IETF Logo Mail Archive

Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-token-authnz-02.txt

Roman Shpount <roman@telurix.com> Wed, 10 July 2019 01:44 UTC

Return-Path: <roman@telurix.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62167120048 for <sipcore@ietfa.amsl.com>; Tue, 9 Jul 2019 18:44:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.593
X-Spam-Level:
X-Spam-Status: No, score=-0.593 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telurix-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e5lqQ2J1FXgq for <sipcore@ietfa.amsl.com>; Tue, 9 Jul 2019 18:44:50 -0700 (PDT)
Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 220B312001E for <sipcore@ietf.org>; Tue, 9 Jul 2019 18:44:50 -0700 (PDT)
Received: by mail-pf1-x434.google.com with SMTP id t16so245534pfe.11 for <sipcore@ietf.org>; Tue, 09 Jul 2019 18:44:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=maiR/RE+hwn70ucZzZ+gWMc/U68JiEpKGGeZFFjJN2E=; b=HRFuVhtBxsetY5bZ4ITiZyb7SELyDTPhUVJI2uDLFI0x+xrOL1rLGB8do67nFZ+Af8 nm0u6t0jO+0I7+E5wW2Alah7K6yqKG59cnomDSJLUZ//15hecwsbVKkpSadviBHE9XXg Aj3hS2pO/44UAY9X7zQFqjzL3TXVau8M3AOYESDVI4Bi+z8jZwxdYczJrJ//jhG7q192 BGKAoslujEdDbUCEaBsAzb4VZPW+uTyKkEBfnwfBusRbcNfVQWsqCwarVNFpY3E3+RtS gurne6HfNqghvbCz6eef8RHRCJyM87kOzmj1t+ZgsVyPgw2b2Fk1Q2TGttZ8bxtF1uzQ MQWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=maiR/RE+hwn70ucZzZ+gWMc/U68JiEpKGGeZFFjJN2E=; b=L3gazAxdSG12BNNsO8iSMCa9h3QpWYc5fHSzyAe9JxUJjDV2vJpJ3eqV8pRacE0CkC Sou6DAZtR57itcU5vciFNpX6Q/GdmFqKDvAndb4G68Jl9hbcUOOFtu14O9orseiC9ToX uqhC9CXX0VOtqbtc8hStkXzOl7QWYH9CksI4KNW19ojs6EDuXXb3eK5Wty0zbwM2YgMn UlON6EkoeGH3mx/WLo7ihMzw5nrkENPwa+aHcxjcvrdLV9cSfSndI4noHwscWakceI9V 0tt2qa7Zf5zDxyirOs1Lc4oY9lPu5pzXUmpOzB5MPXrIX8XPjWte4S+S2Ls4ajIS4SOD iMcg==
X-Gm-Message-State: APjAAAWENJqGGP8pRWDlzthQFOsYLpf2XqjMtzhckRhPUck61aZtxMpS BSMCDGwqHRlHGQ/CKAsq7rSPkstQ
X-Google-Smtp-Source: APXvYqyK9m7rLmy9/uvQuOws6FZf964Hro+u4/E+rtGg4mHIjDaT+VobK6w9wiek05Ar+mSy/1Yc8g==
X-Received: by 2002:a17:90a:b903:: with SMTP id p3mr3465237pjr.79.1562723089055; Tue, 09 Jul 2019 18:44:49 -0700 (PDT)
Received: from mail-pg1-f178.google.com (mail-pg1-f178.google.com. [209.85.215.178]) by smtp.gmail.com with ESMTPSA id j1sm312622pgl.12.2019.07.09.18.44.47 for <sipcore@ietf.org> (version=TLS1_3 cipher=AEAD-AES128-GCM-SHA256 bits=128/128); Tue, 09 Jul 2019 18:44:48 -0700 (PDT)
Received: by mail-pg1-f178.google.com with SMTP id t132so356286pgb.9 for <sipcore@ietf.org>; Tue, 09 Jul 2019 18:44:47 -0700 (PDT)
X-Received: by 2002:a17:90a:bf92:: with SMTP id d18mr3661342pjs.128.1562723087010; Tue, 09 Jul 2019 18:44:47 -0700 (PDT)
MIME-Version: 1.0
