Re: [sipcore] Adam Roach's No Objection on draft-ietf-sipcore-sip-push-26: (with COMMENT)
Christer Holmberg <christer.holmberg@ericsson.com> Fri, 01 March 2019 21:56 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4106B128766 for <sipcore@ietfa.amsl.com>; Fri, 1 Mar 2019 13:56:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.291
X-Spam-Level:
X-Spam-Status: No, score=-4.291 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=FWAmASFh; dkim=pass (1024-bit key) header.d=ericsson.com header.b=CzN9RH6l
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9pi9p74pYZei for <sipcore@ietfa.amsl.com>; Fri, 1 Mar 2019 13:56:06 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86679130EBF for <sipcore@ietf.org>; Fri, 1 Mar 2019 13:56:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed; q=dns/txt; i=@ericsson.com; t=1551477363; x=1554069363; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=tdaXdlNNjiZOurioRIxQ7zFdXhmk2JH73L8E6mB+uwM=; b=FWAmASFh/vuaqw9tqxHZFbIrMVuWQKfoOILvvqyBUfRd8ozFqesmMZWAY6tCmB+/ 5duyfuo5ged/OGLgrFl4OYYaeCrpu8UY6iPiUjt4Nds/BXtHrLBOGpwJRH4VcWTF YN3Us7Atp3WWo3X3Nk60lDuRs6MDo2gNqtF7TdA1hiY=;
X-AuditID: c1b4fb2d-db5ff7000000062f-1f-5c79aa736ea6
Received: from ESESBMB502.ericsson.se (Unknown_Domain [153.88.183.115]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 83.41.01583.37AA97C5; Fri, 1 Mar 2019 22:56:03 +0100 (CET)
Received: from ESESBMR502.ericsson.se (153.88.183.134) by ESESBMB502.ericsson.se (153.88.183.185) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Fri, 1 Mar 2019 22:56:03 +0100
Received: from ESESBMB504.ericsson.se (153.88.183.171) by ESESBMR502.ericsson.se (153.88.183.134) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Fri, 1 Mar 2019 22:56:03 +0100
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB504.ericsson.se (153.88.183.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Fri, 1 Mar 2019 22:56:02 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tdaXdlNNjiZOurioRIxQ7zFdXhmk2JH73L8E6mB+uwM=; b=CzN9RH6lMcXyNIV7hfnGP1yYYR3XCMlKrEXw7oF6+84CxHEVmclcoQV708UT557+2VTeLfaje//cZ5aXpdzhidz7+E8EIDBoU2h57IOPsxMXeD/zZMbtOA2tyCfCuorewUyoErzMKK7CKAdwNIhF3Ydeoknm3KR2hDwwupwrPf0=
Received: from HE1PR07MB3161.eurprd07.prod.outlook.com (10.170.245.23) by HE1PR07MB3355.eurprd07.prod.outlook.com (10.170.247.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1665.13; Fri, 1 Mar 2019 21:55:58 +0000
Received: from HE1PR07MB3161.eurprd07.prod.outlook.com ([fe80::dd59:bc9e:2910:48ae]) by HE1PR07MB3161.eurprd07.prod.outlook.com ([fe80::dd59:bc9e:2910:48ae%3]) with mapi id 15.20.1686.011; Fri, 1 Mar 2019 21:55:58 +0000
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Adam Roach <adam@nostrum.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-sipcore-sip-push@ietf.org" <draft-ietf-sipcore-sip-push@ietf.org>, Brian Rosen <br@brianrosen.net>, "sipcore-chairs@ietf.org" <sipcore-chairs@ietf.org>, "sipcore@ietf.org" <sipcore@ietf.org>
Thread-Topic: Adam Roach's No Objection on draft-ietf-sipcore-sip-push-26: (with COMMENT)
Thread-Index: AQHU0FJlSNJTji9dnkaJCVYOkLIdYKX3Ink4gAAteoCAAAIJAg==
Date: Fri, 01 Mar 2019 21:55:58 +0000
Message-ID: <HE1PR07MB3161189E5C9F82A14BBC873F93760@HE1PR07MB3161.eurprd07.prod.outlook.com>
References: <155146051337.6186.9467252084775433080.idtracker@ietfa.amsl.com> <HE1PR07MB31616FC1F5E8B496C5C14A9F93760@HE1PR07MB3161.eurprd07.prod.outlook.com>, <377b379d-3747-3748-694d-2c3fa621483b@nostrum.com>
In-Reply-To: <377b379d-3747-3748-694d-2c3fa621483b@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [37.136.1.83]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 12806254-a2bc-4087-03a8-08d69e90b038
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:HE1PR07MB3355;
x-ms-traffictypediagnostic: HE1PR07MB3355:
x-ms-exchange-purlcount: 1
