IETF Logo Mail Archive

Re: [sipcore] 4028bis: forking

OKUMURA Shinji <ietf.shinji@gmail.com> Tue, 02 June 2020 01:51 UTC

Return-Path: <ietf.shinji@gmail.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7242B3A0807 for <sipcore@ietfa.amsl.com>; Mon, 1 Jun 2020 18:51:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id quKcJA2wE-61 for <sipcore@ietfa.amsl.com>; Mon, 1 Jun 2020 18:51:08 -0700 (PDT)
Received: from mail-pg1-x530.google.com (mail-pg1-x530.google.com [IPv6:2607:f8b0:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2AD43A0801 for <sipcore@ietf.org>; Mon, 1 Jun 2020 18:51:08 -0700 (PDT)
Received: by mail-pg1-x530.google.com with SMTP id r10so4333450pgv.8 for <sipcore@ietf.org>; Mon, 01 Jun 2020 18:51:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:references:from:to:cc:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=7vSKmdYLk4je9/gR1AU5Twx3n179QaSArSs0m7j7TDA=; b=T7byUV8TmSJst9nWtb0Qzzh/3r5xi2ol1IN63VBlEWUMmG4BXNpi29x6rHCmBhSNpq nzymNsphZ8HjX85Heq4pByDI7wfGojmqmSQPZqIQ3AM95gLrt1AnJrEUxyx36ylIxU+l /5F3sLdpf/2lIxEiOieU1Znf+YY8xpYZuj3a/xJVV6TVJS020AtyRkMNfIV7+HOxUtTm lD77MiV/d+9kjSxKnkJRXKNKSgVYw/Tb+xp7WFXV5V6UFmTQl883rmEYRPgosQRMeD97 faUrJXecdytcVQqmsHlynLHrZ8qGjfpr0xfOlUltVtJHrFUnilpb7vZg/+SKQlGEwav9 85MQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:from:to:cc:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=7vSKmdYLk4je9/gR1AU5Twx3n179QaSArSs0m7j7TDA=; b=sV66OoUCnagcKXCH0jtq514bGURVUAF0fD1kjPtkpbe8ncYqNLOJBrmglq1BfnaErD Kj9ZP3xoe+1aQpFLlixfK450AQ1sCHx5BxDHZG6JpTTXpWhvVbcMyJtZdmQzhSxN8dYu UayZcGTDVymCSVxrX+AodudW2TftdVt9roG+Rd008e1JNwKf+8095ijSpAlTMUlc0aZ3 oGfxN3rZppifX3X63a7pANdV+vxaPniHqeSYoY6bjvuBY9vd6E/5gVruJuEp1aYXGfaj paDp+l7cbRc1Kt51448jOcmKmIWBu7XfQMnIIj//BglQ3M6mu1G/2T8XmmIX/KjevCIH iNpg==
X-Gm-Message-State: AOAM530db8f+6aCGSf+diNh71p/2CcMD1Pnk+dnspqssb8yrnZJiQaf0 O3Bdi+379H6sIGGFYzQl3VsM9KOk
X-Google-Smtp-Source: ABdhPJy5avEtvwVZ+l4JW2lhlxzDWjKBIkAMhPbqk+UrIXPUehYbL2rAD4TZPrurVgjDHtP30J3uag==
X-Received: by 2002:a63:fa4d:: with SMTP id g13mr10590345pgk.26.1591062668254; Mon, 01 Jun 2020 18:51:08 -0700 (PDT)
Received: from [192.168.1.10] (x156176.ppp.asahi-net.or.jp. [122.249.156.176]) by smtp.gmail.com with ESMTPSA id d2sm604921pfc.7.2020.06.01.18.51.06 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 01 Jun 2020 18:51:07 -0700 (PDT)
References: <87zh9rh3r6.fsf@hobgoblin.ariadne.com> <d11b3de6-9c51-91c0-125e-175d6ff15bc5@gmail.com> <CAD5OKxvDsa6fyEVfz2-zPOzSHLtNn9_MoaSgr+ucx6Ba-jPU3Q@mail.gmail.com>
From: OKUMURA Shinji <ietf.shinji@gmail.com>
To: SIPCORE <sipcore@ietf.org>
Cc: "Dale R. Worley" <worley@ariadne.com>, Roman Shpount <roman@telurix.com>
Message-ID: <e393d63d-806e-cdd5-ee43-37d6772954b0@gmail.com>
Date: Tue, 02 Jun 2020 10:51:05 +0900
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.8.1
MIME-Version: 1.0
In-Reply-To: <CAD5OKxvDsa6fyEVfz2-zPOzSHLtNn9_MoaSgr+ucx6Ba-jPU3Q@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/8x46qTfoS0lG08PjL7JaEp7Rns0>
Subject: Re: [sipcore] 4028bis: forking
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2020 01:51:10 -0000

Roman,

Three(b, c, d) of my suggestions are the same as RFC4028. The last one(a) also does not violate the RFC4028. Therefore, this situation can occur even with the current regulations.

