IETF Logo Mail Archive

Re: [sipcore] No WebSocket level authentication scenario [was RE: I-D Action: draft-ietf-sipcore-sip-websocket-09.txt]

Iñaki Baz Castillo <ibc@aliax.net> Tue, 18 June 2013 22:05 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 411B221E80D8 for <sipcore@ietfa.amsl.com>; Tue, 18 Jun 2013 15:05:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.654
X-Spam-Level:
X-Spam-Status: No, score=-2.654 tagged_above=-999 required=5 tests=[AWL=0.023, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m452XgTat4uU for <sipcore@ietfa.amsl.com>; Tue, 18 Jun 2013 15:05:21 -0700 (PDT)
Received: from mail-qe0-f52.google.com (mail-qe0-f52.google.com [209.85.128.52]) by ietfa.amsl.com (Postfix) with ESMTP id 821BA21E80C8 for <sipcore@ietf.org>; Tue, 18 Jun 2013 15:05:19 -0700 (PDT)
Received: by mail-qe0-f52.google.com with SMTP id i11so2797933qej.39 for <sipcore@ietf.org>; Tue, 18 Jun 2013 15:05:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=uK0VWhVGVzZSXQcK6JjA3s8s7bIjzRw73ccn+NWKwH0=; b=IUJC+c1g+bTqWIGsQPaexLJf2XUvNTv7INpOc0r5+h8nJ15A1uA5gUVv9RMFVOfIHt QehpUU/G6cCHLY5mXMiMHSr2G2fl1ctvDu7tk/Af0aBtknjWV72fB3xB3z8sNZ5TY2g8 ganMmajr1KL5xtr9l1O+lsrXaFTrbeE7YonTiP2ggqeD6iMqurvp6k4D5IaRlxZLFvwh OafygEr07hQNryWxvl6a/T+xWK7PbO2q7xcrvZgK+3JdML/N2Y7elrtvXtjZmNDfbXvX 1kP3LI0AU4uw6ep0vYerewRh3mdQusH/Av2577CxoL4RBBlMP776xSgl/0JPB2vP2b6l cI5g==
X-Received: by 10.49.109.72 with SMTP id hq8mr30471858qeb.38.1371593113333; Tue, 18 Jun 2013 15:05:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.49.67.65 with HTTP; Tue, 18 Jun 2013 15:04:53 -0700 (PDT)
In-Reply-To: <013c01ce6c4e$29e33c90$7da9b5b0$@co.in>
References: <20130613011708.18316.28106.idtracker@ietfa.amsl.com> <CALiegfkg-KU1bB01eLXuksZV1ehBY92uf+0+F3fQuha-WnOS1A@mail.gmail.com> <013c01ce6c4e$29e33c90$7da9b5b0$@co.in>
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Wed, 19 Jun 2013 00:04:53 +0200
Message-ID: <CALiegfnQ8=R1PRbHwPSDjJ=jH+bBeiNqjU12yr8KmJvHWQg1Mg@mail.gmail.com>
To: Parthasarathi R <partha@parthasarathi.co.in>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQncYl76Ii/WHjZvXGTowF46N8GSoZPDmJa2zwoqDrSx5RC5c4LmqZyZjoJq59D+CKRqOQdq
Cc: "SIPCORE (Session Initiation Protocol Core) WG" <sipcore@ietf.org>
Subject: Re: [sipcore] No WebSocket level authentication scenario [was RE: I-D Action: draft-ietf-sipcore-sip-websocket-09.txt]
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2013 22:05:25 -0000

Right. I will modify it. Anyhow, I don't know if more changes are
required in that "Authentication" section (due to pending issues in
another mail thread).

Thanks a lot.