x-microsoft-exchange-diagnostics: 1;HE1PR07MB3355;23:2xAG+WybMjyyDGxwTXZsYTuaHeeq7aLELE50x+EYZmaVdkLObghH5zjY3qmHkdei0Y32/K8FyAbVJhDKDoBgBM04rH3g0MJiquP1rX0EXx0gRntvwEQjwtfsQq0oPFUP8lvPNCbjRQ70O1p2hMz2UozO4TCpthk90nAMyhQxlgA818Ugvwk5I53j6auNFWmATD6FiZqmlU9KPB32YgXYVvUAGX7pCjm1VrecpOl6QilUkwKgbdqMsTM9ukO6Rd1yhtnw4eO0+Xaqp9KCiKiFAf5OtoyPPjKRxps0YDoVi6+GMgPLsIbOqMDg0Js5TVauw8MMEdBJ41PedwMEdjRdhRhV2+bOr09emUg0CCgSk+M6Bla2DG37gYSNuhwRV+56J3FUMcjxDbR6SJf3eD9MgZeJ/JOIKWOECeFEPHY8s+Wt2U5ibLMcQJXjziFn9915BBK8iVNtcM5SDYHUBRlwfFSwc+Cp3jDJxzVvFBIxjAQZ2s5YgyP+1Wx0XezmCHlvBmpcW5r8v0utjvNki1GFb7l6WOxxdBTPBnrm/LW8QcKSIuGhi+yv7TQKugYlrTpM+ICzGoiET8JcGCich8JjYwnSJlulk05WYVshWM/fFfK5dTIVB1UAqW68Rv2JlvvsWQQccnOpqO4v6Jrd+vclDUWiEN5OJ7HAYdyKu/YN2Rk6oxCsygr228WeZDBkmAwT01gIAupAYybm43/qsGV3G6diVUEcFbCZysvtgmNp7rEsL6jk59DBKhNs1akbiv959QCPn+UyhDtAruoIG2jWuLPsXCToBDp03Fw2UZW3dzvkTbC/5clSX/CKwUcjXZjX+wDP7224o2rzYwyRkWJF4auVjjP9iq6JW1f4Lnzrd8CodUeVaHyvFv9mP15M/QXx9epq+6tvw4/srmDAYyHQ7XBAi6ftEVDbgmgi5aDk4DNBaJN2YF20PRNAocEiQR3cUiAiYHOmT7KfvB+xoEke3HowsHyvzXdpGUF60uO4m9KHWy27celCNMZEHTJi3t/nwGkmG7Pl4IT/HXGIMBJ7nyvzqkCRfdGx2pc+RkICOTCkvRjdeXqv6WJS7OflQscjklJBPLgs7z8h7B1f6pFqJIBxFq7Z5tNFYqJCOxa8mp5FcXY9tOTyFTo5huCUba7rjEBf6sOfqMCScmq+SMuM5UNq/UCZPpMTsu705qwG4ZUcm3/RNPWTLHvaX2IA66iJYxyT7Ut+zOFu/ziIsGb/oTfpPNg9ka2N6Csl0hQS0l/wOoRzefheszk3oqoabIhxRnosgJRR/S9b+MmFC9USx+vxvS56wE0oOXOKjl9jbkUzFuQGetOHtl5jGIs3z4rdS+tQX11w+2UNsxZggBpiGpN/v0XN9g+jfrCS5xPKPqwYVTgbn0ERP9nTErVgtlfVoWFXEQmamXDmeE6L2XpWzNEPcpKoYE0YKsWgYQiwMQs+yh8ESsSp9B6UC2/uwf04
x-microsoft-antispam-prvs: <HE1PR07MB33556DD8FD057ED65907FA4793760@HE1PR07MB3355.eurprd07.prod.outlook.com>
x-forefront-prvs: 09634B1196
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(396003)(346002)(39860400002)(136003)(366004)(50854003)(189003)(199004)(30864003)(5660300002)(14444005)(256004)(53936002)(19627405001)(2906002)(106356001)(99286004)(606006)(105586002)(86362001)(71190400001)(66066001)(25786009)(97736004)(4326008)(52536013)(6246003)(71200400001)(7696005)(76176011)(6116002)(6506007)(14454004)(44832011)(6306002)(54896002)(68736007)(81166006)(476003)(486006)(9686003)(33656002)(3846002)(102836004)(186003)(26005)(6346003)(478600001)(55016002)(53946003)(316002)(446003)(110136005)(8936002)(11346002)(54906003)(7736002)(966005)(6606003)(229853002)(53546011)(236005)(6436002)(81156014)(8676002)(74316002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB3355; H:HE1PR07MB3161.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=christer.holmberg@ericsson.com;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 7Qv7PPAB/1r1tLLg0XGCCDHXIiQ3Oiq2Rkqq5xDamJpvP4hltInw7ouxRFsrVGkZbSxtAK5VYcppr1YfQeAOpqddXK1f5dYnJc0soH5dyDCBlieTXRwR4u4FTOMF8AwsZ1RHT4GCWo1jiZqvD7TdEQQoYnV+luZStMyZ9Urj7kJly27Rjl80t2wU9V7KVuEe6IoYskEfuHQMKVsmNsfKyufG+cXr44ls1lwYaHfReb/ULNf1N7uxVaW/kgatOzB4e9fuk/IPmHbEQzZGvrJHxNYim2G6pYwkhEl2ib46/MlZKZ+RIFjvfotYroZTB9b6Gi4f+xbGKrYggA9EheHsIy51QM4kB71q0JisERJPYQsp2VlX8boHXaNff4bV1VENuppdynODHhaeJOev6gEqg6GDd3NqdAM0uRWqsRNhXW0=
Content-Type: multipart/alternative; boundary="_000_HE1PR07MB3161189E5C9F82A14BBC873F93760HE1PR07MB3161eurp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 12806254-a2bc-4087-03a8-08d69e90b038
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Mar 2019 21:55:58.7533 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3355
