IETF Logo Mail Archive

Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-token-authnz-02.txt

Paul Kyzivat <pkyzivat@alum.mit.edu> Thu, 11 July 2019 14:17 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9785112016D for <sipcore@ietfa.amsl.com>; Thu, 11 Jul 2019 07:17:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nzEIqY1_Tr4x for <sipcore@ietfa.amsl.com>; Thu, 11 Jul 2019 07:17:31 -0700 (PDT)
Received: from outgoing-alum.mit.edu (outgoing-alum.mit.edu [18.7.68.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D47F120162 for <sipcore@ietf.org>; Thu, 11 Jul 2019 07:16:50 -0700 (PDT)
Received: from PaulKyzivatsMBP.localdomain (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id x6BEGjjq028460 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 11 Jul 2019 10:16:46 -0400
To: Christer Holmberg <christer.holmberg@ericsson.com>, "sipcore@ietf.org" <sipcore@ietf.org>
References: <156249821133.14592.1211919336596009446@ietfa.amsl.com> <HE1PR07MB3161D46B4A44FC7E789ADDB893F10@HE1PR07MB3161.eurprd07.prod.outlook.com> <4a9787e5-b5e2-bc08-0fa0-fae6bd44148d@alum.mit.edu> <527F4C39-F065-4335-A939-6D443F1801E7@ericsson.com> <5bb63c0c-130d-7f69-10b0-1ed1b274cc58@alum.mit.edu> <87AD4BB8-CE77-4FD7-BB72-6643DF513058@ericsson.com> <168b1354-b35b-edee-e5f9-d4ddbecfae40@alum.mit.edu> <607A513F-8616-4777-8B5E-59390E845709@ericsson.com> <b6ca4c79-5a17-10da-3882-20bc8b0e9b98@alum.mit.edu> <5ABB2F7B-8928-4581-8AAD-C8EFDBE95F7E@edvina.net> <99649808-9894-42B4-ADD1-52D0F70A3FB3@ericsson.com> <BCFE43BD-86FF-457E-9006-1DA7C8F3F6BE@edvina.net> <C3BFE2FE-0797-4E54-BAD4-B24E32CB183F@ericsson.com> <BD0B9B14-1E35-42C4-BF51-430C7E052145@edvina.net> <C5597D63-1B58-44D0-A2CE-4170CC1BE23E@ericsson.com> <7CE54346-6558-4605-A5DB-84C539400A19@edvina.net> <56f4ed60-15b7-5bbe-63a5-10f447ae9094@alum.mit.edu> <178C3837-A525-4DF9-91D6-9659966D55C5@ericsson.com>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <a5166c4d-67e6-e23b-f810-af53c1532ee5@alum.mit.edu>
Date: Thu, 11 Jul 2019 10:16:45 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:60.0) Gecko/20100101 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <178C3837-A525-4DF9-91D6-9659966D55C5@ericsson.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/Nx9QKtoLEe8wTXrW4ixngCX-s6E>
Subject: Re: [sipcore] I-D Action: draft-ietf-sipcore-sip-token-authnz-02.txt
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2019 14:17:34 -0000

On 7/11/19 9:56 AM, Christer Holmberg wrote:
> Hi,
> 
>>     This discussion is wandering in many directions. I don't know very much
>>     (anything?) about OAuth so it is pretty abstract for me. But what is
>>     becoming clear is that the people discussing this have *many* unstated
>>     assumptions about how this is to work and how it is to be used. And
>>     those don't appear to be well aligned with one another.
>>     
>>     I've been pushing for more of these assumptions (and implications) to be
>>     written down in the document. I still want that. But I'm beginning to
>>     think that the issue is bigger than what is likely to fit into this
>>     document as it is currently conceived.
>>     
>>     I think what may be needed is a framework document. (Perhaps "Framework
>>     for using OAuth(2?) with SIP", though maybe that isn't quite right. This
>>     would discuss why this is important, how it relates to the sip
>>     environment, how it fits into a broader authentication environment, etc.
>    
> Let's try to document and clarify everything we need in this document.
> 
> The draft tries to map the OAuth architecture to the SIP architecture. If something is unclear we should of course clarify it.

Sure, go ahead and try.

You keep answering my questions as replies to this email thread. But 
what is needed is for them to be answered in the document.

	Thanks,
	Paul

v2.23.0 | Report a Bug | By Email