IETF Logo Mail Archive

Re: [sipcore] New Version Notification for draft-winterbottom-sipcore-locparam-02.txt

"Jesske, Roland" <R.Jesske@telekom.de> Fri, 27 October 2017 08:25 UTC

Return-Path: <R.Jesske@telekom.de>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27D941394E4 for <sipcore@ietfa.amsl.com>; Fri, 27 Oct 2017 01:25:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.319
X-Spam-Level:
X-Spam-Status: No, score=-4.319 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telekom.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I1Y_-Lr07d49 for <sipcore@ietfa.amsl.com>; Fri, 27 Oct 2017 01:25:15 -0700 (PDT)
Received: from MAILOUT21.telekom.de (MAILOUT21.telekom.de [80.149.113.251]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32690138FA0 for <sipcore@ietf.org>; Fri, 27 Oct 2017 01:25:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telekom.de; i=@telekom.de; q=dns/txt; s=dtag1; t=1509092714; x=1540628714; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=G7f1JZRfnLelIvtbRctM4K04uuFKE/MX4mqOj/vDBQU=; b=ZPeEkTkP2fnmVmQcwmDG/IFUQ15EMbRbVbFJbmXz6idW6pjGhm9n0kLC hn/bKRxRDSalq6c+/kne9GaSYP7+KKXLctYnr+bx0nlt+4pIZ/0LkE1bT yX49C4hVF6Euxwj6Iwpyx0Qvwyg5gJyFFTZS7NjV1ZWOF6NDAtJTedHX+ Vipgxs6Vh3Vy1pdnGHqJfqxfRUdDBCVNMUt4MfC+/Ibd+tw+UvPI2IgJV sNsQ4Gb0MW/M+Ha1A59QavtoekkOM8YDi9B1elrW/QETRkGdNsTWk56nY Wn2eX5X1ttbJ7t6UjyIc3Ye/E+BPmDrGjX7RZu+9Koxw+WM1vC1+TbCAl Q==;
Received: from qde8e4.de.t-internal.com ([10.171.255.33]) by MAILOUT21.telekom.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Oct 2017 10:25:11 +0200
X-IronPort-AV: E=Sophos;i="5.44,304,1505772000"; d="scan'208,217";a="103645938"
Received: from he105867.emea1.cds.t-internal.com ([10.169.119.44]) by QDE8PP.de.t-internal.com with ESMTP/TLS/AES256-SHA; 27 Oct 2017 10:25:11 +0200
Received: from HE101942.EMEA1.cds.t-internal.com (10.169.119.82) by HE105867.emea1.cds.t-internal.com (10.169.119.44) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Fri, 27 Oct 2017 10:25:11 +0200
Received: from HE100181.emea1.cds.t-internal.com (10.171.40.15) by HE101942.EMEA1.cds.t-internal.com (10.169.119.82) with Microsoft SMTP Server (TLS) id 15.0.1347.2 via Frontend Transport; Fri, 27 Oct 2017 10:25:11 +0200
Received: from GER01-FRA-obe.outbound.protection.outlook.de (51.4.80.20) by O365mail02.telekom.de (172.30.0.235) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Fri, 27 Oct 2017 10:24:37 +0200
Received: from LEXPR01MB0494.DEUPRD01.PROD.OUTLOOK.DE (10.158.166.14) by LEXPR01MB0493.DEUPRD01.PROD.OUTLOOK.DE (10.158.166.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.7; Fri, 27 Oct 2017 08:25:10 +0000
Received: from LEXPR01MB0494.DEUPRD01.PROD.OUTLOOK.DE ([fe80::605e:e45f:65a5:d5db]) by LEXPR01MB0494.DEUPRD01.PROD.OUTLOOK.DE ([fe80::605e:e45f:65a5:d5db%14]) with mapi id 15.20.0077.023; Fri, 27 Oct 2017 08:25:10 +0000
From: "Jesske, Roland" <R.Jesske@telekom.de>
To: Brian Rosen <br@brianrosen.net>, Olle E Johansson <oej@edvina.net>
CC: "sipcore@ietf.org" <sipcore@ietf.org>, "bruno.chatras@orange.com" <bruno.chatras@orange.com>
Thread-Topic: [sipcore] New Version Notification for draft-winterbottom-sipcore-locparam-02.txt
Thread-Index: AQHTSIyCShmGYDH9NU+jyalmJJwJvqLywkmQgAM1jWCAACwHgIAAAj+AgAABYACAAAljAIABMktQ
Date: Fri, 27 Oct 2017 08:25:10 +0000
Message-ID: <LEXPR01MB04942F39269598DFBA385816F95A0@LEXPR01MB0494.DEUPRD01.PROD.OUTLOOK.DE>
