IETF Logo Mail Archive

Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-token-authnz-02.txt

Christer Holmberg <christer.holmberg@ericsson.com> Thu, 11 July 2019 12:58 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 124631200E7 for <sipcore@ietfa.amsl.com>; Thu, 11 Jul 2019 05:58:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i31ot2eyBc_W for <sipcore@ietfa.amsl.com>; Thu, 11 Jul 2019 05:58:19 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40051.outbound.protection.outlook.com [40.107.4.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A0A51200A3 for <sipcore@ietf.org>; Thu, 11 Jul 2019 05:58:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kEAtTziNsLMrpMAk38vO4kuigu8a3aXXIQbsLYYk7DK7igTm5UbQOojEXPyKMIDVaGmi9zDqsDeDvQpGpPHLfBC+fcqedvcN6kfrlM84B2eWzicT6dVec9L1V+rwaXp4ul4EJmB4xFculkSOoMxWAk6sk17CuQS9DLfMrKtUf7JHYNUAJZCq/W5l9pl9xHrIppwCfe0yyNG2ZeS9T7sx+HMfaLVywP18vYPjcOzPrGF36+uscUGNh4EVkjZfnL1U0CmqdQIYaduszwVMPJGqo/t+/s2/Lo/IN/Gxw1HPSDcfKmx2sZ815szi6af7Je8F7BTW2Lr9hmNLTYfICWKv1w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=f6Gzk30HbAiE7DXN3Um07s3n0cphskXuJxjWoc/ABm4=; b=MXSLXJlbwicCvyNp2KuU3h/csZA9xjNioi1WK6gaWJm8kId6wj488WDpnW7gIHOOSF7D3QRc67pBGpML/fTHxsI1+uuKZF1ZG5X5vY7iq3Z8EbQgz1EsrtSXijtsz6F7SrocWunTCAan11E0f3Vg+VB7R0rVlg5j1My80zHmo4AMdeBrDSKVRvwp4RBdSULppSg3T/ZmJhwk2d/QYQhD7WvNzjl6Whcxwb26mw9nXPYnwSPdaNHxWDdmXEfE56b+gH6s8OGk/rV4zPg4LKSXpFmA8YrPR4Y5mOcCzA1NyR5KFFZrY/8JGnra2eLZo0Wjo/r18gXRR56aYFE1s7x6JQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=ericsson.com;dmarc=pass action=none header.from=ericsson.com;dkim=pass header.d=ericsson.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=f6Gzk30HbAiE7DXN3Um07s3n0cphskXuJxjWoc/ABm4=; b=NB0wuv2oCkaBhfEjbP7iBeswlAho2fitpc56dyjsia9vG/65Q/Ucml7X37sH5tjH3YHyR2e6/GuIdd55ajM5NjxPNDKE6bzSqUUyz0JWfYrSXiKUixW4pzuPcc0N2IJykkxk2v1BPvQVLq/W0hmI+uMvUvposZ4431k+xAWRjos=
Received: from HE1PR07MB3161.eurprd07.prod.outlook.com (10.170.245.23) by HE1PR07MB1033.eurprd07.prod.outlook.com (10.162.27.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.9; Thu, 11 Jul 2019 12:58:16 +0000
Received: from HE1PR07MB3161.eurprd07.prod.outlook.com ([fe80::5050:a3a9:be80:cf43]) by HE1PR07MB3161.eurprd07.prod.outlook.com ([fe80::5050:a3a9:be80:cf43%5]) with mapi id 15.20.2073.008; Thu, 11 Jul 2019 12:58:16 +0000
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: "Olle E. Johansson" <oej@edvina.net>
CC: "sipcore@ietf.org" <sipcore@ietf.org>
Thread-Topic: [sipcore] I-D Action: draft-ietf-sipcore-sip-token-authnz-02.txt
Thread-Index: AQHVNLWxruT/m/C2REGBvr04oIfCDqa/Al8AgAHwRACAACa0QIAAOvWAgACKbgCAAH00gIAARqSA///Z+ACAADMUgP//1TCAgABAXACAATj+gIABDXaAgAA3igD//9RDgAALc6uA///Q/4CAADuIAP//1FUAgAA3WQD//86pAIAAP5UA
Date: Thu, 11 Jul 2019 12:58:16 +0000
Message-ID: <45418731-F319-4C03-B543-1398E2EF49E1@ericsson.com>
References: <156249821133.14592.1211919336596009446@ietfa.amsl.com> <CAGL6epLsP_UfZMAcFLsORrR05Enu-vp=jnkgUFuKSttQm8swAw@mail.gmail.com> <c8d5c42e-ab21-80e8-3189-c8592dd02d3a@alum.mit.edu> <HE1PR07MB3161C55955B2FCED2C0F6A9993F60@HE1PR07MB3161.eurprd07.prod.outlook.com> <68ed93ae-57df-6bc7-774b-47959417abda@alum.mit.edu> <HE1PR07MB3161D46B4A44FC7E789ADDB893F10@HE1PR07MB3161.eurprd07.prod.outlook.com> <4a9787e5-b5e2-bc08-0fa0-fae6bd44148d@alum.mit.edu> <527F4C39-F065-4335-A939-6D443F1801E7@ericsson.com> <5bb63c0c-130d-7f69-10b0-1ed1b274cc58@alum.mit.edu> <87AD4BB8-CE77-4FD7-BB72-6643DF513058@ericsson.com> <168b1354-b35b-edee-e5f9-d4ddbecfae40@alum.mit.edu> <607A513F-8616-4777-8B5E-59390E845709@ericsson.com> <b6ca4c79-5a17-10da-3882-20bc8b0e9b98@alum.mit.edu> <5ABB2F7B-8928-4581-8AAD-C8EFDBE95F7E@edvina.net> <99649808-9894-42B4-ADD1-52D0F70A3FB3@ericsson.com> <BCFE43BD-86FF-457E-9006-1DA7C8F3F6BE@edvina.net> <C3BFE2FE-0797-4E54-BAD4-B24E32CB183F@ericsson.com> <BD0B9B14-1E35-42C4-BF51-430C7E052145@edvina.net> <C5597D63-1B58-44D0-A2CE-4170CC1BE23E@ericsson.com> <7CE54346-6558-4605-A5DB-84C539400A19@edvina.net> <1C6CBDE3-EAD4-4470-A528-8EDA7F2487D2@ericsson.com> <A5F3B221-86C3-48A8-8D2C-3C04838ABCCD@edvina.net>
