IETF Logo Mail Archive

Re: [sipcore] New Version Notification for draft-ibc-sipcore-sip-websocket-00 (previously draft-ibc-rtcweb-sip-websocket-00)

Gilad Shaham <gilad@voxisoft.com> Fri, 02 December 2011 19:12 UTC

Return-Path: <gilad@voxisoft.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4756B11E809D for <sipcore@ietfa.amsl.com>; Fri, 2 Dec 2011 11:12:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.907
X-Spam-Level:
X-Spam-Status: No, score=-2.907 tagged_above=-999 required=5 tests=[AWL=0.069, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jQ6NGcX60tS9 for <sipcore@ietfa.amsl.com>; Fri, 2 Dec 2011 11:11:59 -0800 (PST)
Received: from mail-qw0-f44.google.com (mail-qw0-f44.google.com [209.85.216.44]) by ietfa.amsl.com (Postfix) with ESMTP id 1517211E8083 for <sipcore@ietf.org>; Fri, 2 Dec 2011 11:11:59 -0800 (PST)
Received: by qadb15 with SMTP id b15so685183qad.10 for <sipcore@ietf.org>; Fri, 02 Dec 2011 11:11:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=voxisoft.com; s=google; h=mime-version:x-originating-ip:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=NXGZmAT9b7xSAGWlYNTIZDBQdg76PQeagwnUSU+FFMg=; b=DCMAdCXnuNojDF1M3K0mRp8QvVE9tHJ0z+bpHDxzxk36UyiHvAGzXJQLyo/ocr0T/g W6S+tRLVIMB/APeG0p/h0hgUR5Wt5SsahDhPPF4OhSw+cY4naYQrTEudgQb8ztazSsxk cynKGkvz6POGMR0wmW7odF1fW+gKbd1LWlG3w=
Received: by 10.224.185.199 with SMTP id cp7mr4185205qab.68.1322853115234; Fri, 02 Dec 2011 11:11:55 -0800 (PST)
MIME-Version: 1.0
Received: by 10.229.159.198 with HTTP; Fri, 2 Dec 2011 11:11:34 -0800 (PST)
X-Originating-IP: [109.64.26.1]
In-Reply-To: <1F2A2C70609D9E41844A2126145FC0982D86143C@HKGMBOXPRD22.polycom.com>
References: <CALiegfm8Dv8kHE1xrt59vBzLzB29mOvjH6YR2m=vm=p_BtSBTw@mail.gmail.com> <CAGTXFp82jNsCUBM=j=Tq1Xc5cOr7P1Hbp9gv5MQyeVBoOS5=ng@mail.gmail.com> <5470070492D34F4EAC60E4ED91CB3841@gsmlaptop> <1F2A2C70609D9E41844A2126145FC0982D86143C@HKGMBOXPRD22.polycom.com>
From: Gilad Shaham <gilad@voxisoft.com>
Date: Fri, 02 Dec 2011 21:11:34 +0200
Message-ID: <CA+cEqjcJ1-Zw6UHV-d4+RKU6DF2xzQy88iShqTRmcrptd-Qmxw@mail.gmail.com>
To: "Avasarala, Ranjit" <Ranjit.Avasarala@polycom.com>
Content-Type: multipart/alternative; boundary="485b397dd547060ab604b320be1d"
Cc: "SIPCORE (Session Initiation Protocol Core) WG" <sipcore@ietf.org>
Subject: Re: [sipcore] New Version Notification for draft-ibc-sipcore-sip-websocket-00 (previously draft-ibc-rtcweb-sip-websocket-00)
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Dec 2011 19:12:00 -0000

wss is used to secure a single hop, it does not ensure, at least based on
existing sip routing rules, that it will remain secure for the next hops.
My point is exactly this, it should be clear wss is not enough.

