Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones
"Asveren, Tolga" <tasveren@sonusnet.com> Sun, 25 December 2016 06:52 UTC
Return-Path: <tasveren@sonusnet.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48BB6129539 for <sipcore@ietfa.amsl.com>; Sat, 24 Dec 2016 22:52:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sonusnetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hQ0i9Qq-KhOp for <sipcore@ietfa.amsl.com>; Sat, 24 Dec 2016 22:52:23 -0800 (PST)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0060.outbound.protection.outlook.com [104.47.40.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 455ED1294C1 for <sipcore@ietf.org>; Sat, 24 Dec 2016 22:52:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=SonusNetworks.onmicrosoft.com; s=selector1-sonusnet-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=TIeckjiEfYj/WHHtcZbCdR6QwvsjDEy/o0fT9T30kBA=; b=fq9okgExJ+9x0bslwAif3ZWvDYpGekZlL0z4nNL1hVwfBBXFKgujjlX2ttKIPIxNjMp0OPdaGip6ratO9ykNFWCdSFzNggZEr/TGZ3+kQjmy1/qHmZ9/3gcsDnEMpHHM1vak6Yr0v2WE6pNT7z6Y8jZeeNCfQ5H7VMEruQEgSG0=
Received: from SN2PR03MB2350.namprd03.prod.outlook.com (10.166.210.141) by SN2PR03MB2350.namprd03.prod.outlook.com (10.166.210.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.803.11; Sun, 25 Dec 2016 06:52:20 +0000
Received: from SN2PR03MB2350.namprd03.prod.outlook.com ([10.166.210.141]) by SN2PR03MB2350.namprd03.prod.outlook.com ([10.166.210.141]) with mapi id 15.01.0803.018; Sun, 25 Dec 2016 06:52:20 +0000
From: "Asveren, Tolga" <tasveren@sonusnet.com>
To: Paul Kyzivat <paul.kyzivat@comcast.net>, "sipcore@ietf.org" <sipcore@ietf.org>
Thread-Topic: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones
Thread-Index: AQHSWv96++N6DRIq/E2cKGNWf6YDKaET6r4AgAAS3iCAAAYCAIAAF0yAgAAGmwCAABLYMIAAA+sAgADDHnCAASGggIAA44IggAA6lwCAAOGykA==
Date: Sun, 25 Dec 2016 06:52:19 +0000
Message-ID: <SN2PR03MB2350AF876C662CF1561C6CF7B2970@SN2PR03MB2350.namprd03.prod.outlook.com>
References: <e42393d8-9ddb-78ba-78fe-34f04f6d672d@nostrum.com> <D48194CE.14EEA%christer.holmberg@ericsson.com> <CO2PR03MB2342255BB9ECDF579283A930B2920@CO2PR03MB2342.namprd03.prod.outlook.com> <2341DDCB-C96D-441B-A6CA-049A8149FB0B@edvina.net> <SN2PR03MB235007F2298CD2EEDC718363B2920@SN2PR03MB2350.namprd03.prod.outlook.com> <EBAB0160-CDD2-4821-9765-44EF10742728@edvina.net> <SN2PR03MB2350D22AA44D07FE21369CB0B2920@SN2PR03MB2350.namprd03.prod.outlook.com> <C871E653-CAE4-456E-B397-1CB0B182D847@edvina.net> <SN2PR03MB2350C16785A81C21DEC8A9E2B2950@SN2PR03MB2350.namprd03.prod.outlook.com> <955f2fa5-887a-fb54-d694-134e4cdab5f6@comcast.net> <SN2PR03MB23509559799A88CB1ABEFD2EB2940@SN2PR03MB2350.namprd03.prod.outlook.com> <c44b6e45-129d-dcb5-b8ea-96bcbdbae5fb@comcast.net>
In-Reply-To: <c44b6e45-129d-dcb5-b8ea-96bcbdbae5fb@comcast.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tasveren@sonusnet.com;
x-originating-ip: [73.29.18.75]
x-ms-office365-filtering-correlation-id: 9605afc4-efe4-4f3e-69d8-08d42c9292b9
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:SN2PR03MB2350;
x-microsoft-exchange-diagnostics: 1; SN2PR03MB2350; 7:ZBudpzYOGZKyjJ6MpxAzyHmefxJ5NVSV3Bj9yZGBHSyZZM4gZoXaqXMf3nYkmSe5OuY7D09AHVlXNQxbqh2JB5tZ/Th0h38rAYAFL53GSvvAJoZ8b5njwmolJ53BnlC9ovbfPy+a4JlXdWldvPkmqxIUeuA1ZEX4PO754SHL+Esv85DYJpFmaOySHiPhOGa3QLO7ho1Qhn6JDcs7zGF9tWTaOvv1cPVWtagOLRSlDG3t7Ebze0vlxqQs8SZVazOLzR7qEM4pdSz0OjivfpihoRToco1Tuzk/bM7U1oJleaxwmEH8Gts/dWBDMlkXjFYerMTxEqNdUI7OGizLaXPeVAy69jYMPkTbDro6HfZWqvkR9l5EbNK0gyTZZTs9nRIeCSaa7l6y+sGby9JaDHd+jGDBSGVUXGu9jVC0a3A5YCvUiahPf8MNCsTP8Hbr6PTmCln8PrWSaLUFuSZDYLBxEQ==
x-microsoft-antispam-prvs: <SN2PR03MB2350E11AE7C67691CB065F82B2970@SN2PR03MB2350.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(37575265505322)(158342451672863)(68173958961439)(192374486261705)(100405760836317)(178636050973902)(132712982866762);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6041248)(20161123560025)(20161123564025)(20161123562025)(20161123555025)(6072148)(6047074); SRVR:SN2PR03MB2350; BCL:0; PCL:0; RULEID:; SRVR:SN2PR03MB2350;
x-forefront-prvs: 0167DB5752
