Re: [sipcore] Benjamin Kaduk's No Objection on draft-ietf-sipcore-locparam-05: (with COMMENT)
<R.Jesske@telekom.de> Mon, 10 February 2020 08:37 UTC
Return-Path: <R.Jesske@telekom.de>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D60A91200A3; Mon, 10 Feb 2020 00:37:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.298
X-Spam-Level:
X-Spam-Status: No, score=-4.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telekom.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gQmS_aqFFdEE; Mon, 10 Feb 2020 00:37:07 -0800 (PST)
Received: from mailout21.telekom.de (mailout21.telekom.de [194.25.225.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1BBB12008C; Mon, 10 Feb 2020 00:37:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telekom.de; i=@telekom.de; q=dns/txt; s=dtag1; t=1581323826; x=1612859826; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=sTm3ZejguY9QaPbe0CDeIK3xOjxFyRJNloja5BcMh5Q=; b=reAte70MQxhj2S0ZBM6icdHPdDD3FNYEIxyBDQ3NHXYQKEcgzVWnuPZz 31GkiHKslNE9l+ZgUS6LWHw28fndt2iSiFy0DHivzjt0evEe32RiTfDP+ Sl09mfLOcJfIKF6wk66+jGkcKV1jT4rPNaov9i0sVbZwS5jk/JUnfxm6D ATDvxHoqLhdfWbNr7oz7Ye1GxNCZh2oe3CPbhldd4cBbneyQ5Ayxs4Q8C qtAzZ7fmshLWM0spqE9FmiODyzjkos9OkQN6fs29/4HiSKB1WVDVa489U 3W7tqfdQqUgEUlpEuA+20kVmV6xYvpwIRzQ2RJoKwcWUJgJ2n71GFnEE0 Q==;
IronPort-SDR: ZDcSY7gLQ+LDpNHYkz0Rr87osJ33aWmFsikc5xhxku/ClVltzoi+WKcfDMLuP8zUONzvmzJ6/L vKhYNmEAu/cg==
Received: from qdec94.de.t-internal.com ([10.171.255.41]) by MAILOUT21.dmznet.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Feb 2020 09:37:02 +0100
IronPort-SDR: Nh0ysczshNI/zDK7Cox1PFWt9NLKkWyOZbx3LifRG0uh4S7IuJ0sPljVnflC5qIh3OTNAxo2XU whM2kmpduyPiHhREzeFdRBtggeDFdZJWI=
X-IronPort-AV: E=Sophos;i="5.70,424,1574118000"; d="scan'208";a="44440490"
X-MGA-submission: MDGOzYbV3F3baF/cIQCnfmq28J+/XWSmMaKpLmK1X8uciNHU3frmonMeoYBj1TdrlUcPUB3aOa7fMvhX3AXa5259XfcXsMQs7FtPGbadUdwnamI9SuUKTnPi894DkLBTsjjOON9QJon42aLy/Eta1EIrylQeK73XjhksrW5HdkxxsQ==
Received: from he105715.emea1.cds.t-internal.com ([10.169.118.51]) by QDEC97.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA384; 10 Feb 2020 09:37:03 +0100
Received: from HE105711.EMEA1.cds.t-internal.com (10.169.118.42) by HE105715.emea1.cds.t-internal.com (10.169.118.51) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 10 Feb 2020 09:37:02 +0100
Received: from HE104160.emea1.cds.t-internal.com (10.171.40.36) by HE105711.EMEA1.cds.t-internal.com (10.169.118.42) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Mon, 10 Feb 2020 09:37:01 +0100
Received: from GER01-FRA-obe.outbound.protection.outlook.de (51.4.80.16) by O365mail03.telekom.de (172.30.0.232) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 10 Feb 2020 09:36:59 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Jwzow/LnvtOuDMWWr3pthedrIAZgQEpH4x35qHwtQ6IS3IRRrxLgxn3JcHJrEXhLveJy6jTojyawlfF0i0bRmJ2JLj5AckYsCIUngADS+/0pUARs92UJO2DjbJ6327lKdbDy7+J1BfRUxXEp6mAHlrl7KJDiHaQL4VrjCMzRTqaENFtFR5/9vjV+zM8BaNwAbSVv9yzs8R14lFhs8Tvg1GWYqkbc6vfuiyPsGfVz8TnFyRhBkOy1MBm59Qz8LubZ6FtImxWzj03W3csESPKaGbICiVJmQet6x50hrCvcUqHx5uZJwL55qUGIstj/aMbmUX3rkn8Hjq1OYPFfhOiOhg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sTm3ZejguY9QaPbe0CDeIK3xOjxFyRJNloja5BcMh5Q=; b=Tsh82WkYe+ffk84gadpMhKvOTU1X5dWyCPtkyT1vN7JjZ4APJ5slIncL/cV9cTqCaMLDXaeGd9p+ApkV+LAZFZK+N9zIxIe9eXJ2gwHZIds3cxk2hce6WUX7xuZ+c62+ZfenhG4Y7DEZvQQWnvZelIdgUZPIu1IeV5dpZ+GGHZrjL/DVT/Ywx5JrojNto9Cd6QG15lMxu6JbbneVBhg+bkUjgrH5GxRyFGIHSvTONN+UX6tkz3Cgd6pOFmBBOSi3oqulBi+ECd9aRXLWK7eAUKScusXDBiiiNk3/Dd1PfBvRlm7f3NP5IrUsYiy1PGTEQ6uBsBa5Kwy4Y9qkONCjBA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=telekom.de; dmarc=pass action=none header.from=telekom.de; dkim=pass header.d=telekom.de; arc=none
