Re: [sipcore] Draft new: draft-holmberg-sipcore-auth-id-00
Christer Holmberg <christer.holmberg@ericsson.com> Tue, 28 October 2014 15:58 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF1C81A8F41 for <sipcore@ietfa.amsl.com>; Tue, 28 Oct 2014 08:58:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4LFrlVOzm9vd for <sipcore@ietfa.amsl.com>; Tue, 28 Oct 2014 08:58:21 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57A461A8BC4 for <sipcore@ietf.org>; Tue, 28 Oct 2014 08:57:52 -0700 (PDT)
X-AuditID: c1b4fb3a-f79596d000001123-01-544fbcfe9776
Received: from ESESSHC013.ericsson.se (Unknown_Domain [153.88.253.124]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id 07.48.04387.EFCBF445; Tue, 28 Oct 2014 16:57:50 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.163]) by ESESSHC013.ericsson.se ([153.88.183.57]) with mapi id 14.03.0174.001; Tue, 28 Oct 2014 16:57:50 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: "Dale R. Worley" <worley@ariadne.com>
Thread-Topic: [sipcore] Draft new: draft-holmberg-sipcore-auth-id-00
Thread-Index: Ac/x0Q7ntDA1xteHSdGOS23Vmv2yqgAWhenxABdeweAADoG8kwAA+RFA
Date: Tue, 28 Oct 2014 15:57:49 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D4D1148@ESESSMB209.ericsson.se>
References: <7594FB04B1934943A5C02806D1A2204B1D4CC977@ESESSMB209.ericsson.se> <201410272115.s9RLFV0j004631@hobgoblin.ariadne.com> <7594FB04B1934943A5C02806D1A2204B1D4CF47D@ESESSMB209.ericsson.se> <201410281520.s9SFK2gC007233@hobgoblin.ariadne.com>
In-Reply-To: <201410281520.s9SFK2gC007233@hobgoblin.ariadne.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.154]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrFLMWRmVeSWpSXmKPExsUyM+Jvje6/Pf4hBrcnq1h8/bGJzeLliTIH Jo/J+78yeyxZ8pMpgCmKyyYlNSezLLVI3y6BK+PdkjdMBb0iFSdfH2VpYFwk0MXIySEhYCLx oOMpO4QtJnHh3nq2LkYuDiGBI4wSFya+ZoZwljBKvHn8BCjDwcEmYCHR/U8bxBQR0JToWJAD 0ssMZD7auZcJxBYWcJbomjkBbKaIgIvEtZk/mSFsN4nZJ5+BTWERUJWY8DodJMwr4Cvxe+Y6 qE1/GSUm9nUwgtRwCjhIbNvECFLDCHTa91NrmCBWiUvcejKfCeJkAYkle84zQ9iiEi8f/2OF sJUkFt3+DFWvI7Fg9yc2CFtbYtnC18wQewUlTs58wjKBUWwWkrGzkLTMQtIyC0nLAkaWVYyi xanFxbnpRkZ6qUWZycXF+Xl6eaklmxiBkXNwy2+rHYwHnzseYhTgYFTi4d3A5h8ixJpYVlyZ e4hRmoNFSZx34bl5wUIC6YklqdmpqQWpRfFFpTmpxYcYmTg4pRoYm7U/ldQY5vrlKMXVcH7o CC7rvTS7OPBNp3m2lv6DOVK62vkPSjff/VKwOy/4z42Z7jN0M5b+ddqg3avlcWNy0JyHac+f PnQ/Oa/Z9/yj/GbuV19Cu7gquvx/3Lg8q5ZjdnSs4usK5ql7MmpMtwXuDeSPvmy7Qc3my1nG QxPPCk/a/7z6nVeOEktxRqKhFnNRcSIA71qfUH0CAAA=
Archived-At: http://mailarchive.ietf.org/arch/msg/sipcore/I0oCCUl562j5e4w2V0Tfje2Cawo
Cc: "sipcore@ietf.org" <sipcore@ietf.org>
Subject: Re: [sipcore] Draft new: draft-holmberg-sipcore-auth-id-00
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Oct 2014 15:58:22 -0000
Hi, >>>> The draft defines a new Authorization header field parameter, which >>>> can carry a string value identifying an authorization server, based >>>> on a requirement from 3GPP (the mechanism is general, though). >>> >>> The text says that the "authorization-entity" parameter carries "a >>> string value which represents the identity of an authorization >>> server". You might want to expand on that. I'm guessing it means >>> that any entity that wants to verify the authorization of the >>> REGISTER request should present the request contents to the >>> specified authorization server. >> >> I am not sure I understand what you mean by "present the request >> contents to the specified authorization server". The identity is >> obtained from the authorization server (or, the eP-CSCF knows it by >> configuration). The identity is then provided to the S-CSCF (SIP >> registrar), which can use the information for policy decisions. > > The general idea is this: Suppose the reader has no idea how IMS does things. Within the SIP authorization > model(s) presented in the RFCs, what is the function of "authorization-entity"? The function is to provide the authorization server identity to the S-CSCF (registrar). The S-CSCF MAY use that information when authorizing a user. For example, it can check whether the authorization server is authorized to provide IMS credentials to the user. 3GPP does not mandate the usage of the information, and does not specify the policy procedures how it's used. 3GPP only requires the information to be conveyed to the S-CSCF. > I assume that you intend to extend the set of SIP authorization models; it's necessary to describe, at least in outline, what the new authorization model is and how > "authorization-entity" is used in it so people can tell whether they want to use it in their SIP implementations and how they would do so. The way the IMS core authorizes users as such is not changed. The information is there so that IMS can use the information to check whether the authorization server is used, but that authorization server may serve multiple users. > As this draft is currently written, it seems to be "IMS needs this, so we'll write that down and call it an RFC". It needs considerable clarification. As always, we need to decide whether there is any interest for this outside 3GPP. But, I am happy to provide more information/clarification. Regards, Christer
- [sipcore] Draft new: draft-holmberg-sipcore-auth-… Christer Holmberg
- Re: [sipcore] Draft new: draft-holmberg-sipcore-a… Dale R. Worley
- Re: [sipcore] Draft new: draft-holmberg-sipcore-a… Christer Holmberg
- Re: [sipcore] Draft new: draft-holmberg-sipcore-a… Dale R. Worley
- Re: [sipcore] Draft new: draft-holmberg-sipcore-a… Christer Holmberg
- Re: [sipcore] Draft new: draft-holmberg-sipcore-a… Dale R. Worley