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(7916002)(39450400003)(24454002)(51914003)(13464003)(199003)(377454003)(189002)(55885003)(105586002)(3660700001)(99286002)(106356001)(5001770100001)(97736004)(106116001)(3280700002)(33656002)(551934003)(76176999)(54356999)(50986999)(3846002)(107886002)(66066001)(101416001)(93886004)(189998001)(92566002)(6116002)(102836003)(7696004)(2950100002)(5660300001)(2501003)(68736007)(9686002)(76576001)(8666007)(81156014)(8676002)(81166006)(2900100001)(122556002)(2906002)(1720100001)(8936002)(6506006)(305945005)(74316002)(86362001)(229853002)(25786008)(7736002)(6436002)(77096006)(38730400001)(7059030); DIR:OUT; SFP:1101; SCL:1; SRVR:SN2PR03MB2350; H:SN2PR03MB2350.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: sonusnet.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sonusnet.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Dec 2016 06:52:19.9140 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 29a671dc-ed7e-4a54-b1e5-8da1eb495dc3
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN2PR03MB2350
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/lBXMYMEOdfyLxjlALWTPEktLQMc>
Subject: Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Dec 2016 06:52:26 -0000
Inline... Thanks, Tolga > -----Original Message----- > From: Paul Kyzivat [mailto:paul.kyzivat@comcast.net] > Sent: Saturday, December 24, 2016 10:15 AM > To: Asveren, Tolga <tasveren@sonusnet.com>; sipcore@ietf.org > Subject: Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and milestones > > On 12/24/16 7:08 AM, Asveren, Tolga wrote: > > RFC5626 seems to be leaving some room to use a single registration: > > "For each outbound proxy URI in the set, the User Agent Client (UAC) > > SHOULD send a REGISTER request using this URI as the default outbound > > proxy. (Alternatively, the UA could limit the number of flows formed > > to conserve battery power, for example). If the set has more than > > one URI, the UAC MUST send a REGISTER request to at least two of the > > default outbound proxies from the set. " > > > > OTOH it mandates use of reg-id/+sip.instance parameters: > > "A UAC conforming to this specification MUST include in the Contact > > header field, a "reg-id" parameter that is distinct from other > > "reg-id" parameters used in other registrations that use the same > > "+sip.instance" Contact header field parameter and AOR." > > > > I am not arguing that these parameters are not adding value/addressing > certain requirements. > > I just think that not everything they are helping with is absolutely needed > by many existing deployments. > > Maybe not. But it is what we have. Is it such a burden that we need to define > something else? [TOLGA] In terms of "burden in practice", yes IMHO. There is a large set of existing deployments behaving in certain way and I don't see people giving up that model/it causing any issues. It would be good to standardize it -and to add some clarifications/warnings/guidelines as needed- so that people have a more informed understanding. > > > IMHO the main requirement for "simple outbound" is: > > (Re)use a single TCP connection between UA/Edge Proxy. > > Do you really mean TCP? Or do you really mean TLS? [TOLGA] Politically correct answer: TLS. OTOH, the behavior I described is widely used with TCP as well. With VPN/L2 security, this probably should be acceptable even within IETF. There are also several cases, where there is no VPN/L2 security and folks are still fine with using TCP this way(although not addressing a MitM attack, TCP sequence numbers, SIP Call-Id/to-tag/from-tag provide some resiliency for many more common/practical attack scenarios)). I would prefer allowing TCP as well -in the specification, if there is agreement to have one- with information about security aspects. > > > This is anyhow how many deployments out in the wild operate. > > Yes, but this has not been vetted for security. > > > It would be great if that could be allowed (maybe with a SHOULD in happy- > earballs). > > Iy