On Fri, Dec 2, 2011 at 8:57 PM, Avasarala, Ranjit <
Ranjit.Avasarala@polycom.com> wrote:

> Hi Gilad
>
> Actually websockets have security option in wss:// option. Could that be
> used for ensuring security?
>
> Regards
> Ranjit
>
> -----Original Message-----
> From: sipcore-bounces@ietf.org [mailto:sipcore-bounces@ietf.org] On
> Behalf Of Gilad Shaham
> Sent: Friday, December 02, 2011 9:46 PM
> To: Victor Pascual Avila; SIPCORE (Session Initiation Protocol Core) WG
> Subject: Re: [sipcore] New Version Notification for
> draft-ibc-sipcore-sip-websocket-00 (previously
> draft-ibc-rtcweb-sip-websocket-00)
>
> Hi Victor,
>
> I followed the previous draft and read this one. I know that from the last
> draft you would like to refrain from sips issues, but I would expect it to
> be mentioned at the very least in the security section (13.1). If I'm
> reading the examples correctly they mean - use TLS for WebSocket, but from
> there forward use any transport, even unencrypted. I'm not sure everyone
> would realize that and personally, I don't see a problem sending sips to
> indicate it should be secure end-to-end as defined by RFC 5630.
>
> I'm also not so sure why the 'anonymous.invalid' strings are shown in this
> RFC for the Via and Contact headers. This usage is neither defined nor
> referenced anywhere other than the examples. If this specification doesn't
> mandate/recommend it I don't think it should be there, and if it does, it
> should be clearly defined (or reference another RFC that does).
>
> Hope it helps,
> Gilad
>
> -----Original Message-----
> From: Victor Pascual Avila
> Sent: Friday, December 02, 2011 5:33 PM
> To: SIPCORE (Session Initiation Protocol Core) WG
> Subject: Re: [sipcore] New Version Notification for
> draft-ibc-sipcore-sip-websocket-00 (previously
> draft-ibc-rtcweb-sip-websocket-00)
>
> The authors would appreciate any comments and suggestions on this new
> version.
>
> Many thanks in advance,
> -Victor
>
> On Sun, Nov 27, 2011 at 2:07 PM, Iñaki Baz Castillo <ibc@aliax.net> wrote:
> > A new version of I-D, draft-ibc-sipcore-sip-websocket-00.txt has been
> > successfully submitted by Iñaki Baz Castillo and posted to the IETF
> > repository.
> >
> > Filename:        draft-ibc-sipcore-sip-websocket
> > Revision:        00
> > Title:           The WebSocket Protocol as a Transport for the Session
> > Initiation Protocol (SIP)
> > Creation date:   2011-11-24
> > WG ID:           Individual Submission
> > Number of pages: 27
> >
> > Abstract:
> >  This document specifies a WebSocket Sub-Protocol for a new transport
> > in SIP (Session Initiation Protocol).  The WebSocket protocol enables
> > two-way realtime communication between clients and servers.
> >
> >
> > http://www.ietf.org/id/draft-ibc-sipcore-sip-websocket-00.txt
> > http://tools.ietf.org/html/draft-ibc-sipcore-sip-websocket-00
> >
> >
> > This draft is a new revision of the previously named
> > draft-ibc-rtcweb-sip-websocket-00.
> >
> > Summary of main changes in this revision:
> >
> > - WebSocket background provided.
> > - Scope not limited to web-browsers.
> > - Outbound and GRUU usage described.
> > - DNS NAPTR/SRV considerations included.
> > - Added some clarifications and bug fixing.
> >
> >
> > As usual, your comments are most appreciated.
> >
> >
> > --
> > Iñaki Baz Castillo
> > <ibc@aliax.net>
> > _______________________________________________
> > sipcore mailing list
> > sipcore@ietf.org
> > https://www.ietf.org/mailman/listinfo/sipcore
>
>
>
> --
> Victor Pascual Ávila
> _______________________________________________
> sipcore mailing list
> sipcore@ietf.org
> https://www.ietf.org/mailman/listinfo/sipcore
>
> _______________________________________________
> sipcore mailing list
> sipcore@ietf.org
> https://www.ietf.org/mailman/listinfo/sipcore
>

v2.23.0 | Report a Bug | By Email