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02Se0hTcRTH++3ebVdp9HPTPFhmjigznVoio6dagUlC/We6sJHXt1N2zVpk iKmVc2G5fAzFNP8wlSzNLGdBI8tHpJnkg3D5yBBxvjCtVPJ6V/jf55zv9wvnHA5FiFv5TlSs KoVWq5QJUoEtWRzaxHgy1RqFd+6ATN6yUiGUfzcXCOQZ8zU8edHyXUKumy8n5AtL9QJ/QZD5 54owqLLyFy/I8HKMPEOE2R6OpBNiU2m119ELtjHfusvJ5CUzeSVzYgqlo6JuMgfZUIB9YfJO AS8H2VJi/BZBVqlRyBULCDLbnpL/i66hRj4bEeOHPOjoP8gKJM4jIHuk1Oq6x4Oh7BZrMYyg 936/IAdRlADLQbu6j03b40PQeaOdYD0E7kXQP5gvZAUJDoOi5XEhZwoHy6qOz3EgZJhf81gm 8S5o6CwkWBZhBYwXm62T9yB4/7ECsYINPgZDVTPrJoS3wmJH7XqYwI4wOFbG49bGUNnSRXDs ABOjq3yOXUBf12s9jTP0lGkRxyGgbciyZgcQzC6e4NgdfhvrrH0naPvUymcHAmyWwMLcjFWI B31bO2IvAXg7VD1O4zzNAsgbnER5SGbYMB/HSWDRj/AN64vaQXvxGGlYixN4L9Q1e3EWV9Br h4Ucu0FWSalwY/8BElYjB4ZmmMTo/QdktDr2IsMkqWQqOqUerT3Xm2d/PF+gmskAE8IUkm4W RRVqFGK+MpXRJJoQUITUXnQtca0lilRqrtLqpAj1pQSaMaFtFCl1FC2L7RRiHK1MoeNpOplW /1N5lI1TOkp2kdEdlwMtN8no8GkX8bgxOi5CMy/ZpPf70pfSfoTpu3W6aS53SvJqdk9osOXU O38XS36jR5Sridq5ZdRjtPDRydtxXjHG0p7uHWlPAp26p67rzmsG5ZbdHxQ/RG6JaSWfnwfr 8kQ+ZSH4nG+199lZh2lnv6/YxqchIEY2UntcSjIxSh93Qs0o/wLuIuBzWAMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/hmGSx8P89e1Z5F-tuMx1wUg1Dk0>
Subject: Re: [sipcore] Adam Roach's No Objection on draft-ietf-sipcore-sip-push-26: (with COMMENT)
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2019 21:56:13 -0000
Hi, >HI! I apologize if it was unclear from my preamble, but the original comments were only >included because I wanted the document ballot to retain them for historical purposes. No >reply was necessary. Well, when I went through version -26 to make sure your issues had been addressed I did find a couple of minor nits that I still need to fix, so it was not wasted time 😊 Regards, Christer On 3/1/19 15:31, Christer Holmberg wrote: Hi Adam, Thank You! Your issues have been addressed. In this reply I more or less copy/paste what I said in my previous reply to your review, and give some extra details on how issues were solved. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- >It's nice that this document has considered the impact of inbound mid-dialog >messages in long-lived dialogs. However, it appears to have a major hole in it: >handing of outbound messages for the purpose of maintaining soft-state in those >dialogs isn't handled correctly. > >In particular: networks that deploy this mechanism will cause SUBSCRIBE >dialogs to time out and be destroyed while they are still in use. >Additionally, if RFC 4028 (session timers) is negotiated, then INVITE dialogs >will suffer the same fate. > >I can think of a couple of ways for these situations to be handled, but they >need explicit text in the document. > >One approach would be to specify that the User Agent selects its requested >"Expires" value in its registration to be the smallest value before its set of >subscriptions and session timers needs to be refreshed. This would cause a push >notification to happen to prevent registration timeout, and the client could >refresh the other soft state at that time. Complications arise if the registrar >responds with a 483 (Interval too Brief), and we'd need to find a solution for >that. > >Another approach would be for the clients to refresh all soft state whenever >they send a registration, and set the timeout for that soft state to be equal to >or greater than the registration timeout. A complication could arise if the >notifier or the peer in an invite dialog shortens the requested time, and we'd >need to find a solution for that. > >A third approach would be getting the proxy involved in some way -- either by >requiring it to observe subscription and session timer timeouts and requiring it >to send push notifications prior to their expiration, or by an explicit >communication between the UA and the proxy that indicates when the next push >notification should be scheduled. If the latter approach is taken, I would >suggest that it needs to be taken for REGISTER messages as well. > >I really don't think this mechanism is feasibly deployable without a solution to >this problem. This has been addressed, and the text in section 4.1.1 now says: "This specification does not define a mechanism to explicitly request push notifications from the SIP network for usages other than triggering