RE: [Sip] Reviewers for the sec-agree draft
"Sanjoy Sen"<sanjoy@nortelnetworks.com> Tue, 21 May 2002 14:44 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA12584 for <sip-archive@odin.ietf.org>; Tue, 21 May 2002 10:44:17 -0400 (EDT)
Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id KAA22249 for sip-archive@odin.ietf.org; Tue, 21 May 2002 10:44:36 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id KAA20549; Tue, 21 May 2002 10:22:06 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id KAA20521 for <sip@optimus.ietf.org>; Tue, 21 May 2002 10:22:03 -0400 (EDT)
Received: from zrc2s0jx.us.nortel.com (zrc2s0jx.nortelnetworks.com [47.103.122.112]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA11543 for <sip@ietf.org>; Tue, 21 May 2002 10:21:44 -0400 (EDT)
Received: from zrc2c011.us.nortel.com (zrc2c011.us.nortel.com [47.103.120.51]) by zrc2s0jx.us.nortel.com (Switch-2.2.0/Switch-2.2.0) with ESMTP id g4LELWa16441; Tue, 21 May 2002 09:21:33 -0500 (CDT)
Received: by zrc2c011.us.nortel.com with Internet Mail Service (5.5.2653.19) id <KKXXTNJ6>; Tue, 21 May 2002 09:21:35 -0500
Message-ID: <933FADF5E673D411B8A30002A5608A0E03A632A1@zrc2c012.us.nortel.com>
From: Sanjoy Sen <sanjoy@nortelnetworks.com>
To: 'James Undery' <jundery@ubiquity.net>, 'Gonzalo Camarillo' <Gonzalo.Camarillo@lmf.ericsson.se>, 'sip' <sip@ietf.org>
Cc: "'Jari Arkko (LMF)'" <Jari.Arkko@lmf.ericsson.se>, "'Vesa Torvinen (LMF)'" <Vesa.Torvinen@lmf.ericsson.se>
Subject: RE: [Sip] Reviewers for the sec-agree draft
Date: Tue, 21 May 2002 09:21:26 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C200D2.CAA6DAE0"
Sender: sip-admin@ietf.org
Errors-To: sip-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Session Initiation Protocol <sip.ietf.org>
X-BeenThere: sip@ietf.org
James, The use of 'sipfrag' (draft-sparks-sip-mimetypes-03 or whatever is the latest version) is assumed. But, I agree that it should be explicitly stated for clarity. Sanjoy > -----Original Message----- > From: James Undery [mailto:jundery@ubiquity.net] > Sent: Tuesday, May 21, 2002 9:01 AM > To: Gonzalo Camarillo; sip > Cc: Jari Arkko (LMF); Vesa Torvinen (LMF) > Subject: RE: [Sip] Reviewers for the sec-agree draft > > > Hi, > > I'll have to admit myself of being guilty of not reading drafts > recently. But I'd note digest-integrity needs to be dropped as it > protects the body of messages only. If it can't be dropped a > lpidf like > extension would be required > (http://www.jdrosen.net/papers/draft-rosenberg-impp-lpidf-00.txt) to > place your headers in the body. > > James > > > -----Original Message----- > > From: Gonzalo Camarillo [mailto:Gonzalo.Camarillo@lmf.ericsson.se] > > Sent: 21 May 2002 11:02 > > To: sip > > Cc: Allison Mankin; Jari Arkko (LMF); Vesa Torvinen (LMF) > > Subject: [Sip] Reviewers for the sec-agree draft > > > > > > Hello folks, > > > > we need SIP people willing to have a look at the new version > > (01) of the > > sec-agree draft (released one week and a half ago). > > > > http://standards.ericsson.net/gonzalo/papers/draft-ietf-sip-se > > c-agree-01.txt > > > > As you proabbly know, the previous version (00) had some > problems that > > were discovered during the iterim meeting in Vegas. The discovery of > > problems (such as a broken SIP syntax) at that point of time > > (after the > > WGLC had finished) indicates that nobody in the SIP WG > > bothered to read > > the document. > > > > I am not saying that this draft is so interesting that everyone will > > enjoy reading it, but we would need at least a couple of > > reviewers that > > are familiar with SIP and have the energy to review the document. We > > cannot let the SIP WG send documents to the IESG that have > > major flaws! > > > > > > Here you have a brief summary of the changes we introduced > to the new > > version of the draft (01): > > > > The syntax has been fixed. Now it is allowed to have > > different security > > mechanisms listed (separated by commas or in different lines). The > > previous draft used commas to separate security mechanism > tokens. That > > made the header field non-SIP compliant. > > > > The scope has been narrowed down. Before, the draft tried to > > solve every > > security negotiation problem that could be found in a SIP > network. Now > > the draft only tries to resolve the security negotiation > > between a host > > and its next SIP hop (e.g., UA and the outbound proxy). > > > > > > The negotiation works as follows. The UA sends a SIP message > > (typically > > OPTIONS) to its outbound proxy listing its security > > capabilities (e.g., > > TLS and IPSec). The outbound proxy sends a response with its own > > capabilities (it is important that the list in the server > is static). > > With this information, client and server initiate the > > security mechanims > > (e.g., initiate a TLS conection). > > > > When the client sends another SIP message to the outbound > proxy, this > > time using the TLS connection, it includes a header field > > that contains > > the list obtained previously from the server. This way, the > server can > > check whether a MitM changes the list in order to perform a bid-down > > attack. > > > > Of course, this security negotiation mechanism requires that all the > > security mechanisms advertised provide integrity > protection, at least. > > > > Thank you, > > > > Gonzalo > > -- > > Gonzalo Camarillo Phone : +358 9 299 33 71 > > Oy L M Ericsson Ab Mobile: +358 40 702 35 35 > > Telecom R&D Fax : +358 9 299 30 52 > > FIN-02420 Jorvas Email : Gonzalo.Camarillo@ericsson.com > > Finland http://www.hut.fi/~gonzalo > > > > _______________________________________________ > > Sip mailing list https://www1.ietf.org/mailman/listinfo/sip > > This list is for NEW development of the core SIP Protocol > > Use sip-implementors@cs.columbia.edu for questions on current sip > > Use sipping@ietf.org for new developments on the application of sip > > > > _______________________________________________ > Sip mailing list https://www1.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use sip-implementors@cs.columbia.edu for questions on current sip > Use sipping@ietf.org for new developments on the application of sip >
- [Sip] Reviewers for the sec-agree draft Gonzalo Camarillo
- RE: [Sip] Reviewers for the sec-agree draft James Undery
- RE: [Sip] Reviewers for the sec-agree draft Sanjoy Sen
- RE: [Sip] Reviewers for the sec-agree draft Vesa Torvinen (LMF)
- RE: [Sip] Reviewers for the sec-agree draft James Undery