References: <150838463846.18684.496033948454208375.idtracker@ietfa.amsl.com> <LEXPR01MB04947E3E8BCB0A5594DC7B13F9470@LEXPR01MB0494.DEUPRD01.PROD.OUTLOOK.DE> <29299_1509013511_59F1B807_29299_392_1_88CAD1D4E8773F42858B58CAA28272A02AF91BFE@OPEXCLILM23.corporate.adroot.infra.ftgroup> <0FA1051A-D2A5-4273-8AF3-B1C9E6543361@brianrosen.net> <728862D5-566F-4A2F-80E6-99F623046F36@edvina.net> <DFB35273-B79C-4C49-A6E2-880281F870FD@edvina.net> <D0F63B99-D737-4BFB-8A10-9A22C64271BD@brianrosen.net>
In-Reply-To: <D0F63B99-D737-4BFB-8A10-9A22C64271BD@brianrosen.net>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=R.Jesske@telekom.de;
x-originating-ip: [164.19.3.27]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; LEXPR01MB0493; 6:0b9euKQf885SAkTKcHTnJLa8ETic2o5Y7dIqfWUtT7erRaBo8JmU9UUAL7ylzkdKUz2F9tOHmBr48aFGb0bRGNqXF4weHU5BAIQ+s4arZ02LOnWNq49PfaeNuKle0t4jNt3bMieX1yb8QjQ8HlBoSwfsg7NadvGtkdxrCoNm0G5wowpDy9Xz+Y4RxVZ8nzTWSR4YbPgaP0dlwWRVpd+9hORQ+CJQMTlpwCe7OqnPpTH+YuB/Ye6jZYkiMcA3CgDjI9Xi92hH+cjN5TtDLelOCiZMWtPk39Y/sE8nHCa5JEkWFiGL2dxzTp1O0Wds2Fzgn5ByDj5is1NwYI7r2fsSGg==; 5:LTgUuD67tEQkE1O5xLA57Ogv/W/y60ZAO5DL9o/WizbwXMpmXXRigF+/Gg4aISsfRxI5IfNGVPF2uEdAFkN0j0djtPVuPvtJb5Grj4QA2b+7A7oQejc7VjWDk942AugBrkGlvl7xvA2q9HpFXks0ZA==; 24:/w/JxtryXeQbdGRXQ4FXlJD1NU91FkNLjVG9oQ/icHqNheuedA1Bq/8sUIhdMc2dvi02SrsJYYzKipzTvYPD0FkpdeF6bmyXcyvPkHlzRz0=; 7:N1Hp+q2wBtIAVXFngOS21kFuLF6mDRgKv+mWGigWsLyEHlBA+p4uPeZMUqPL7S83/qvbkmBlBXNeNKb/zWV4Y53NnlJh7doNJqib3g263DYCiYSmo2066Og5ckrcw191PRF3iBFVQEcFQWwsfazqhAvxacxBQgSRUaZKRVRG4crRQyctn+T8FLI8UFQEPSkjXkt56zLdwME/Wbu0L0YMVwzAvl1Pi0jx6V9d7xOqjqQ=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 0907a830-266e-4d48-1dc3-08d51d143cef
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603199); SRVR:LEXPR01MB0493;
x-ms-traffictypediagnostic: LEXPR01MB0493:
x-exchange-antispam-report-test: UriScan:(192374486261705)(18271650672692)(21748063052155);
x-microsoft-antispam-prvs: <LEXPR01MB0493938C5B90A6EC6C07EA78F95A0@LEXPR01MB0493.DEUPRD01.PROD.OUTLOOK.DE>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231020)(3002001)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(6041248)(20161123558100)(20161123562025)(20161123560025)(20161123555025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:LEXPR01MB0493; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:LEXPR01MB0493;
x-forefront-prvs: 0473A03F3F
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(376002)(24454002)(189002)(199003)(81166006)(8936002)(75402003)(72206003)(236005)(97736004)(93886005)(8676002)(966005)(54906003)(53546010)(33656002)(55016002)(81156014)(316002)(2900100001)(6306002)(7696004)(9686003)(106356001)(66066001)(86362001)(105586002)(54896002)(606006)(189998001)(50986999)(14454004)(2950100002)(5660300001)(54356999)(230783001)(15650500001)(68736007)(5250100002)(790700001)(478600001)(7110500001)(110136005)(76176999)(4326008)(3280700002)(101416001)(3660700001)(10710500007)(74482002)(345774005)(3846002)(7736002)(6116002)(53936002)(2906002)(2420400007)(102836003)(19627235001); DIR:OUT; SFP:1101; SCL:1; SRVR:LEXPR01MB0493; H:LEXPR01MB0494.DEUPRD01.PROD.OUTLOOK.DE; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: telekom.de does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_LEXPR01MB04942F39269598DFBA385816F95A0LEXPR01MB0494DEUP_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2017 08:25:10.0398 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bde4dffc-4b60-4cf6-8b04-a5eeb25f5c4f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LEXPR01MB0493
X-OriginatorOrg: telekom.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/G8ltAsQqbYIp0Jo6rGugw9c_yDo>
Subject: Re: [sipcore] New Version Notification for draft-winterbottom-sipcore-locparam-02.txt
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 08:25:17 -0000

