Re: [sipcore] AD Evaluation of draft-holmberg-dispatch-rfc7315-updates-06
Christer Holmberg <christer.holmberg@ericsson.com> Wed, 22 June 2016 16:58 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E081812D918; Wed, 22 Jun 2016 09:58:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id inI794_h3Omz; Wed, 22 Jun 2016 09:58:26 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E1C412D95B; Wed, 22 Jun 2016 09:58:19 -0700 (PDT)
X-AuditID: c1b4fb3a-f79386d00000467b-dd-576ac3aad237
Received: from ESESSHC005.ericsson.se (Unknown_Domain [153.88.183.33]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id 36.1B.18043.AA3CA675; Wed, 22 Jun 2016 18:58:18 +0200 (CEST)
Received: from ESESSMB209.ericsson.se ([169.254.9.241]) by ESESSHC005.ericsson.se ([153.88.183.33]) with mapi id 14.03.0294.000; Wed, 22 Jun 2016 18:58:17 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Ben Campbell <ben@nostrum.com>
Thread-Topic: AD Evaluation of draft-holmberg-dispatch-rfc7315-updates-06
Thread-Index: AQHRyynLvjd673syp0uC1ZoRFIN0E5/zqNkAgABAuACAABb4AIAAxKC3gABjCACAAEnXgIAAJODG///f1QCAAEFt4A==
Date: Wed, 22 Jun 2016 16:58:17 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B38100825@ESESSMB209.ericsson.se>
References: <87A3DCDE-B8BC-4ADE-8129-70A4C0E92C3D@nostrum.com> <D38ED131.B2A5%christer.holmberg@ericsson.com> <54648860-7461-4A4E-948A-A1C9FAAC7FFC@nostrum.com> <83801023-F21E-417C-B49C-49820CCE4DF2@cisco.com> <7594FB04B1934943A5C02806D1A2204B380FB854@ESESSMB209.ericsson.se> <D3901671.B451%christer.holmberg@ericsson.com> <8D74E280-1141-469D-9627-23E38A2F9478@nostrum.com> <7594FB04B1934943A5C02806D1A2204B380FFF70@ESESSMB209.ericsson.se> <A42882E8-7185-4646-81B5-756AF5DD19D4@nostrum.com>
In-Reply-To: <A42882E8-7185-4646-81B5-756AF5DD19D4@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.154]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprKIsWRmVeSWpSXmKPExsUyM2K7ou6qw1nhBqf+CFvM7zzNbrH69SxW i7lT/Cy+/tjE5sDiMeX3RlaPJUt+MnnM2vmEJYA5issmJTUnsyy1SN8ugSujZ+krloI5MRUn tmg1ML6J7GLk5JAQMJHo+PaHBcIWk7hwbz1bFyMXh5DAEUaJfe1PoZwljBLNc2exdjFycLAJ WEh0/9MGaRARUJJ43ryVBaSGWWA3o8TV2a+YQRLCAh4Sjw7tY4Qo8pS4+HsjO4SdJXH92RE2 EJtFQFWia8V6MJtXwFfiRtMSqGW/mCVOzb/HBJLgFLCXOLp7Mth5jEDnfT+1BizOLCAucevJ fCaIswUkluw5zwxhi0q8fPyPFcJWklh0+zMTyNHMApoS63fpQ7QqSkzpfsgOsVdQ4uTMJywT GMVmIZk6C6FjFpKOWUg6FjCyrGIULU4tLs5NNzLSSy3KTC4uzs/Ty0st2cQIjKyDW35b7WA8 +NzxEKMAB6MSD++DHZnhQqyJZcWVuYcYJTiYlUR45x7MChfiTUmsrEotyo8vKs1JLT7EKM3B oiTO6/9SMVxIID2xJDU7NbUgtQgmy8TBKdXAKLgg4kPvub5jR3Y/nbrpeqrajLkTHUuP7WVi rlwT9N067OnvMKmNZ7welmTbu64o+WQQ2qHB76p+1Mbuf01bT03pWbb3D7fv3lVuZnFzwRyh dwovlae/8rDdJ+vCKCa53Oec7bfPXzo3V62K0jkzl3m1UeLCx9s1TI8elgjYebCtI2/XZuUK XyWW4oxEQy3mouJEACAvLASoAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/4C6leQAw1YVRCRN26rgwdWGpEng>
Cc: SIPCORE <sipcore@ietf.org>, Gonzalo Salgueiro <gsalguei@cisco.com>, "draft-holmberg-dispatch-rfc7315-updates.all@ietf.org" <draft-holmberg-dispatch-rfc7315-updates.all@ietf.org>
Subject: Re: [sipcore] AD Evaluation of draft-holmberg-dispatch-rfc7315-updates-06
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jun 2016 16:58:29 -0000
Hi, I've submitted a new version (-07), and I'll reply to the IETF e-mail. Regards, Christer -----Original Message----- From: Ben Campbell [mailto:ben@nostrum.com] Sent: 22 June 2016 18:04 To: Christer Holmberg <christer.holmberg@ericsson.com> Cc: Gonzalo Salgueiro <gsalguei@cisco.com>; draft-holmberg-dispatch-rfc7315-updates.all@ietf.org; SIPCORE <sipcore@ietf.org> Subject: Re: AD Evaluation of draft-holmberg-dispatch-rfc7315-updates-06 Please go ahead. It might be worth replying to the IETF last call announcement with a mention of the update, in case anyone has a review in progress. Thanks! Ben. On 22 Jun 2016, at 9:59, Christer Holmberg wrote: > Good :) > > Is it ok of I submit a new version of the draft? That way the new text > will be available during IETF last call. > > Regards, > > Christer > > Sent from