjXc009308 for <sip@ietf.org>; Tue, 3 Oct 2006 20:10:45 -0700
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id k943Ajql001762 for <sip@ietf.org>; Tue, 3 Oct 2006 20:10:45 -0700 (PDT)
Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 3 Oct 2006 20:10:45 -0700
Received: from [10.32.241.149] ([10.32.241.149]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 3 Oct 2006 20:10:45 -0700
Message-ID: <45232634.5030109@cisco.com>
Date: Tue, 03 Oct 2006 23:10:44 -0400
From: Jonathan Rosenberg <jdrosen@cisco.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Paul Kyzivat <pkyzivat@cisco.com>
Subject: Re: [Sip] Re: SIP WGLC Draft draft-ietf-sip-acr-code-02.txt
References: <85108216918A984C8C60172D7C84770A56F689@S4DE8PSAAGO.mitte.t-com.de> <45099F5D.8000904@softarmor.com> <4509C6E8.6080503@ntt-at.com> <450A2D66.2020209@cisco.com> <450AA88B.8010403@cisco.com> <450B16AB.5050409@cisco.com>
In-Reply-To: <450B16AB.5050409@cisco.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 04 Oct 2006 03:10:45.0221 (UTC) FILETIME=[AECE6150:01C6E762]
DKIM-Signature: a=rsa-sha1; q=dns; l=3877; t=1159931445; x=1160795445; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jdrosen@cisco.com; z=From:Jonathan=20Rosenberg=20<jdrosen@cisco.com> |Subject:Re=3A=20[Sip]=20Re=3A=20SIP=20WGLC=20=20Draft=20draft-ietf-sip-acr-code- 02.txt; X=v=3Dcisco.com=3B=20h=3Dv2T5uTw5MXQnSSg9Oj4nkUwODy0=3D; b=2JZravCJH+rIotByO9YBO8h0ipJjoNuZOzjhWmTobng9GhBsLlU+AUNrbQAvJY55kF2sKpAO bZyX6l8nGVbAaf397oSA9tkcEgK+16aolS8K/0RGSIb4XypPcPaozhqt;
Authentication-Results: sj-dkim-2.cisco.com; header.From=jdrosen@cisco.com; dkim=pass ( sig from cisco.com verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f66b12316365a3fe519e75911daf28a8
Cc: SIP IETF <sip@ietf.org>
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Errors-To: sip-bounces@ietf.org

Thanks for the comments. Replies inline.

Paul Kyzivat wrote:

> Here are some comments based on a fresh read of this draft.
> 
>     Paul
> 
> * Intro, second paragraph - typo:
> 
> s/to explicitly to indicate/to explicitly indicate/

fixed.

> 
> * Section 3:
> 
>    "A server acting on behalf of the called party, such as the UAS or a
>    proxy in their domain, MAY generate a 433 ..."
> 
> Is there any reason this is restricted to servers acting on behalf of 
> the called party? While that is where is is likely to be most useful, I 
> can see no reason to prevent a server acting for the calling party, or 
> for an intermediary, from using this.

I suppose a proxy in the originating domain could have a policy which 
prohibits its users from making anonymous calls, in which case 433 is 
appropriate. I've reworded to:

<t> A server (generally acting on behalf of the called party, though
this need not be the case) MAY generate a 433 (Anonymity Disallowed)
response when it receives an anonymous request, and the server
refuses to fulfill the request because the requestor is anonymous. A
request is considered anonymous when the identity of the originator of
the request has been explicitly withheld by the originator. This occurs
in any one of the following cases: </t>


> 
> Regarding the controversy over what values of the privacy header might 
> justify this response: Why don't we just say that any value in the 
> Privacy header other than "none" or "critical" *may* be considered 
> grounds for returning this response?

I've just removed the bit about session and header. Its clear that user 
and id do imply anonymity so let us state what we do know.

> 
>   "It is important to note that lack of a P-Asserted-Identity header
>    field, in and of itself, is not an indication of anonymity.  Even
>    though a Privacy header field value of 'id' will cause the removal of
>    the P-Asserted-Identity header field, there is no way to
>    differentiate this case from one in which P-Asserted-Identity was not
>    supported by the originating domain.  As a consequence, a request
>    without a P-Asserted-Identity is considered anonymous only when there
>    is some other indication of this, such as a From header field with a
>    display name of 'Anonymous'."
> 
> I'm not clear whether this is intended to have normative strength or 
> not. I think not. 

I think so; we're making statements (at SHOULD strength, I think) about 
what constitutes 'anonymous'. So, I added a statement up front that says 
a request SHOULD be anonymous when explicitly indicated as such, and 
that includes the cases listed. Then, in the text you cite above, I said 
that lack of p-asserted-id by itself SHOULD NOT be considered anonymous.


If so, it would be better to make that explicit by
> making it a note or something. I think there is good logic here, but it 
> may not suit everyone's policy. And I can see no reason to require this 
> policy. If someone has the misfortune to be calling on a path that can't 
> deliver the identity then they will not be able to successfully complete 
> the call even if they are not overtly blocking their identity. But that 
> is life - it is what the callee desires.

We write SHOULD for these reasons; you can override with good raeson but 
based on our expertise this is the right thing to do. I think its clear 
that as currently specified, lack of P-aseerted-id alone is NOT an 
anonymous request.

-Jonathan R.

-- 
Jonathan D. Rosenberg, Ph.D.                   600 Lanidex Plaza
Cisco Fellow                                   Parsippany, NJ 07054-2711
Cisco Systems
jdrosen@cisco.com                              FAX:   (973) 952-5050
http://www.jdrosen.net                         PHONE: (973) 952-5000
http://www.cisco.com

_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip

v2.23.0 | Report a Bug | By Email