References: <156249821133.14592.1211919336596009446@ietfa.amsl.com> <CAGL6epLsP_UfZMAcFLsORrR05Enu-vp=jnkgUFuKSttQm8swAw@mail.gmail.com> <c8d5c42e-ab21-80e8-3189-c8592dd02d3a@alum.mit.edu> <HE1PR07MB3161C55955B2FCED2C0F6A9993F60@HE1PR07MB3161.eurprd07.prod.outlook.com> <68ed93ae-57df-6bc7-774b-47959417abda@alum.mit.edu> <HE1PR07MB3161D46B4A44FC7E789ADDB893F10@HE1PR07MB3161.eurprd07.prod.outlook.com> <4a9787e5-b5e2-bc08-0fa0-fae6bd44148d@alum.mit.edu> <527F4C39-F065-4335-A939-6D443F1801E7@ericsson.com> <CAD5OKxuK_2+JcbGvo6LNeRbCYXWXQmhKQPNUzoZvZEOupPWyjw@mail.gmail.com> <HE1PR07MB3161612130F07C8F727A2BB693F10@HE1PR07MB3161.eurprd07.prod.outlook.com> <CAD5OKxtR-WBhfa4msbAfXoK7JowYaKK3fSCbw0cXm6SRGwkLxg@mail.gmail.com> <CAGL6epK8Z938pnMKVyWGBK=6fMzNq6+gmxro-AAO2nzvGT4jeg@mail.gmail.com> <CAD5OKxs6g+6mLbMRc9C0q5BSSn=+7HHzKf5Ya5uL-+RbhVfEaA@mail.gmail.com> <CAGL6epKfLWA=RW3T84feSud9sZ+TcpB=XRA6fvTzP-jL3h4+4A@mail.gmail.com> <CAD5OKxs3=XdOFYThY1gCu23M4nqJV-bJOSCU7-Ogn0J=xy+E3A@mail.gmail.com> <CAGL6epJWXBTcnNk3nMN3Yfsh5y6+pddQSW_MbkAdNZbmWf6_Gg@mail.gmail.com> <CAD5OKxt=sJhKGRRFPUon=JokbJ2Vb=P7GcfJ8LpXt_Yp-eOg3Q@mail.gmail.com> <CAGL6ep+CGEs8OW4vO2vNuGg8co9rXiUiD1JWaR9W7BBm8+SpQw@mail.gmail.com>
In-Reply-To: <CAGL6ep+CGEs8OW4vO2vNuGg8co9rXiUiD1JWaR9W7BBm8+SpQw@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
Date: Tue, 09 Jul 2019 21:44:37 -0400
X-Gmail-Original-Message-ID: <CAD5OKxsmXUjFP0mGELdPxCgXKwDs+9iYKE327fB1Jtn0jsXAbg@mail.gmail.com>
Message-ID: <CAD5OKxsmXUjFP0mGELdPxCgXKwDs+9iYKE327fB1Jtn0jsXAbg@mail.gmail.com>
To: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
Cc: Christer Holmberg <christer.holmberg@ericsson.com>, "sipcore@ietf.org" <sipcore@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007bd160058d49d218"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/Ek9oJnTdoifGSKmPMxcdLdZxLOg>
Subject: Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-token-authnz-02.txt
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jul 2019 01:44:51 -0000

On Tue, Jul 9, 2019 at 9:29 PM Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
wrote:

> For me, the main motivation is SSO.
> The user would use one set of corporate credentials to authenticate, login
> to a deskphone, and get access to SIP and non-SIP services.
>
> I am not sure I am following your use case.
> How would the user authenticate and obtain a an access token in this case?
>
>
The use case is the same SSO in combination with hot desks and multiple
PBXs. User picks a desk at a remote office, goes to a web page to login,
enters his credentials and desk location. Expected result is that the phone
on this temporary desk will ring when user gets a call on user's extension
on the user home PBX. Internally, SSO system produces a token, which is
sent to the PBX in the remote office. PBX in the remote office registers
using this token with use home PBX, and configures that all the calls for
this registration are forwarded to the phone on the user temporary desk.
All the calls placed from that desk are also placed through user home PBX
so that correct line is used and user home caller ID is displayed.

Best Regards,
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email