Received: from FRXPR01MB0631.DEUPRD01.PROD.OUTLOOK.DE (10.158.154.7) by FRXPR01MB1206.DEUPRD01.PROD.OUTLOOK.DE (10.158.156.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2707.30; Mon, 10 Feb 2020 08:37:01 +0000
Received: from FRXPR01MB0631.DEUPRD01.PROD.OUTLOOK.DE ([fe80::45e6:55c:cc70:9cdf]) by FRXPR01MB0631.DEUPRD01.PROD.OUTLOOK.DE ([fe80::45e6:55c:cc70:9cdf%7]) with mapi id 15.20.2707.030; Mon, 10 Feb 2020 08:37:01 +0000
From: R.Jesske@telekom.de
To: kaduk@mit.edu, iesg@ietf.org
CC: draft-ietf-sipcore-locparam@ietf.org, mahoney@nostrum.com, sipcore-chairs@ietf.org, sipcore@ietf.org
Thread-Topic: Benjamin Kaduk's No Objection on draft-ietf-sipcore-locparam-05: (with COMMENT)
Thread-Index: AQHV2JbqWBexuf9EkkKsIPSCgdB5N6gUDu4A
Date: Mon, 10 Feb 2020 08:37:01 +0000
Message-ID: <FRXPR01MB06319E9DC5576E27EE040028F9190@FRXPR01MB0631.DEUPRD01.PROD.OUTLOOK.DE>
References: <158051706407.21179.409057876434709767.idtracker@ietfa.amsl.com>
In-Reply-To: <158051706407.21179.409057876434709767.idtracker@ietfa.amsl.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=R.Jesske@telekom.de;
x-originating-ip: [164.19.3.233]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 30b749cb-3698-48e5-1b74-08d7ae04660b
x-ms-traffictypediagnostic: FRXPR01MB1206:
x-microsoft-antispam-prvs: <FRXPR01MB1206AED731E1DBF93B905DD7F9190@FRXPR01MB1206.DEUPRD01.PROD.OUTLOOK.DE>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 03094A4065
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(346002)(366004)(396003)(136003)(376002)(189003)(199004)(7696005)(81166006)(5660300002)(9686003)(966005)(66574012)(81156014)(86362001)(54906003)(8676002)(76116006)(26005)(8936002)(186003)(66946007)(110136005)(66446008)(64756008)(66476007)(66556008)(55016002)(2906002)(508600001)(71200400001)(33656002)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:FRXPR01MB1206; H:FRXPR01MB0631.DEUPRD01.PROD.OUTLOOK.DE; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: telekom.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: iLr6J/JSzFHHzbl8DuqR2GzXhl7W/HoJf9uTLRJAcOWErYvrpRJvTR9eEj7U7LchcV26PP3mF/HNZqhqVIQugDl4cDAFvb+TdTSRbKIq8oxuK0UFrYiei7l+cQSNzLk5L1PtYE2KzhokjCG4Fal4bjD9eJMdt8bKxaw7LHL8M3KfMNAAC1vK49u/P1yOCDOGSbGJZw84SSOGg3/H/5d4mCDzph7MVY/tuBMFwyD5iSLJiXcra4Pgmx7P7MH4mbnvqtkidRyk1nZMM8IASh+tyBfVGTufXMwF38uif+Fg40GbcSKsklOE2VWMWkXFKX7HLsy3ARvENRNOc5pgnDA3XuxkdKthMK+no+VLl69aWmFvn/oHL21DDuSBFbvFrQWqqGeX/+q/iyhh1jD4gasj6rjpkS/ePTSHl1f5Vlg+SobaCUJgQwj18dRabRvYygaoHFyi5d+xkndftOi8o4QZdpQgXf5nXn2w1WVHKnpsUn9CpwFfGeqGBBNTsY+78MadZjQk6Y9u1tS+tY8e7BOFfQ==
x-ms-exchange-antispam-messagedata: 6BB7t83p/yMfjxvPUBsRRoZHKJmxOEGdu03MdM2s3yv9mv5Nzf30YTWq0KMXDSe2ZOxIliM9hodTH1VeSG1q+w3MmGMCXYKHS6JTgAYqO/wAJ9Q7m21p8Hk8cwcYtgVGrxspXzzO2Ty4rfIcvjJBXg==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 30b749cb-3698-48e5-1b74-08d7ae04660b
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Feb 2020 08:37:01.0241 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bde4dffc-4b60-4cf6-8b04-a5eeb25f5c4f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: fQNIDI77U5SEJXJ/a6t5bzVsTEN9ut5EFMzQljhahlgBJBtzvkKogUJR+RNlKe8E8rMxaylELQR3VZV9mDF1iA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRXPR01MB1206
