IETF Logo Mail Archive

Re: [sipcore] Updated 4244bis and new call flow document

"DRAGE, Keith (Keith)" <keith.drage@alcatel-lucent.com> Fri, 23 July 2010 13:24 UTC

Return-Path: <keith.drage@alcatel-lucent.com>
X-Original-To: sipcore@core3.amsl.com
Delivered-To: sipcore@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B8A3A3A6807 for <sipcore@core3.amsl.com>; Fri, 23 Jul 2010 06:24:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.147
X-Spam-Level:
X-Spam-Status: No, score=-3.147 tagged_above=-999 required=5 tests=[AWL=-0.898, BAYES_00=-2.599, HELO_EQ_FR=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 03JIQMx7r1yu for <sipcore@core3.amsl.com>; Fri, 23 Jul 2010 06:24:49 -0700 (PDT)
Received: from smail6.alcatel.fr (smail6.alcatel.fr [64.208.49.42]) by core3.amsl.com (Postfix) with ESMTP id 407453A67EA for <sipcore@ietf.org>; Fri, 23 Jul 2010 06:24:48 -0700 (PDT)
Received: from FRMRSSXCHHUB04.dc-m.alcatel-lucent.com (FRMRSSXCHHUB04.dc-m.alcatel-lucent.com [135.120.45.64]) by smail6.alcatel.fr (8.14.3/8.14.3/ICT) with ESMTP id o6NDOoQo012852 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Fri, 23 Jul 2010 15:25:02 +0200
Received: from FRMRSSXCHMBSC3.dc-m.alcatel-lucent.com ([135.120.45.45]) by FRMRSSXCHHUB04.dc-m.alcatel-lucent.com ([135.120.45.64]) with mapi; Fri, 23 Jul 2010 15:24:51 +0200
From: "DRAGE, Keith (Keith)" <keith.drage@alcatel-lucent.com>
To: Paul Kyzivat <pkyzivat@cisco.com>, "R.Jesske@telekom.de" <R.Jesske@telekom.de>
Date: Fri, 23 Jul 2010 15:24:49 +0200
Thread-Topic: [sipcore] Updated 4244bis and new call flow document
Thread-Index: AcsqaKQKoBUplRvFTv+B4yK450/SgQAASTvg
Message-ID: <EDC0A1AE77C57744B664A310A0B23AE214925C62@FRMRSSXCHMBSC3.dc-m.alcatel-lucent.com>
References: <AANLkTim-f7vZ1IFS3WhVS9G8Mg1dhueN8tevLb_xDRR1@mail.gmail.com> <AANLkTilRRmWt30XOp3VKn2Xtzv71-EDUfyyUSOb0J3Bk@mail.gmail.com> <9886E5FCA6D76549A3011068483A4BD4065E732E@S4DE8PSAAQB.mitte.t-com.de> <4C49951C.8050202@cisco.com>
In-Reply-To: <4C49951C.8050202@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.64 on 155.132.188.84
Cc: "sipcore@ietf.org" <sipcore@ietf.org>
Subject: Re: [sipcore] Updated 4244bis and new call flow document
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jul 2010 13:24:50 -0000

If we are going to talk about trust domains in the document, then you will have to say what they are.

For the RFC 3325 stuff there is most of a document that talks about that. Moreover, you need to say what to "trust" the next entity to do if you do not do it.

To give some idea of what I mean. Statements like "I will give you the identity if you do not reveal it to anyone outside our area of trust" are slightly different to "I trust you to implement the privacy that I otherwise would have done so if I did not trust you".

regards

Keith

> -----Original Message-----
> From: sipcore-bounces@ietf.org 
> [mailto:sipcore-bounces@ietf.org] On Behalf Of Paul Kyzivat
> Sent: Friday, July 23, 2010 2:12 PM
> To: R.Jesske@telekom.de
> Cc: sipcore@ietf.org
> Subject: Re: [sipcore] Updated 4244bis and new call flow document
> 
> 
> 
> R.Jesske@telekom.de wrote:
> > Hi Mary,
> > With regard to your question for comments/review, I went 
> thought the draft.
> > 
> > For http://www.ietf.org/id/draft-ietf-sipcore-rfc4244bis-01.txt
> > 
> > I have the following comments: 
> > 
> > 
> > 6.3.2.  Privacy in the History-Info Header
> > 
> > ...
> > If the requestor has indicated a priv-
> >    value of "session" or "header" in the request, all History-Info
> >    entries MUST be anonymized when the request leaves a 
> domain for which
> >    the intermediary is responsible.
> > ...
> > 
> > In this section it is mentioned that the entries must be 
> anonymized when leaving the domain. I thought that if a trust 
> relationship between domains are existing and the following 
> domain secures the "privacy" then the information could be 
> forwarded and will then deleted by the succeeding domain 
> before reaching the terminating user. 
> > Some regulators are requesting to pass identities until the 
> last domain where it is possible to execute the privacy 
> regarding RFC3323. So I think this is a MAY based on domain 
> policy. And it is a MUST when the succeeding network cannot 
> guarantee the privacy.
> > 
> > Or do I misunderstand the meaning of "domain for which the 
> intermediary is responsible"
> 
> I'm not an expert on this, but ISTM that in the case you 
> describe the request is not leaving the *trust* domain.
> 
> But that does point out ambiguity in the text you quote. That 
> kind of wording "domain for which the intermediary is 
> responsible" is usually talking about *DNS* domains, not 
> *trust* domains. So maybe that should say:
> 
>   ...
>   If the requestor has indicated a priv-value of "session" or "header"
>   in the request, all History-Info entries MUST be anonymized when the
>   request leaves a *trust* domain for which the intermediary is
>   responsible.
>   ...
> 
> 	Thanks,
> 	Paul
> _______________________________________________
> sipcore mailing list
> sipcore@ietf.org
> https://www.ietf.org/mailman/listinfo/sipcore
>

v2.23.0 | Report a Bug | By Email