binding-refresh REGISTER requests (e.g., for sending periodic subscription-refresh SUBSCRIBE requests [RFC6665]), nor does it describe how to distinguish push notifications associated with such usages from the push notifications used to trigger binding- refresh REGISTER requests. If a SIP UA wants to use push notifications for other usages, the UA can perform actions associated with such usages (in addition to sending a binding-refresh REGISTER request) whenever it receives a push notification by using the same refresh interval that is used for the binding-refreshes." --------------------------------------------------------------------------- §4.1: > For privacy and security reasons, the UA MUST NOT include the SIP URI > parameters defined in this document in non-REGISTER request, to > prevent the PNS information associated with the UA from reaching the > remote peer. > >This seems to ignore the availability of Contact URI parameters via RFC 3680 >subscriptions. This would seem to impose a requirement on Registrars to strip >this information before making it available to any other party (which, in >turn, requires that the system have explicit Registrar *and* Proxy support). >As far as I can tell, the system so far has not required explicit proxy support >(and there's certainly no mechanism built-in that ensures that a proxy has any >special handling regarding this mechanism). > >If the PNS information is sensitive, and cannot be allowed to leak out to >other users, then we need some way to ensure the registrar has provided >positive confirmation that it will not do so before allowing it to come into >possession of them. This has been addressed, and the text now says: "For privacy and security reasons, a UA MUST NOT insert the SIP URI parameters (except for the pn-purr parameter) defined in this specification in non-REGISTER request in order to prevent the PNS information associated with the UA from reaching the remote peer. For example, the UA MUST NOT insert the pn-prid SIP URI parameter in the Contact header field URI of an INVITE request. REGISTER requests will not reach the remote peer, as they will be terminated by the registrar of the UA. However, the registrar MUST still ensure that the parameters are not sent to other users, e.g., using the SIP event package for registrations mechanism [RFC3680]. See Section 13 for more information." Section 13 (Security Considerations) contains the following text: "Operators MUST ensure that the PNS-related SIP URI parameters conveyed by a user in the Contact URI of a REGISTER request are not sent to other users, or to non-trusted network entities. One way to convey contact information is by using the the SIP event package for registrations mechanism [RFC3680]. [RFC3680] defines generic security considerations for the SIP event package for registrations. As the PNS-related SIP URI parameters conveyed in the REGISTER request contain sensitive information, operators that support the event package MUST ensure that event package subscriptions are properly authenticated and authorized, and that the SIP URI parameters are not inserted in event notifications sent to other users, or to non-trusted network entities." --------------------------------------------------------------------------- §4.2: > The UA can do so by only including the pn-provider > SIP URI parameter in the SIP Contact header field URI of the REGISTER > request, but without including the pn-prid SIP URI parameter. > >Unless I'm mistaken, this is a barrier to interoperation. > >It's not 100% clear, but I suspect the intended implication is that the >pn-provider parameter here will contain a single value? The syntax of the >parameter certainly seems to imply that. This seems to be a pretty big >problem, since it