my Windows Phone > ________________________________ > From: Ben Campbell<mailto:ben@nostrum.com> > Sent: 22/06/2016 17:47 > To: Christer Holmberg<mailto:christer.holmberg@ericsson.com> > Cc: Gonzalo Salgueiro<mailto:gsalguei@cisco.com>; > draft-holmberg-dispatch-rfc7315-updates.all@ietf.org<mailto:draft-holm > berg-dispatch-rfc7315-updates.all@ietf.org>; > SIPCORE<mailto:sipcore@ietf.org> > Subject: Re: AD Evaluation of > draft-holmberg-dispatch-rfc7315-updates-06 > > Works for me. > > Thanks! > > Ben. > > On 22 Jun 2016, at 2:18, Christer Holmberg wrote: > >> Hi, >> >> NEW: >> >> ”The security considerations for these P- header fields are >> defined in >> [RFC7315]. This specification allows some header fields to be >> present in messages where they were previously not allowed, and >> the >> security considerations and assumptions (e.g. regarding only >> sending >> Information to trusted entities) also to those messages. In >> addition, >> this specification also disallow some header fields to be present >> in message where they were previously allowed. That does not cause >> any security issues, but implementations need to be aware that >> implementations may not have been updated according to this >> document, >> and take proper actions if a header field occur, or does not >> occur, >> in a message where it should occur (or occurs in a message where >> it >> should not occur). This document adds the ability to include >> P-Access-Network-Info in ACK requests. As documented in [RFC7315], >> P-Access-Network-Info may include privacy sensitive information, >> including >> the user's location. The security and privacy considerations for >> P-Access-Network-Info in ACK requests are similar to those for the >> other >> SIP requests discussed in [RFC7315].” >> >> Regards, >> >> Christer >> >> >> From: Christer Holmberg >> <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com >> >> >> Date: Wednesday 22 June 2016 at 05:28 >> To: "gsalguei@cisco.com<mailto:gsalguei@cisco.com>" >> <gsalguei@cisco.com<mailto:gsalguei@cisco.com>>, Ben Campbell >> <ben@nostrum.com<mailto:ben@nostrum.com>> >> Cc: >> "draft-holmberg-dispatch-rfc7315-updates.all@ietf.org<mailto:draft-holmberg-dispatch-rfc7315-updates.all@ietf.org>" >> <draft-holmberg-dispatch-rfc7315-updates.all@ietf.org<mailto:draft-ho >> lmberg-dispatch-rfc7315-updates.all@ietf.org>>, >> "sipcore@ietf.org<mailto:sipcore@ietf.org>" >> <sipcore@ietf.org<mailto:sipcore@ietf.org>> >> Subject: RE: AD Evaluation of >> draft-holmberg-dispatch-rfc7315-updates-06 >> Resent-From: <alias-bounces@ietf.org<mailto:alias-bounces@ietf.org>> >> Resent-To: Christer Holmberg >> <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com >> >>, >> Nevenka Biondic >> <nevenka.biondic@ericsson.com<mailto:nevenka.biondic@ericsson.com>>, >> "gsalguei@cisco.com<mailto:gsalguei@cisco.com>" >> <gsalguei@cisco.com<mailto:gsalguei@cisco.com>>, Ben Campbell >> <ben@nostrum.com<mailto:ben@nostrum.com>>, "A. Mahoney" >> <mahoney@nostrum.com<mailto:mahoney@nostrum.com>> >> Resent-Date: Wednesday 22 June 2016 at 05:28 >> >> Hi, >> >> We can add the text. >> >> Regards, >> >> Christer >> >> Sent from my Windows Phone >> ________________________________ >> From: Gonzalo Salgueiro (gsalguei)<mailto:gsalguei@cisco.com> >> Sent: 21/06/2016 19:44 >> To: Ben Campbell<mailto:ben@nostrum.com> >> Cc: Christer Holmberg<mailto:christer.holmberg@ericsson.com>; >> draft-holmberg-dispatch-rfc7315-updates.all@ietf.org<mailto:draft-hol >> mberg-dispatch-rfc7315-updates.all@ietf.org>; >> SIPCORE<mailto:sipcore@ietf.org> >> Subject: Re: AD Evaluation of >> draft-holmberg-dispatch-rfc7315-updates-06 >> >> >>> On Jun 21, 2016, at 11:22 AM, Ben Campbell >>> <ben@nostrum.com<mailto:ben@nostrum.com>> wrote: >>> >>> That's a good start, but don't be surprised if we get questions >>> specifically about adding NPLI to ACK requests. some language to the >>> effect of the