X-TM-SNTS-SMTP: 1405FE8E67C2BDB810B8AC91025988B02E7E9FFF0A1826D29A73BAF61FB8418A2000:8
X-OriginatorOrg: telekom.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/H2InXpdsqG_krr2-ug9DBHeXb5I>
Subject: Re: [sipcore] Benjamin Kaduk's No Objection on draft-ietf-sipcore-locparam-05: (with COMMENT)
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Feb 2020 08:37:10 -0000
Hi, Thank you for your comments. I have incorporated your proposals as below mentioned. Best Regards Roland -----Ursprüngliche Nachricht----- Von: Benjamin Kaduk via Datatracker <noreply@ietf.org> Gesendet: Samstag, 1. Februar 2020 01:31 An: The IESG <iesg@ietf.org> Cc: draft-ietf-sipcore-locparam@ietf.org; Jean Mahoney <mahoney@nostrum.com>; sipcore-chairs@ietf.org; mahoney@nostrum.com; sipcore@ietf.org Betreff: Benjamin Kaduk's No Objection on draft-ietf-sipcore-locparam-05: (with COMMENT) Benjamin Kaduk has entered the following ballot position for draft-ietf-sipcore-locparam-05: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-sipcore-locparam/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for this easy-to-read document! I do have a few comments, including places where we could improve the internal consistency of our recommendations and requirements. Section 3 The primary intent of the "loc-src" parameter in this specification is for use in emergency calling. There are various architectures defined for providing emergency calling using SIP-based messaging. It's a little interesting to see this listed as the "primary intent" to the implied exclusion of the other uses of location envisoned by RFC 6442. Would those other uses for location information not also be interested in the origin of a given piece of location information? [RJ] It is difficult to reference the various architectures for emergency since each country, based on national regulation rules, may have it's own architecture. The framework used in Europe is based on the below mentioned [M493]. The "loc-src" parameter is not included in a SIP message sent to another network if there is no trust relationship. The "loc-src" parameter is not applicable if the administrative domain manages emergency calls in a way that does not require any generation of the location. This statement seems to provide stronger constraints (e.g., be in conflict with) the previous quote about "primary intent", and corresponds more to "sole intent" than "primary intent". [RJ] The architecture ETSI [M493] does define the rules what to do if there trust relationship and there is no trust relationship between operators. I.e. not sending the "loc-src" on a non trusted relationship. These are the rules set also by national regulation. The functional architecture described within ETSI [M493] is an example of an architecture where it makes sense to use this parameter. nit: I expect that there are many architectures specified by ETSI, so additional qualifiers (e.g., "telephony" or "emergency telephony") might be appropriate. [RJ] The name of Reference [M493] is " Functional architecture to support European requirements on emergency caller location determination and transport". So I can change the sentence to: The functional architecture to support