presupposes that the client will know which PNSes the Proxy >supports. Consider, for example, an iOS client that can use any of RFC 8030, >FCM, and APN (cf https://firebase.google.com/docs/cloud-messaging/ios/client). >If the client doesn't know a priori what the proxy supports (and this entire >section only makes sense if that's true), then it won't know which of those >three services to indicate in its REGISTER request. If it guesses wrong, this >mechanism simply fails. > >I think you need a different discovery mechanism here -- either have one that >has the client offering multiple PNS protocols and the proxy responding with >one, or have one in which the proxy indicates all of its supported services in >a response, and the client chooses one to use in its next REGISTER message. This has been addressed in section 4.1.5 (Query Network PNS Capabilities). The UA can now choose to not include the pn-provider parameter, in which case the network will return all PNS protocols supported. --------------------------------------------------------------------------- >Figure 1: > >This diagram includes both a ladder diagram and an example REGISTER message. >While both of these are useful at this point in the document, neither of them is >an "Architecture," and they're really two different things. I suggest breaking >this into two Figures, entitled "Typical Information Flow" and "Example REGISTER >Message" (or similar), respectively. This has been addressed as suggested in Section 1 (Introduction). --------------------------------------------------------------------------- * §4.1: > As long as the UA wants to receive push notifications (requested by > the proxy), the UA MUST include a pn-provider, pn-prid and a pn-param > (if required for the specific PNS provider) SIP URI parameter in each > binding-refresh REGISTER request. > >Please be clear that these parameters appear in the Contact URI. Eventhough the text above does no longer exist, it has now been generally clarified that the parameters appear in the Contact URI. (I did note a bug in section 4.1.2. I says "UA MUST include", but it shall be "UA MUST NOT include") --------------------------------------------------------------------------- §5.2: > In order to request push notifications towards a SIP UA that will > trigger the UA to send binding-refresh SIP REGISTER requests, the SIP > proxy needs to have information about when a registration will > expire. The proxy needs to be able to retrieve the information from > the registrar using some mechanism. Such mechanisms are outside the > scope of this document, but could be implemented e.g., using the > SIPregistration event package mechanism [RFC3680]. > >Nit: "SIP registration" Has been fixed. >This mechanism seems to be predicated on an architecture in which the proxy must >be on the traffic path. Although it's problematic from a "what proxies are >expected to do" perspective, it seems like the proxy could glean this >information from the 200 response to the REGISTER request. (I mean, the proxy is >already reading parameters out of the contact header field, so the behavior of >acting on registration information is already assumed). The proxy would, of >course, need to run its own timers, but that seems to be a pretty minor >requirement, given everything else involved here. When I previously replied to your COMMENT, I said the following: "One way to implement the "retrieve the information from the registrar" could of course be using own timers. But, I don't think we should specify such behavior. Also, in some cases the proxy might be co-located with the "home proxy", or some other network node, where the interface with the registrar already exists." No changes were done based on the