following might help: >>> >>> "This document adds the ability to include P-Access-Network-Info in >>> ACK requests. As documented in RFC7315, P-Access-Network-Info may >>> include privacy sensitive information, including the user's >>> location. >>> The security and privacy considerations for P-Access-Network-Info in >>> ACK requests are similar to those for the other SIP requests >>> discussed in RFC7315.” >> >> I’m fine with adding such text. >> >> Christer - Can we append this to your proposed text? >> >> Gonzalo >> >> >>> >>> Thanks! >>> >>> Ben. >>> >>> On 21 Jun 2016, at 3:26, Christer Holmberg wrote: >>> >>>> Hi Ben, >>>> >>>> See inline. >>>> >>>>> -------------- >>>>> >>>>> Substantive: >>>>> >>>>> The security considerations state that the draft removes some >>>>> places that some of the P-Headers can be sent, but expands that to >>>>> some other places. Further, it says that neither introduce new >>>>> security considerations beyond those in 7315. >>>>> >>>>> I accept that for the reduction part. But I'm not sure we can >>>>> state that sort of thing for the expansion part, at least without >>>>> some more discussion. Since 7315 already acknowledges potential >>>>> privacy issues around P-Access-Network-Info, I'd like to at least >>>>> see a sentence or two about the allowance of that in ACK requests, >>>>> even if they just say that this addition makes things no worse >>>>> than they already are. >>>> >>>> >>>> OLD: >>>> >>>> The security considerations for P- header fields are defined in >>>> [RFC7315]. This specification allows some header fields to be >>>> present in messages where they were previously not allowed, and >>>> disallow some header fields to be present in messages where they >>>> were >>>> previously allowed. That does not cause any security issues, but >>>> implementations need to be aware that implementations may not >>>> have >>>> been updated according to this document, and take proper actions >>>> if a >>>> header field occur, or does not occur, in a message where it >>>> should >>>> occur (or occurs in a message where it should not occur). >>>> >>>> >>>> >>>> NEW: >>>> >>>> The security considerations for these P- header fields are defined >>>> in >>>> [RFC7315]. This specification allows some header fields to be >>>> present in messages where they were previously not allowed, and >>>> the security considerations and assumptions (e.g. regarding only >>>> sending Information to trusted entities) also to those messages. In >>>> addition, this specification also disallow some header fields to be >>>> present in message where they were previously allowed. That does >>>> not cause any security issues, but implementations need to be aware >>>> that implementations may not have been updated according to this >>>> document, and take proper actions if a header field occur, or does >>>> not occur, in a message where it should occur (or occurs in a >>>> message where it should not occur). >>>> >>>> >>>> >>>>> Editorial: >>>>> >>>>> -5, first sentence: "The security considerations for P- header >>>>> fields are defined in >>>>> [RFC7315]" >>>>> I assume this means 7315 discusses the security considerations for >>>>> these P-Headers specifically, not P-Headers in general. Is this >>>>> the intent? If so, I suggest: >>>>> >>>>> s/... for P-header fields.../ ... for these P-header fields... >>>> >>>> I¹ll fix as suggested (ass new text above). >>>> >>>> Regards, >>>> >>>> Christer
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Ben Campbell
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Gonzalo Salgueiro (gsalguei)
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Ben Campbell
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- [sipcore] AD Evaluation of draft-holmberg-dispatc… Ben Campbell
- [sipcore] AD Evaluation of draft-holmberg-dispatc… Ben Campbell
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Ben Campbell