may be even possible to define semantics without use of an > > option-tag - I am not sure though whether we can end up with something > kosher from IETF perspective-. > > > > As far as authentication is concerned: > > i- For TLS(only server certificate) > > Server authenticated based on X.509 certificate UE authenticated > > during registration (digest) > > This only works in the case that the registrar is the first hop from the UA, and > is also the home proxy for all subsequent sip messaging. > > Is that a workable limitation? [TOLGA] This is how things operate mostly in practice. It can be mentioned as when the mechanism is applicable. > > > ii- For TLS(certificate for both ends) Already covered by RFC5923 > > > > iii- For VPN > > Both ends are authenticated during VPN setup, e.g. IMS AKA. > > ISTM the problem in this case is tying the endpoints and credentials used for > VPN setup with the URL used to identify the two endpoints for sip > messaging. [TOLGA] Again, based on practice/existing deployments: IMS AKA: The identity provided by SIM/USIM is what is used for SIP as well. VPN among servers: Servers know each other based on preconfigured data, e.g. IP Address, and that is used during VPN setup and by SIP (possibly after DNS resolution) TLS(only server side certificate): X.509 identity is what is used by SIP. Registered AoR (for UE authentication) is anyhow what SIP uses. I don't see any problem/issues on this front. Again, all this is based on how things operate in practice for many years. > > > Overall, I don't see any problem with your "knowing who is on the > > other end" question. Maybe I am missing your point(?) > > See above. Note, I don't claim to be a security expert. We really need some > in this discussion. > > Thanks, > Paul > > > Thanks, > > Tolga > > > >> -----Original Message----- > >> From: sipcore [mailto:sipcore-bounces@ietf.org] On Behalf Of Paul > >> Kyzivat > >> Sent: Friday, December 23, 2016 5:11 PM > >> To: sipcore@ietf.org > >> Subject: Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and > >> milestones > >> > >> On 12/23/16 3:30 AM, Asveren, Tolga wrote: > >>> i- I agree with the need to "standardize" the "connection reuse per > >>> existing deployment semantics". I think what we are looking for is: > >>> > >>> - Bidirectional connection reuse with TLS/server-side only > >>> certificate/UE authentication per SIP registration without RFC5626 > >>> > >>> - Bidirectional connection reuse with TCP over VPN, e.g. IPSec > >>> > >>> - Bidirectional connection reuse with TCP when > >>> authentication/security is provided by L2 > >> > >> The problem in all of these cases is for the entity sending a request > >> to be able to ascertain that the connection terminates on a device > >> known to correspond to the URI used to address it. > >> > >> Outbound was created to solve that problem. I have yet to see another > >> "simpler" solution that provides that assurance. > >> > >> As currently defined outbound can be used without redundancy if that > >> is what you want to do. There is a requirement for the software to > >> *support* use of redundancy, but deployments are free to configure > >> without it. So I see no compelling reason to revise outbound for this > purpose. > >> > >> Maybe there is something simpler than outbound that will work. But it > >> remains to be proposed. > >> > >> Thanks, > >> Paul > >> > >>> I am not sure what would be the best place to address these. It > >>> could be either happy-earballs or a new document. I would prefer the > >>> former and can provide text in either case. > >>> > >>> > >>> > >>> ii- The issue with SIP/UDP/DTLS is something quite different. It > >>> really is more about providing fast/practically feasible failover > >>> for DTLS connections (in addition to defining use of UDP/DTLS as a > >>> new transport for SIP but this part is relatively straightforward IMHO). > >>> In any case, let me use this opportunity to express my strong > >>> interest in this work one more