comment. --------------------------------------------------------------------------- §5.3.1: >This is a major comment, and one that has a sufficient impact on interop that I >had a long debate with myself about whether it should be a DISCUSS. Please take >it very seriously. > > Otherwise, if the pn-provider SIP URI parameter identifies a type of > PNS that the proxy does not support, or if the REGISTER request does > not contain all additional information required for the specific type > of PNS, the proxy MUST either forward the request (e.g., if the proxy > knows that another proxy that will receive the REGISTER request > supports the type of PNS)... > >How would the proxy know this? In the previous reply, I said "local configuration". It has been clarified in the text, and the text in section 5.6.1.1 now says: "If the proxy knows (by means of local configuration)" >Features like suppressing PNS behavior when a "sip.pns" feature capability is >present in the REGISTER imply that the various nodes in the network discover >capabilities of their neighbors automatically (which is consistent with the way >SIP does features), while this provision seems to require provisioned knowledge. >This is going to be operationally very confusing. > >At the very least, the document needs to call out how this "knowledge" is >obtained. In the more general sense, since a client cannot rely on the proxy >supporting *any* kind of PNS, the use of 555 in the way specified here is at >best an optimization -- and, since the configured information can conflict with >actual reality, it's an optimization that can actually break things unless >extreme care is exercised. (e.g., if the proxy is configured to "know" that the >next proxy cannot provide push service, but this knowledge is wrong, then the >network is unnecessarily broken.) > >My rather strong recommendation is to remove this code, and let the client rely >on the lack of indication of support in the response indicate that the feature >is not supported. In my previous reply I said: "I would like to keep the code, because there are cases where one wants the register to be rejected (rather than accepted, but without indication of supported PNS) if the PNS is not supported. Also, there are already deployments of 555, so I'd prefer to keep it, as it doesn't break anything." The 555 response code has been kept, and regarding the proxy knowing it was clarified that it is based on local configuration (see above). --------------------------------------------------------------------------- §5.3.1: > o if the proxy received a 'sip.pnsreg' media feature tag in the > REGISTER request, the proxy SHOULD include a 'sip.pnsreg' feature- > capability indicator with an indicator value bigger than 120 in > the response, unless the proxy always want to request push > >Nit: "...wants..." Has been fixed. --------------------------------------------------------------------------- §5.3.2: > If the contact of the REGISTER request does not match > the Request-URI of the SIP request to be forwarded, or if the contact > was not present in the REGISTER response, the proxy MUST reject the > SIP request with a 404 (Not Found) response. > >This seems to be a very strong requirement ("MUST") when, e.g., many or most >networks may want to return a 480 instead of a 404. I think what you want to say >is something like "...MUST reject the SIP request. Response codes of either >404 (Not Found) or 480 (Temporarily Unavailable) are RECOMMENDED, but other >appropriate codes may be used as well." This has been addressed with the following text: "It is RECOMMENDED that the proxy sends either a 404 (Not Found) response or a 480 (Temporarily Unavailable) response to the SIP request, but other response codes can be used as