And rules regarding Min-SE have not changed. Even without using the 422 response, proxies can indicate the desired Min-SE to a UAS. So if there is a security risk, it means that the RFC4028 has the same risk.

Regards,

Shinji

On 2020/06/02 2:02, Roman Shpount wrote:
>    Shinji,
> 
> The main purposes of session timers is to allow SIP proxies to maintain dialog state for billing and other purposes. Proxies are the main agents that insert Session-Expires header. In most cases there is no reason for UA to use session timers since they can normally monitor call presence without it. Your proposal makes the most common use case for session timers impossible.
> 
> Min-SE exists mainly for the purpose of preventing badly behaving proxies or UA from overload proxies on the call path or UAS. Not allowing proxy to send 422 creates a big security risk.
> 
> My general attitude is that parallel forking is broken for a lot of use cases anyway, so it should be avoided. I do not think a lot of production deployments are actually use parallel forking. Most of the UA would not handle multiple 200 OK responses that can be created as a result of parallel fork. Session timers are, on the other hand, are used a lot. So I would prefer to live with broken or under-specified parallel forking vs breaking session timers.
> 
> Thank You,
> _____________
> Roman Shpount
> 
> 
> On Mon, Jun 1, 2020 at 5:57 AM OKUMURA Shinji <ietf.shinji@gmail.com <mailto:ietf.shinji@gmail.com>> wrote:
> 
>     Hi,
> 
>     I've not intended to suggest a common solution to the fork-issue. I am interested in how the fork does not happen. It is related to the behavior of proxies and a UAS in the 1st phase that you mention. My suggestion is that a UAS and proxies SHOULD avoid returning 422 as much as possible.
> 
>     Considering backward compatibility, rules are as follows.
> 
>     a) A UAC and proxies should not insert a Session-Expires header.
>     b) A UAC and proxies may insert a Min-SE header or increase the value of it.
>     c) A UAS may insert a Session-Expires header into a 200 response.
>     d) A proxy may insert a Session-Expires header into a 200 response, but must not modify it.
> 
>     Of course legacy proxies will return 422, but this is unavoidable.
>     In that case, the following rule may be useful.
> 
>     e) If a proxy increases the value of a Min-SE header and it becomes greater than the value of a Session-Expires header, then a proxy should increase the value of a Session-Expires header to the value of a Min-SE header.
> 
>     However, this rule can be problematic in terms of backward compatibility.
> 
>     Shinji
> 
>     On 2020/05/29 11:30, Dale R. Worley wrote:
>      > OKUMURA Shinji <ietf.shinji@gmail.com <mailto:ietf.shinji@gmail.com>> writes:
>      >> As you point out, the other responses(407, 420, ...) cause the same problem.
>      >> But session-timer is essentially a kind of pre-condition, so I'd like
>      >> to avoid incoming calls to fail because of it. And I'd like to sort
>      >> out also the rules in early dialog.
>      >
>      >> On 2020/05/27 19:16, Christer Holmberg wrote:
>      >>> A proxy rejecting a request is not unique to the session-timer.
>      >>>
>      >>> If Alice receives a 422 she can send a CANCEL (if other early dialogs
>      >>> have been established), and then a new initial INVITE.
>      >
>      > (This has a larger scope than just session-timers.)
>      >
>      > I don't know if the above writers intended this point, but reading what
>      > they have said suggests to me this possible behavior for proxies (which
>      > I don't recall seeing suggested):
>      >
>      > Note that 422 is one of a number of "pre-condition failure" response
>      > codes.  Those have the properties (1) when they are generated, they are
>      > generated nearly immediately from the INVITE, and (2) the UAC can adjust
>      > the INVITE to prevent them.
>      >
>      > Suppose that if a proxy receives one of these "pre-condition failure"
>      > responses, it immediately (or with short delay on a human scale) cancels
>      > all remaining forks of the transaction and returns the failure response
>      > upstream.
>      >
>      > The effect is to split the "early dialog" phase into two sub-phases, (1)
>      > a very short phase where the forking of the INVITE effectively probes
>      > for proxies and UASs that object to the the INVITE for "pre-condition"
>      > reasons, and (2) a longer phase which resembles the current early dialog
>      > phase.
>      >
>      > There are probably refinements needed to make this work in all cases.
>      >
>      > Dale
>      >
> 
>     _______________________________________________
>     sipcore mailing list
>     sipcore@ietf.org <mailto:sipcore@ietf.org>
>     https://www.ietf.org/mailman/listinfo/sipcore
>

v2.23.0 | Report a Bug | By Email