IETF Logo Mail Archive

Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones

"Asveren, Tolga" <tasveren@sonusnet.com> Thu, 22 December 2016 17:08 UTC

Return-Path: <tasveren@sonusnet.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C33212947B for <sipcore@ietfa.amsl.com>; Thu, 22 Dec 2016 09:08:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sonusnetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8hww3ZjurMQy for <sipcore@ietfa.amsl.com>; Thu, 22 Dec 2016 09:08:41 -0800 (PST)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0070.outbound.protection.outlook.com [104.47.36.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06BD512940C for <sipcore@ietf.org>; Thu, 22 Dec 2016 09:08:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=SonusNetworks.onmicrosoft.com; s=selector1-sonusnet-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=qKARJ0KWqhbeZPpXB2A5E8urw953nowAg57MHWFx8sY=; b=Oyq5oFleHGo/j3SeU73E818kTTw8z5E7miGdp9T1CuUlj7lxfKFnHDbs8av5hbRsSoV8k8jm2Erb01W2T8oia4zlSRMwwu+Gh7DQ+j4YhhMQT5M3REAn1GqxNLktfogqiULPJIWNAD+y3g777v8n512YXh6ljY8DcnwkfxRt9hg=
Received: from SN2PR03MB2350.namprd03.prod.outlook.com (10.166.210.141) by SN2PR03MB2349.namprd03.prod.outlook.com (10.166.210.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.803.11; Thu, 22 Dec 2016 17:08:38 +0000
Received: from SN2PR03MB2350.namprd03.prod.outlook.com ([10.166.210.141]) by SN2PR03MB2350.namprd03.prod.outlook.com ([10.166.210.141]) with mapi id 15.01.0803.015; Thu, 22 Dec 2016 17:08:38 +0000
From: "Asveren, Tolga" <tasveren@sonusnet.com>
To: "Olle E. Johansson" <oej@edvina.net>
Thread-Topic: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones
Thread-Index: AQHSWv96++N6DRIq/E2cKGNWf6YDKaET6r4AgAAS3iCAAAYCAIAAF0yAgAAGmwCAABLYMA==
Date: Thu, 22 Dec 2016 17:08:38 +0000
Message-ID: <SN2PR03MB2350D22AA44D07FE21369CB0B2920@SN2PR03MB2350.namprd03.prod.outlook.com>
References: <e42393d8-9ddb-78ba-78fe-34f04f6d672d@nostrum.com> <D48194CE.14EEA%christer.holmberg@ericsson.com> <CO2PR03MB2342255BB9ECDF579283A930B2920@CO2PR03MB2342.namprd03.prod.outlook.com> <2341DDCB-C96D-441B-A6CA-049A8149FB0B@edvina.net> <SN2PR03MB235007F2298CD2EEDC718363B2920@SN2PR03MB2350.namprd03.prod.outlook.com> <EBAB0160-CDD2-4821-9765-44EF10742728@edvina.net>
In-Reply-To: <EBAB0160-CDD2-4821-9765-44EF10742728@edvina.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tasveren@sonusnet.com;
x-originating-ip: [73.29.18.75]
x-ms-office365-filtering-correlation-id: 37e26476-5178-4b60-4db2-08d42a8d2c21
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:SN2PR03MB2349;
x-microsoft-exchange-diagnostics: 1; SN2PR03MB2349; 7:i2qw3l4uCffm2Uop19XrHt+ygn0HDOsPNnNPR/IwpfoIusQsQN8mWy9+Z/i5tw6m+/UWtvJEGaetIBiRDqFCLQxY19LfL9KQwgpZ1i2vpE3fBPth/R3XjI+A4v1PhpiB3gpMaYqPIoEysh6HGs6uTd+0WduEK+HvFBgysg1VC8RoTW46CoX1URsKASOQAqJQAxSbKZDqUR7kp11r5a+DJs4ZyJw9eMuCT4kfjirFw9qu5Gf7fOGLtHwxpyHpFyIsCLU56q5ZNfYIyevIvCQvrIyXgza33BFcaqyiaw3FRbT0NUuGtXznPDga011eU9jXiGo7hsHqE4xLbznRbmI/XQrQDxuRurDg56vqFeGn5IUwdIO4OvmjrLhzs/Hy8Vq5+3A9zGeUxJ//+Oaz6lL0MvZB45oms3F/VtFd3o/h5cBn92XKN1vFS7yNPL7UAPfwMoQKG7JFsPTJHYAsMR3eyw==
x-microsoft-antispam-prvs: <SN2PR03MB23494E19BDE38D75C49EE6C6B2920@SN2PR03MB2349.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(37575265505322)(158342451672863)(100405760836317)(178636050973902)(21748063052155)(132712982866762);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6041248)(20161123560025)(20161123564025)(20161123562025)(20161123555025)(6072148)(6047074); SRVR:SN2PR03MB2349; BCL:0; PCL:0; RULEID:; SRVR:SN2PR03MB2349;
x-forefront-prvs: 01644DCF4A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916002)(39450400003)(189002)(199003)(51914003)(377454003)(24454002)(8676002)(101416001)(189998001)(86362001)(2950100002)(7696004)(6916009)(110136003)(551934003)(6116002)(790700001)(33656002)(3846002)(102836003)(5660300001)(2906002)(74316002)(7736002)(9686002)(7906003)(97736004)(93886004)(68736007)(19609705001)(38730400001)(8936002)(6436002)(81166006)(81156014)(606005)(77096006)(106116001)(4326007)(66066001)(105586002)(99286002)(6506006)(76576001)(92566002)(106356001)(229853002)(3660700001)(122556002)(3280700002)(54356999)(76176999)(50986999)(25786008)(2900100001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN2PR03MB2349; H:SN2PR03MB2350.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: sonusnet.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_SN2PR03MB2350D22AA44D07FE21369CB0B2920SN2PR03MB2350namp_"
MIME-Version: 1.0
X-OriginatorOrg: sonusnet.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Dec 2016 17:08:38.3566 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 29a671dc-ed7e-4a54-b1e5-8da1eb495dc3
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN2PR03MB2349
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/5Zy4pXZ6lAkaNLv7WxN5zRtS7gg>
Cc: Ben Campbell <ben@nostrum.com>, SIPCORE <sipcore@ietf.org>
Subject: Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Dec 2016 17:08:45 -0000