well." --------------------------------------------------------------------------- §5.3.2: > The reason the proxy needs to wait for the REGISTER response before > forwarding the SIP request is to make sure that the REGISTER request > has been accepted by the registrar, and that the UA which initiated > >Nit: "...the UA that initiated..." Has been fixed. --------------------------------------------------------------------------- §5.3.2: > In case of non-2xx response to the REGISTER request, the proxy MUST > reject the SIP request with a 404 (Not Found) response. > > If the push notification request fails (see PNS-specific > documentation for details), the proxy MUST reject the SIP request > with a 480 (Temporarily Unavailable) response. > > If the proxy does not receive the REGISTER request from the UA within > a given time after the proxy has requested the push notification, the > proxy MUST reject the request with a 480 (Temporarily Unavailable) > response. The time value is set based on local policy. > >As above, this seems way too restrictive in terms of mandating specific error >codes. It may well be the case that a network would want to treat these >situations identically from the perspective of the calling party. Has been addressed (see above). --------------------------------------------------------------------------- §5.3.2: > Otherwise the > proxy MUST reject the SIP request with a 480 (Temporarily > Unavailable) response. > >Same comment as above. Has been addressed (see above). --------------------------------------------------------------------------- §6.1.1: > When the UA sends in initial request for a dialog, or a 2xx response > >Nit: "...sends an initial request..." Has been fixed. > purr' SIP URI parameter in the Contact header of the request or > >Nit: "...Contact header field..." Has been fixed. > NOTE: As the 'pn-purr' SIP URI parameter only applies to a give > dialog, the UA needs to include a 'pn-purr' parameter in the Contact > >Nit: "...given dialog..." Has been fixed. > dialog, the UA needs to include a 'pn-purr' parameter in the Contact > header of the request or response for each dialog in which the UA is > >Nit: "...Contact header field..." Has been fixed. --------------------------------------------------------------------------- §6.1.1: > The UA MUST include a parameter value identical to the the > last 'sip.pnspurr' feature-capability indicator that it received in a > REGISTER response. > >This is incredibly confusing, as the "sip.pnspurr" indicator has not been >mentioned in the document so far. Please revise as something along the lines of: > > The UA MUST include a parameter value identical to the the last > 'sip.pnspurr' feature-capability indicator (see Section 6.2.1) that it > received in a REGISTER response. > >Alternately, reverse the order of sections 6.1 and 6.2 so that the PURR >concept is properly introduced before protocol procedures are defined for it. This has been addressed, by adding a reference to Section 6.2.1. --------------------------------------------------------------------------- * §6.1.1: > NOTE: As the 'pn-purr' SIP URI parameter only applies to a give > dialog, the UA needs to include a 'pn-purr' parameter in the Contact > header of the request or response for each dialog in which the UA is > willing to receive push notifications triggered by incoming mid- > dialog requests. > >Similar to the above, this is a very confusing introduction of the "pn-purr" URI >parameter. I realized this has been fixed in the wrong section. I will fix that by adding a reference to Section 6.2.1. Note, though, that the first occurrence of 'pn-purr' SIP URI parameter is in the first paragraph of section 6.1.1, so I will add the reference there. --------------------------------------------------------------------------- §6.2.2: > Contact header field with a PURR value that the proxy has generated > Section 6.2.2, the proxy MUST add a Record-Route header to the > request, to insert itself in the dialog route [RFC3261]. > >This "Section 6.2.2" makes the sentence impossible to read. Is it intended to be >in parentheses? Has been fixed. --------------------------------------------------------------------------- §6.2.3: > As described in Section 5.3.2, while waiting for the push > notification request to succeed, and the associated REGISTER request > to arrive from the SIP UA, the proxy needs to take into consideration > that the transaction associated with the NOTIFY request will > eventually time out at the sender of the request (UAC), and the > sender will consider the transaction a failure. > >I think this needs some discussion about the impact of the error codes selected >by the proxy on the dialog and its usages. For example: > >* If the proxy sends a 404 to prevent a transaction timeout, it will destroy the > dialog and all of its usages > >* If the proxy sends a 480 to prevent a transaction timeout, it will destroy the > usage, but not other usages in the dialog (if any) > >* If the proxy sends a 504 to prevent a transaction timeout, it will keep the > dialog and the usage alive, and allow the client to re-try at a later time. > Simply allowing the transaction to time out will have the same effect, albeit > with more message retransmissions. > > Pointing to RFC 5057 might be useful here. This has been addressed. The text in Section 6.2.3 now says: "When a proxy sends an error response to a mid-dialog request (e.g., due to a transaction time out), the proxy SHOULD select a response code that only impacts the transaction associated with the request ([RFC5079])." --------------------------------------------------------------------------- §8.7: > Parameter value characters that are not part of pvalue needs to be > escaped, as defined in RFC 3261. > >Nit: "...need to be escaped..." Has been fixed. --------------------------------------------------------------------------- §9: > When a new value is registered to the PNS Sub-registry, a reference > to a specification which describes the usage of the PNS associated > >Nit: "...specification that describes..." Has been fixed. --------------------------------------------------------------------------- §§10-12: >Nit: It seems like these should all be subsections of section 9. In my previous reply I said: "The idea was that the PNS registrations are in separate main sections, as they could even be in a separate document." No changes were done based on this comment. --------------------------------------------------------------------------- §10: > The Topic consists of the Bundle ID, which uniquelly identifies an > appliciation, and a service value that identifies a service > >Nit: "uniquely" >Nit: "application" This has been fixed. --------------------------------------------------------------------------- §10: > Example: pn-param = DEF123GHIJ.com.yourcompany.yourexampleapp.voip > >Please use an RFC 2026 domain for this example; e.g.: > > Example: pn-param = DEF123GHIJ.com.example.yourexampleapp.voip Has been fixed. --------------------------------------------------------------------------- §11: > [RFC8292] defines a mechanism which allows a proxy to identity itself > > Nit: "...mechanism that allows..." Has been fixed. --------------------------------------------------------------------------- Regards, Christer
- [sipcore] Adam Roach's No Objection on draft-ietf… Adam Roach
- Re: [sipcore] Adam Roach's No Objection on draft-… Christer Holmberg
- Re: [sipcore] Adam Roach's No Objection on draft-… Adam Roach
- Re: [sipcore] Adam Roach's No Objection on draft-… Christer Holmberg