time. > >>> > >>> > >>> > >>> Thanks, > >>> > >>> Tolga > >>> > >>> > >>> > >>> *From:*Olle E. Johansson [mailto:oej@edvina.net] > >>> *Sent:* Thursday, December 22, 2016 12:17 PM > >>> *To:* Asveren, Tolga <tasveren@sonusnet.com> > >>> *Cc:* Olle E Johansson <oej@edvina.net>; Christer Holmberg > >>> <christer.holmberg@ericsson.com>; Adam Roach > <adam@nostrum.com>; > >>> SIPCORE <sipcore@ietf.org>; Ben Campbell <ben@nostrum.com> > >>> *Subject:* Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and > >>> milestones > >>> > >>> > >>> > >>> > >>> > >>> On 22 Dec 2016, at 18:08, Asveren, Tolga <tasveren@sonusnet.com > >>> <mailto:tasveren@sonusnet.com>> wrote: > >>> > >>> > >>> > >>> Thanks for the clarification. > >>> > >>> > >>> > >>> i- I agree that connection re-use needs to be addressed as it would > >>> be a normative change. > >>> > >>> ii- Is it a mandate that mutual authentication needs to be used if > >>> transport=tls? If so, that would require another normative change to > >>> align with practical needs. > >>> > >>> The URI for the target and the cert for the UA server needs to match. > >>> It's not mutual - two certs in the same TLS session, but that would > >>> also > >>> > >>> be one solution (there is a RFC for that). SIP Outbound permits > >>> reuse of the incoming connection and thus > >>> > >>> avoids this particular problem. > >>> > >>> > >>> > >>> iii- I think both i-/ii- are relatively straightforward to address. > >>> The more interesting/challenging aspect is how to failover DTLS > >>> connections without a need for per-transaction state synchronization > >>> and with the fewest round-trips possible. > >>> > >>> Connection reuse needs to be handled separately and needs to be > >>> something that is way more easy to implement than SIP outbound. > >>> > >>> We need something we can easily test and get it done soon, as I want > >>> more TLS on the SIP networks out there :-) > >>> > >>> > >>> > >>> The current way to handle this is connection reuse that breaks the > >>> RFCs, we have that implementation in Kamailio. > >>> > >>> If there is an open socket, TLS or TCP, we prefer to use it to make > >>> things work. I would love for this to be RFC compliant :-) > >>> > >>> > >>> > >>> /O > >>> > >>> > >>> > >>> Thanks, > >>> > >>> Tolga > >>> > >>> > >>> > >>> *From:* Olle E. Johansson [mailto:oej@edvina.net] > >>> *Sent:* Thursday, December 22, 2016 10:55 AM > >>> *To:* Asveren, Tolga <tasveren@sonusnet.com > >>> <mailto:tasveren@sonusnet.com>> > >>> *Cc:* Olle E Johansson <oej@edvina.net <mailto:oej@edvina.net>>; > >>> Christer Holmberg <christer.holmberg@ericsson.com > >>> <mailto:christer.holmberg@ericsson.com>>; Adam Roach > >>> <adam@nostrum.com <mailto:adam@nostrum.com>>; SIPCORE > >>> <sipcore@ietf.org <mailto:sipcore@ietf.org>>; Ben Campbell > >>> <ben@nostrum.com <mailto:ben@nostrum.com>> > >>> *Subject:* Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and > >>> milestones > >>> > >>> > >>> > >>> > >>> > >>> On 22 Dec 2016, at 16:34, Asveren, Tolga <tasveren@sonusnet.com > >>> <mailto:tasveren@sonusnet.com>> wrote: > >>> > >>> > >>> > >>> Olle, > >>> > >>> > >>> > >>> I missed the point about why "practically possible failover" > >>> needs to be solved both for TLS/DTLS (I am not arguing it would > >>> be good to have a solution for both) and also what this issue in > >>> general has something to do with client certificates. > >>> > >>> Could you provide a bit more information/clarifications? > >>> > >>> > >>> > >>> We've discussed it a number of times both here and on the SIP Forum > >>> techwg mailing list. You can find summaries here: > >>> > >>> > >>> > >>> http://www.slideshare.net/oej/sip-half-outbound-random-notes > >>> > >>> > >>> http://www.slideshare.net/oej/sip-tls-security-in-a-peer-to-peer-wor > >>> ld > >>> > >>> > >>> > >>> In short, without SIP Outbound the client connection can't be > >>> re-used for outbound requests. Seems like there is a huge > >>> > >>> resistance to implement SIP Outbound. We need a way for the client > >>> to