Thanks for the clarification.

i- I agree that connection re-use needs to be addressed as it would be a normative change.
ii- Is it a mandate that mutual authentication needs to be used if transport=tls? If so, that would require another normative change to align with practical needs.
iii- I think both i-/ii- are relatively straightforward to address. The more interesting/challenging aspect is how to failover DTLS connections without a need for per-transaction state synchronization and with the fewest round-trips possible.

Thanks,
Tolga

From: Olle E. Johansson [mailto:oej@edvina.net]
Sent: Thursday, December 22, 2016 10:55 AM
To: Asveren, Tolga <tasveren@sonusnet.com>
Cc: Olle E Johansson <oej@edvina.net>; Christer Holmberg <christer.holmberg@ericsson.com>; Adam Roach <adam@nostrum.com>; SIPCORE <sipcore@ietf.org>; Ben Campbell <ben@nostrum.com>
Subject: Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones


On 22 Dec 2016, at 16:34, Asveren, Tolga <tasveren@sonusnet.com<mailto:tasveren@sonusnet.com>> wrote:

Olle,

I missed the point about why “practically possible failover” needs to be solved both for TLS/DTLS (I am not arguing it would be good to have a solution for both) and also what this issue in general has something to do with client certificates.
Could you provide a bit more information/clarifications?

We’ve discussed it a number of times both here and on the SIP Forum techwg mailing list. You can find summaries here:

http://www.slideshare.net/oej/sip-half-outbound-random-notes
http://www.slideshare.net/oej/sip-tls-security-in-a-peer-to-peer-world

In short, without SIP Outbound the client connection can’t be re-used for outbound requests. Seems like there is a huge
resistance to implement SIP Outbound. We need a way for the client to allow the server to reuse the inbound connection
for outbound requests even though there’s no TLS certificate matching the URI on the client side.

We’ve had a lot of clients register with “;transport=tls” at SIPit without a client cert - which means we can’t communicate
based on that registration.

