Re: [sipcore] No WebSocket level authentication scenario [was RE: I-D Action: draft-ietf-sipcore-sip-websocket-09.txt]
Iñaki Baz Castillo <ibc@aliax.net> Tue, 18 June 2013 22:05 UTC
Return-Path: <ibc@aliax.net>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 411B221E80D8 for <sipcore@ietfa.amsl.com>; Tue, 18 Jun 2013 15:05:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.654
X-Spam-Level:
X-Spam-Status: No, score=-2.654 tagged_above=-999 required=5 tests=[AWL=0.023, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m452XgTat4uU for <sipcore@ietfa.amsl.com>; Tue, 18 Jun 2013 15:05:21 -0700 (PDT)
Received: from mail-qe0-f52.google.com (mail-qe0-f52.google.com [209.85.128.52]) by ietfa.amsl.com (Postfix) with ESMTP id 821BA21E80C8 for <sipcore@ietf.org>; Tue, 18 Jun 2013 15:05:19 -0700 (PDT)
Received: by mail-qe0-f52.google.com with SMTP id i11so2797933qej.39 for <sipcore@ietf.org>; Tue, 18 Jun 2013 15:05:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=uK0VWhVGVzZSXQcK6JjA3s8s7bIjzRw73ccn+NWKwH0=; b=IUJC+c1g+bTqWIGsQPaexLJf2XUvNTv7INpOc0r5+h8nJ15A1uA5gUVv9RMFVOfIHt QehpUU/G6cCHLY5mXMiMHSr2G2fl1ctvDu7tk/Af0aBtknjWV72fB3xB3z8sNZ5TY2g8 ganMmajr1KL5xtr9l1O+lsrXaFTrbeE7YonTiP2ggqeD6iMqurvp6k4D5IaRlxZLFvwh OafygEr07hQNryWxvl6a/T+xWK7PbO2q7xcrvZgK+3JdML/N2Y7elrtvXtjZmNDfbXvX 1kP3LI0AU4uw6ep0vYerewRh3mdQusH/Av2577CxoL4RBBlMP776xSgl/0JPB2vP2b6l cI5g==
X-Received: by 10.49.109.72 with SMTP id hq8mr30471858qeb.38.1371593113333; Tue, 18 Jun 2013 15:05:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.49.67.65 with HTTP; Tue, 18 Jun 2013 15:04:53 -0700 (PDT)
In-Reply-To: <013c01ce6c4e$29e33c90$7da9b5b0$@co.in>
References: <20130613011708.18316.28106.idtracker@ietfa.amsl.com> <CALiegfkg-KU1bB01eLXuksZV1ehBY92uf+0+F3fQuha-WnOS1A@mail.gmail.com> <013c01ce6c4e$29e33c90$7da9b5b0$@co.in>
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Wed, 19 Jun 2013 00:04:53 +0200
Message-ID: <CALiegfnQ8=R1PRbHwPSDjJ=jH+bBeiNqjU12yr8KmJvHWQg1Mg@mail.gmail.com>
To: Parthasarathi R <partha@parthasarathi.co.in>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQncYl76Ii/WHjZvXGTowF46N8GSoZPDmJa2zwoqDrSx5RC5c4LmqZyZjoJq59D+CKRqOQdq
Cc: "SIPCORE (Session Initiation Protocol Core) WG" <sipcore@ietf.org>
Subject: Re: [sipcore] No WebSocket level authentication scenario [was RE: I-D Action: draft-ietf-sipcore-sip-websocket-09.txt]
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2013 22:05:25 -0000
Right. I will modify it. Anyhow, I don't know if more changes are required in that "Authentication" section (due to pending issues in another mail thread). Thanks a lot. 2013/6/18 Parthasarathi R <partha@parthasarathi.co.in>: > Hi Inaki & all, > > IIUC, The below text in Sec 7 of the draft: > > "If no authentication is done at WebSocket level then SIP Digest > authentication is required for every SIP request coming over the > WebSocket connection." > > has to be changed as Normative statement as follows: > > "If no authentication is done at WebSocket level then SIP Digest > authentication MUST be done for every SIP request coming over the > WebSocket connection." > > Please let me know in case I'm missing something. > > Thanks > Partha > >> -----Original Message----- >> From: sipcore-bounces@ietf.org [mailto:sipcore-bounces@ietf.org] On >> Behalf Of Iñaki Baz Castillo >> Sent: Thursday, June 13, 2013 6:53 AM >> To: SIPCORE (Session Initiation Protocol Core) WG >> Subject: Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-websocket- >> 09.txt >> >> Hi all, >> >> This new revision addresses all the issues reported in the WG since >> previous 08 revision. The changelog in revision 09 is the following: >> >> >> - Improved section "Handshake" (under "The WebSocket SIP >> Sub-Protocol") by mentioning the error handling when establishing a >> WebSocket connection (thanks to Suresh Krishnan). >> >> - Mention to RFC 4168 (SIP SCTP) removed from the "SIP URI Transport >> Parameter" section (reported by Suresh Krishnan). >> >> - "SIP Transport Implementation Requirements" section clarified by >> removing the "MAY" keyword (reported by Suresh Krishnan), and text >> from RFC 3261 section 18 amended (thanks to Barry Leiba). >> >> - Text about certificate validation in secure WebSocket clarified in >> section "Secure WebSocket Connection" within "Security Considerations" >> (thanks to Richard Barnes). >> >> - Section "Authentication" made normative and text about SIP/Web >> authentication requirement improved. >> >> - New appendix "Authentication Use Cases". >> >> >> Really thanks a lot for your help and comments. >> >> >> >> >> 2013/6/13 <internet-drafts@ietf.org>: >> > >> > A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> > This draft is a work item of the Session Initiation Protocol Core >> Working Group of the IETF. >> > >> > Title : The WebSocket Protocol as a Transport for >> the Session Initiation Protocol (SIP) >> > Author(s) : Inaki Baz Castillo >> > Jose Luis Millan Villegas >> > Victor Pascual >> > Filename : draft-ietf-sipcore-sip-websocket-09.txt >> > Pages : 25 >> > Date : 2013-06-12 >> > >> > Abstract: >> > The WebSocket protocol enables two-way realtime communication >> between >> > clients and servers in web-based applications. This document >> > specifies a WebSocket sub-protocol as a reliable transport >> mechanism >> > between SIP (Session Initiation Protocol) entities to enable usage >> of >> > SIP in web-oriented deployments. This document normatively >> updates >> > RFC 3261. >> > >> > >> > The IETF datatracker status page for this draft is: >> > https://datatracker.ietf.org/doc/draft-ietf-sipcore-sip-websocket >> > >> > There's also a htmlized version available at: >> > http://tools.ietf.org/html/draft-ietf-sipcore-sip-websocket-09 >> > >> > A diff from the previous version is available at: >> > http://www.ietf.org/rfcdiff?url2=draft-ietf-sipcore-sip-websocket-09 >> > >> > >> > Internet-Drafts are also available by anonymous FTP at: >> > ftp://ftp.ietf.org/internet-drafts/ >> > >> > _______________________________________________ >> > sipcore mailing list >> > sipcore@ietf.org >> > https://www.ietf.org/mailman/listinfo/sipcore >> >> >> >> -- >> Iñaki Baz Castillo >> <ibc@aliax.net> >> _______________________________________________ >> sipcore mailing list >> sipcore@ietf.org >> https://www.ietf.org/mailman/listinfo/sipcore > -- Iñaki Baz Castillo <ibc@aliax.net>
- [sipcore] I-D Action: draft-ietf-sipcore-sip-webs… internet-drafts
- Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-… Iñaki Baz Castillo
- [sipcore] No WebSocket level authentication scena… Parthasarathi R
- Re: [sipcore] No WebSocket level authentication s… Iñaki Baz Castillo
- Re: [sipcore] No WebSocket level authentication s… Saúl Ibarra Corretgé
- Re: [sipcore] No WebSocket level authentication s… Iñaki Baz Castillo
- Re: [sipcore] No WebSocket level authentication s… DRAGE, Keith (Keith)
- Re: [sipcore] No WebSocket level authentication s… Iñaki Baz Castillo
- Re: [sipcore] No WebSocket level authentication s… Paul Kyzivat
- Re: [sipcore] No WebSocket level authentication s… Parthasarathi R
- Re: [sipcore] No WebSocket level authentication s… Paul Kyzivat