2013/6/18 Parthasarathi R <partha@parthasarathi.co.in>:
> Hi Inaki & all,
>
> IIUC, The below text in Sec 7 of the draft:
>
> "If no authentication is done at WebSocket level then SIP Digest
>    authentication is required for every SIP request coming over the
>    WebSocket connection."
>
> has to be changed as Normative statement as follows:
>
> "If no authentication is done at WebSocket level then SIP Digest
>    authentication MUST be done for every SIP request coming over the
>    WebSocket connection."
>
> Please let me know in case I'm missing something.
>
> Thanks
> Partha
>
>> -----Original Message-----
>> From: sipcore-bounces@ietf.org [mailto:sipcore-bounces@ietf.org] On
>> Behalf Of Iñaki Baz Castillo
>> Sent: Thursday, June 13, 2013 6:53 AM
>> To: SIPCORE (Session Initiation Protocol Core) WG
>> Subject: Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-websocket-
>> 09.txt
>>
>> Hi all,
>>
>> This new revision addresses all the issues reported in the WG since
>> previous 08 revision. The changelog in revision 09 is the following:
>>
>>
>> - Improved section "Handshake" (under "The WebSocket SIP
>> Sub-Protocol") by mentioning the error handling when establishing a
>> WebSocket connection (thanks to Suresh Krishnan).
>>
>> - Mention to RFC 4168 (SIP SCTP) removed from the "SIP URI Transport
>> Parameter" section (reported by Suresh Krishnan).
>>
>> - "SIP Transport Implementation Requirements" section clarified by
>> removing the "MAY" keyword (reported by Suresh Krishnan), and text
>> from RFC 3261 section 18 amended (thanks to Barry Leiba).
>>
>> - Text about certificate validation in secure WebSocket clarified in
>> section "Secure WebSocket Connection" within "Security Considerations"
>> (thanks to  Richard Barnes).
>>
>> - Section "Authentication" made normative and text about SIP/Web
>> authentication requirement improved.
>>
>> - New appendix "Authentication Use Cases".
>>
>>
>> Really thanks a lot for your help and comments.
>>
>>
>>
>>
>> 2013/6/13  <internet-drafts@ietf.org>:
>> >
>> > A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> >  This draft is a work item of the Session Initiation Protocol Core
>> Working Group of the IETF.
>> >
>> >         Title           : The WebSocket Protocol as a Transport for
>> the Session Initiation Protocol (SIP)
>> >         Author(s)       : Inaki Baz Castillo
>> >                           Jose Luis Millan Villegas
>> >                           Victor Pascual
>> >         Filename        : draft-ietf-sipcore-sip-websocket-09.txt
>> >         Pages           : 25
>> >         Date            : 2013-06-12
>> >
>> > Abstract:
>> >    The WebSocket protocol enables two-way realtime communication
>> between
>> >    clients and servers in web-based applications.  This document
>> >    specifies a WebSocket sub-protocol as a reliable transport
>> mechanism
>> >    between SIP (Session Initiation Protocol) entities to enable usage
>> of
>> >    SIP in web-oriented deployments.  This document normatively
>> updates
>> >    RFC 3261.
>> >
>> >
>> > The IETF datatracker status page for this draft is:
>> > https://datatracker.ietf.org/doc/draft-ietf-sipcore-sip-websocket
>> >
>> > There's also a htmlized version available at:
>> > http://tools.ietf.org/html/draft-ietf-sipcore-sip-websocket-09
>> >
>> > A diff from the previous version is available at:
>> > http://www.ietf.org/rfcdiff?url2=draft-ietf-sipcore-sip-websocket-09
>> >
>> >
>> > Internet-Drafts are also available by anonymous FTP at:
>> > ftp://ftp.ietf.org/internet-drafts/
>> >
>> > _______________________________________________
>> > sipcore mailing list
>> > sipcore@ietf.org
>> > https://www.ietf.org/mailman/listinfo/sipcore
>>
>>
>>
>> --
>> Iñaki Baz Castillo
>> <ibc@aliax.net>
>> _______________________________________________
>> sipcore mailing list
>> sipcore@ietf.org
>> https://www.ietf.org/mailman/listinfo/sipcore
>



-- 
Iñaki Baz Castillo
<ibc@aliax.net>

v2.23.0 | Report a Bug | By Email