Cheers,
/O


Thanks,
Tolga

From: Olle E. Johansson [mailto:oej@edvina.net]
Sent: Thursday, December 22, 2016 9:08 AM
To: Asveren, Tolga <tasveren@sonusnet.com<mailto:tasveren@sonusnet.com>>
Cc: Olle E Johansson <oej@edvina.net<mailto:oej@edvina.net>>; Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>>; Adam Roach <adam@nostrum.com<mailto:adam@nostrum.com>>; SIPCORE <sipcore@ietf.org<mailto:sipcore@ietf.org>>; Ben Campbell <ben@nostrum.com<mailto:ben@nostrum.com>>
Subject: Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones


On 22 Dec 2016, at 14:50, Asveren, Tolga <tasveren@sonusnet.com<mailto:tasveren@sonusnet.com>> wrote:

Regarding the interest in SIP/UDP/DTLS:
This is mainly based on prospect of larger scalability on server side. There may/may not be an immediate need to tweak/change things to make DTLS related processing (hopefully just on the local stack level rather than on on-the-wire protocol- with some supporting SIP enhancements) more “failover friendly”. This issue requires more analysis/discussion but does not sound unsolvable IMHO.
We will have to solve client connection reuse for both TLS and DTLS sessions though. Unless you want to have
client certificates on all devices.

Adam as chair: SIP Client Connection Reuse is something we’ve disussed under multiple names - “half outbound” or “why is ;transport=tls”
deprecated” or “Why doesn’t SIP Outbound happen?”. Maybe that deserves a milestone.

/O



Thanks,
Tolga

From: sipcore [mailto:sipcore-bounces@ietf.org] On Behalf Of Christer Holmberg
Sent: Thursday, December 22, 2016 7:39 AM
To: Adam Roach <adam@nostrum.com<mailto:adam@nostrum.com>>; 'SIPCORE' <sipcore@ietf.org<mailto:sipcore@ietf.org>>
Cc: Ben Campbell <ben@nostrum.com<mailto:ben@nostrum.com>>
Subject: Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones

Hi,

I will obviously be actively involved in 4), and I also agree that 5) should be done as it is a correction.

As far as the other potential work is concerned, 3) has the highest priority for me, and I would actively participate in that work.

I would review 1) and 2), but I would really like to see an individual draft on 2) before we agree whether to create a milestone for it. For example, I would like to see some input on WHY to do it, and HOW it is intended to be deployed etc. How does DTLS fit SIP? What are the advantages? OR, do we want to specify DTLS-for-SIP simply because DTLS is “hot”?

Regards,

Christer

From: sipcore <sipcore-bounces@ietf.org<mailto:sipcore-bounces@ietf.org>> on behalf of "adam@nostrum.com<mailto:adam@nostrum.com>" <adam@nostrum.com<mailto:adam@nostrum.com>>
Date: Tuesday 20 December 2016 at 22:27
To: "sipcore@ietf.org<mailto:sipcore@ietf.org>" <sipcore@ietf.org<mailto:sipcore@ietf.org>>
Cc: Ben Campbell <ben@nostrum.com<mailto:ben@nostrum.com>>
Subject: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones

[as chair]

Now that we have our new charter approved, I'd like the working group to have a discussion about the specific work items that we should take on in the short- to medium-term so that we can revise our milestones appropriately. Based on recent discussions on the mailing list, the following topics have some mind-share behind them. What I'd like from everyone with an interest in any of these topics is to indicate (a) whether you are willing to actively review and comment on documents on the topic; and (b) what priority each task has relative to each other: there are five topics; please indicate a unique priority from one (most important) to five (least important) for each topic.

  1.  "Happy Eyeballs for SIP" (aka Happy Earballs), currently under discussion on the list.
  2.  "DTLS Transport for SIP", as proposed by Tolga Asveren's recent messages.
  3.  A mechanism for labeling the nature of SIP calls, with <draft-schulzrinne-sipcore-callinfo-spam> as a likely candidate draft.
  4.  Fixing Content-ID in SIP, as discussed in <https://www.ietf.org/mail-archive/web/sipcore/current/msg07245.html><https://www.ietf.org/mail-archive/web/sipcore/current/msg07245.html>, with <draft-holmberg-sipcore-content-id> as a likely candidate draft.
  5.  Clarifications around SIP name-addr, with <draft-sparks-sipcore-name-addr-guidance> as a likely candidate draft

I will also note that we have already declared consensus on adopting <draft-ietf-sipcore-status-unwanted> as a WG document, and will be adding an associated milestone. I want to take this opportunity to remind people that the document is in WGLC, and your comments are strongly encouraged, the earlier the better.

Please respond before the end of 2016. Thanks!

Thanks!

/a
_______________________________________________
sipcore mailing list
sipcore@ietf.org<mailto:sipcore@ietf.org>
https://www.ietf.org/mailman/listinfo/sipcore

v2.23.0 | Report a Bug | By Email