Hi Brian,
Thank you for the hint, I will update the security section.

Best Regards

Roland

Von: sipcore [mailto:sipcore-bounces@ietf.org] Im Auftrag von Brian Rosen
Gesendet: Donnerstag, 26. Oktober 2017 15:48
An: Olle E Johansson <oej@edvina.net>
Cc: sipcore@ietf.org; bruno.chatras@orange.com; Jesske, Roland <R.Jesske@telekom.de>
Betreff: Re: [sipcore] New Version Notification for draft-winterbottom-sipcore-locparam-02.txt

Thanks for noticing this.  Any way we could convince you to draft a paragraph that could be included with this document that will do that update to security for 6442?

Brian

On Oct 26, 2017, at 9:14 AM, Olle E. Johansson <oej@edvina.net<mailto:oej@edvina.net>> wrote:

Went back to the RFC you are updating. The security considerations there are very much out of date with
current IETF practise in my opinion. If you update 6442, the security section would benefit from an update.

Referring to S/MIME (not really implemented much) and SIPS: (which is totally out-of-date) is not acceptable
any more.

/O

On 26 Oct 2017, at 15:09, Olle E. Johansson <oej@edvina.net<mailto:oej@edvina.net>> wrote:

Some quick comments to version -02:

in section 4, you refer to “other-loc-src” as a token. That’s not clearly specified. WIll there be a registry for “tokens”?
I am afraid that this is an opening for private tokens that hinders interoperability.

In “Privacy considerations” - should you not discuss what happens with my privacy if an entity in the network,
but not my phone, adds a location?

In “security considerations” there’s a discussion about a “trusted network” - but that is not defined. What is
a trusted network? There’s no mention on how to apply trust, privacy, confidentiality.

There is a typo as well: "when passed to an other domain.”
s/an other/another/

Cheers,
/O
_______________________________________________
sipcore mailing list
sipcore@ietf.org<mailto:sipcore@ietf.org>
https://www.ietf.org/mailman/listinfo/sipcore

v2.23.0 | Report a Bug | By Email