In-Reply-To: <A5F3B221-86C3-48A8-8D2C-3C04838ABCCD@edvina.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1a.0.190609
authentication-results: spf=none (sender IP is ) smtp.mailfrom=christer.holmberg@ericsson.com;
x-originating-ip: [89.166.49.243]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6b58f760-1045-463a-25bc-08d705ff7109
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:HE1PR07MB1033;
x-ms-traffictypediagnostic: HE1PR07MB1033:
x-microsoft-antispam-prvs: <HE1PR07MB10333E1A3C7B0CA19B6C812C93F30@HE1PR07MB1033.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0095BCF226
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(39860400002)(366004)(396003)(346002)(136003)(189003)(199004)(305945005)(8676002)(99286004)(76176011)(66556008)(66066001)(76116006)(66446008)(66946007)(58126008)(66476007)(6486002)(64756008)(229853002)(6916009)(53936002)(6246003)(2906002)(8936002)(81166006)(81156014)(44832011)(102836004)(14454004)(476003)(4326008)(71200400001)(256004)(6436002)(316002)(68736007)(6512007)(2616005)(6506007)(25786009)(7736002)(5660300002)(11346002)(486006)(26005)(4744005)(6116002)(33656002)(186003)(86362001)(446003)(478600001)(36756003)(71190400001)(3846002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB1033; H:HE1PR07MB3161.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 7Lo01qWCkQv0u0G3vO8wcio6AzASIQZjnUzjkDFncaBgFU9dkPiwxEfpaSKOlvc7bvl2DylQPQcbr+/+7DZOZP0+0R0cvtKxTGgO/pKRB5QfiLzW3dBWibbO3PD2UNTzdynM/gydO9tL33iljHmP5a9BVWq4kY8qZT0ByXo2jJNb3tljgdqJXg9A7ANZydDDi1XAlqazZHFWV5kKHPIzurTHaA37h6kdjYDYUA+rdqkHvNgouvc9dCwPd8iFIAnRaX7yAL3jlpib8s5AFVqsvMcHMkKRhfWYnUAez1WEn5FfjraChewVc+u+oiw5/MHsfSbuOXsxWBrV69ZbloA5gKuVYGJxInVVkckXii4cz1tdfOvohqYZManjGo2NpEzpAUTb+YzSACt6rtTfe+Fb3O8FHRNv0VYcIjLLrtKJ7Ok=
Content-Type: text/plain; charset="utf-8"
Content-ID: <599FD2FD51849A4A98CA2F82EA040FA6@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6b58f760-1045-463a-25bc-08d705ff7109
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jul 2019 12:58:16.6449 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: christer.holmberg@ericsson.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB1033
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/GRQBc5-HIo9vyOj_MwfwBgCByZQ>
Subject: Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-token-authnz-02.txt
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2019 12:58:22 -0000

Hi,

    ...

    > Regardless, it is where we are and we have to find some sort of agreement on how to proceed. I would feel sad of having 
    > to support a poor document with too many compromises because of this implementation. 

    Not sure I agree with "too many compromises".

    What we are discussing is standardizing scope information in the draft. If I understand correctly, you don't need that for the basic mechanism to work - you only need it if you want to include authorization information in the token. In case of registration, if the SIP server has that information, it is not needed.

    Also, in the case of SSO, couldn't you use the token for more things than SIP? In that case I assume you don't want to scope it to SIP only.
    
    Regards,

    Christer

v2.23.0 | Report a Bug | By Email