emergency caller location described within ETSI [M493] is an example of an architecture where it makes sense to use this parameter. Section 6 This document doesn't change any of the privacy considerations described in [RFC6442]. While the addition of the "loc-src" parameter identifies the entity that added the location in the signaling path, this addition provides little more exposure than adding a proxy identity to the Record-Route header field. Are the privacy considerations of adding a proxy identity to the Record-Route header field documented somewhere we could reference? [RJ] RFC3323 is describing the privacy principles in general also mentioning the rules for Record-Route. I have added the following to the text: this addition provides little more exposure than adding a proxy identity to the Record-Route header field (privacy defined in RFC3323). Section 7 This document introduces the ability of a SIP intermediary to insert a host name indicating that they added the specific locationValue to the Geolocation header field. The intent is for this field to be used by the location recipient in the event that the SIP message contains multiple locationValues. As a consequence this parameter should only be used by the location recipient in a trusted network. I see that essentially the same sentiment is already included in the following paragraph, but I might consider noting here that "adding this parameter in an untrusted network serves solely to give location information to untrusted parties, and is disrecommended" out of some sense of parallelism. But that' purely stylistic, so do what sounds best to you! [RJ] This is OK for me. I have the following text: Adding this parameter in an untrusted network serves solely to give location information to untrusted parties, and is NOT RECOMMENDED. As already stated in [RFC6442], securing the location hop-by-hop, using TLS, protects the message from eavesdropping and modification in transit, but exposes the information to all SIP intermediaries on Hmm, though RFC 6442 does not seem to require use of TLS (or equivalent). It would be reasonable to include a brief discussion of the risks incurred by not using TLS, though I don't insist on it. [RJ] RFC6442 discusses a little bit more about TLS. Since RFC6442 is the basis used and extended by this document, I don't wanted to copy and paste all of RC6442. the path as well as the endpoint. The "loc-src" parameter is applicable within a single private administrative domain or between different administrative domains where there is a trust relationship between the domains. If such trust domain is not given, it is strongly recommended to delete the location information. nit: I'm not sure if "If such trust domain is not given" parses properly; is there a missing word or two? [RJ] Yes Would be better to rephrase. I have changed it to: If such trust relationship is not given, it is strongly recommended to delete the location information. multiple locations. To avoid problems with misinterpretation of the "loc-src" parameter, the value may be removed when passed to another domain. I think we already made a suggestion stronger than "may" to do so. [RJ] I have changed it to "should". OK?
- [sipcore] Benjamin Kaduk's No Objection on draft-… Benjamin Kaduk via Datatracker
- Re: [sipcore] Benjamin Kaduk's No Objection on dr… R.Jesske