allow the server to reuse the inbound connection > >>> > >>> for outbound requests even though there's no TLS certificate > >>> matching the URI on the client side. > >>> > >>> > >>> > >>> We've had a lot of clients register with ";transport=tls" at SIPit > >>> without a client cert - which means we can't communicate > >>> > >>> based on that registration. > >>> > >>> > >>> > >>> Cheers, > >>> > >>> /O > >>> > >>> > >>> > >>> > >>> Thanks, > >>> > >>> Tolga > >>> > >>> > >>> > >>> *From:* Olle E. Johansson [mailto:oej@edvina.net] > >>> *Sent:* Thursday, December 22, 2016 9:08 AM > >>> *To:* Asveren, Tolga <tasveren@sonusnet.com > >>> <mailto:tasveren@sonusnet.com>> > >>> *Cc:* Olle E Johansson <oej@edvina.net > <mailto:oej@edvina.net>>; > >>> Christer Holmberg <christer.holmberg@ericsson.com > >>> <mailto:christer.holmberg@ericsson.com>>; Adam Roach > >>> <adam@nostrum.com <mailto:adam@nostrum.com>>; SIPCORE > >>> <sipcore@ietf.org <mailto:sipcore@ietf.org>>; Ben Campbell > >>> <ben@nostrum.com <mailto:ben@nostrum.com>> > >>> *Subject:* Re: [sipcore] RESPONSE REQUESTED: SIPCORE work and > >>> milestones > >>> > >>> > >>> > >>> > >>> > >>> On 22 Dec 2016, at 14:50, Asveren, Tolga > >>> <tasveren@sonusnet.com <mailto:tasveren@sonusnet.com>> > >> wrote: > >>> > >>> > >>> > >>> Regarding the interest in SIP/UDP/DTLS: > >>> > >>> This is mainly based on prospect of larger scalability on > >>> server side. There may/may not be an immediate need to > >>> tweak/change things to make DTLS related processing > >>> (hopefully just on the local stack level rather than on > >>> on-the-wire protocol- with some supporting SIP enhancements) > >>> more "failover friendly". This issue requires more > >>> analysis/discussion but does not sound unsolvable IMHO. > >>> > >>> We will have to solve client connection reuse for both TLS and > >>> DTLS sessions though. Unless you want to have > >>> > >>> client certificates on all devices. > >>> > >>> > >>> > >>> Adam as chair: SIP Client Connection Reuse is something we've > >>> disussed under multiple names - "half outbound" or "why is > >>> ;transport=tls" > >>> > >>> deprecated" or "Why doesn't SIP Outbound happen?". Maybe that > >>> deserves a milestone. > >>> > >>> > >>> > >>> /O > >>> > >>> > >>> > >>> > >>> > >>> Thanks, > >>> > >>> Tolga > >>> > >>> > >>> > >>> *From:* sipcore [mailto:sipcore-bounces@ietf.org] *On Behalf > >>> Of *Christer Holmberg > >>> *Sent:* Thursday, December 22, 2016 7:39 AM > >>> *To:* Adam Roach <adam@nostrum.com > >>> <mailto:adam@nostrum.com>>; 'SIPCORE' <sipcore@ietf.org > >>> <mailto:sipcore@ietf.org>> > >>> *Cc:* Ben Campbell <ben@nostrum.com > >> <mailto:ben@nostrum.com>> > >>> *Subject:* Re: [sipcore] RESPONSE REQUESTED: SIPCORE work > >>> and milestones > >>> > >>> > >>> > >>> Hi, > >>> > >>> > >>> > >>> I will obviously be actively involved in 4), and I also > >>> agree that 5) should be done as it is a correction. > >>> > >>> > >>> > >>> As far as the other potential work is concerned, 3) has the > >>> highest priority for me, and I would actively participate in > >>> that work. > >>> > >>> > >>> > >>> I would review 1) and 2), but I would really like to see an > >>> individual draft on 2) before we agree whether to create a > >>> milestone for it. For example, I would like to see some > >>> input on WHY to do it, and HOW it is intended to be deployed > >>> etc. How does DTLS fit SIP? What are the advantages? OR, do > >>> we want to specify DTLS-for-SIP simply because DTLS is "hot"? > >>> > >>> > >>> > >>> Regards, > >>> > >>> > >>> > >>> Christer > >>> > >>> > >>> > >>> *From: *sipcore <sipcore-bounces@ietf.org > >>> <mailto:sipcore-bounces@ietf.org>> on behalf of > >>> "adam@nostrum.com <mailto:adam@nostrum.com>" > >>> <adam@nostrum.com <mailto:adam@nostrum.com>> > >>> *Date: *Tuesday 20 December 2016 at 22:27 > >>> *To: *"sipcore@ietf.org <mailto:sipcore@ietf.org>" > >>> <sipcore@ietf.org <mailto:sipcore@ietf.org>> > >>> *Cc: *Ben Campbell <ben@nostrum.com > >> <mailto:ben@nostrum.com>> > >>> *Subject: *[sipcore] RESPONSE REQUESTED: SIPCORE work and > >>> milestones > >>> > >>> > >>> > >>> [as chair] > >>> > >>> Now that we have our new charter approved, I'd like the > >>> working group to have a discussion about the specific work > >>> items that we should take on in the short- to medium-term so > >>> that we can revise our milestones appropriately. Based on > >>> recent discussions on the mailing list, the following topics > >>> have some mind-share behind them. What I'd like from > >>> everyone with an interest in any of these topics is to > >>> indicate (a) whether you are willing to actively review and > >>> comment on documents on the topic; and (b) what priority > >>> each task has relative to each other: there are five topics; > >>> please indicate a unique priority from one (most important) > >>> to five (least important) for each topic. > >>> > >>> 1. "Happy Eyeballs for SIP" (aka Happy Earballs), currently > >>> under discussion on the list. > >>> 2. "DTLS Transport for SIP", as proposed by Tolga Asveren's > >>> recent messages. > >>> 3. A mechanism for labeling the nature of SIP calls, with > >>> <draft-schulzrinne-sipcore-callinfo-spam> as a likely > >>> candidate draft. > >>> 4. Fixing Content-ID in SIP, as discussed > >>> in <https://www.ietf.org/mail- > >> archive/web/sipcore/current/msg07245.html> > >>> <https://www.ietf.org/mail- > >> archive/web/sipcore/current/msg07245.html>, > >>> with <draft-holmberg-sipcore-content-id> as a likely > >>> candidate draft. > >>> 5. Clarifications around SIP name-addr, with > >>> <draft-sparks-sipcore-name-addr-guidance> as a likely > >>> candidate draft > >>> > >>> > >>> I will also note that we have already declared consensus on > >>> adopting <draft-ietf-sipcore-status-unwanted> as a WG > >>> document, and will be adding an associated milestone. I want > >>> to take this opportunity to remind people that the document > >>> is in WGLC, and your comments are strongly encouraged, the > >>> earlier the better. > >>> > >>> Please respond before the end of 2016. Thanks! > >>> > >>> Thanks! > >>> > >>> /a > >>> > >>> _______________________________________________ > >>> sipcore mailing list > >>> sipcore@ietf.org <mailto:sipcore@ietf.org> > >>> https://www.ietf.org/mailman/listinfo/sipcore > >>> > >>> > >>> > >>> > >>> > >>> _______________________________________________ > >>> sipcore mailing list > >>> sipcore@ietf.org > >>> https://www.ietf.org/mailman/listinfo/sipcore > >>> > >> > >> _______________________________________________ > >> sipcore mailing list > >> sipcore@ietf.org > >> https://www.ietf.org/mailman/listinfo/sipcore > >
- [sipcore] RESPONSE REQUESTED: SIPCORE work and mi… Adam Roach
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Gonzalo Salgueiro (gsalguei)
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Asveren, Tolga
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Drage, Keith (Nokia - GB)
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Dale R. Worley
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Henning Schulzrinne
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Richard Shockey
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Christer Holmberg
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Asveren, Tolga
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Olle E. Johansson
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Asveren, Tolga
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Olle E. Johansson
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Asveren, Tolga
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Olle E. Johansson
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Asveren, Tolga
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Asveren, Tolga
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Paul Kyzivat
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Asveren, Tolga
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Paul Kyzivat
- Re: [sipcore] RESPONSE REQUESTED: SIPCORE work an… Asveren, Tolga