[sipcore] Comments to draft-sparks-sipcore-refer-explicit-subscription-02.txt
Ivo Sedlacek <ivo.sedlacek@ericsson.com> Tue, 04 November 2014 14:58 UTC
Return-Path: <ivo.sedlacek@ericsson.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 169571A895E for <sipcore@ietfa.amsl.com>; Tue, 4 Nov 2014 06:58:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pe4OHWT59Qrq for <sipcore@ietfa.amsl.com>; Tue, 4 Nov 2014 06:58:40 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEA1C1A702A for <sipcore@ietf.org>; Tue, 4 Nov 2014 06:58:39 -0800 (PST)
X-AuditID: c1b4fb2d-f79fc6d000001087-1e-5458e99dcc1d
Received: from ESESSHC022.ericsson.se (Unknown_Domain [153.88.253.124]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id F8.7E.04231.D99E8545; Tue, 4 Nov 2014 15:58:38 +0100 (CET)
Received: from ESESSMB301.ericsson.se ([169.254.1.4]) by ESESSHC022.ericsson.se ([153.88.183.84]) with mapi id 14.03.0174.001; Tue, 4 Nov 2014 15:58:37 +0100
From: Ivo Sedlacek <ivo.sedlacek@ericsson.com>
To: "sipcore@ietf.org" <sipcore@ietf.org>
Thread-Topic: Comments to draft-sparks-sipcore-refer-explicit-subscription-02.txt
Thread-Index: Ac/4OU/g07J/NMknQRKl76sp754aVw==
Date: Tue, 04 Nov 2014 14:58:36 +0000
Message-ID: <39B5E4D390E9BD4890E2B310790061011278554E@ESESSMB301.ericsson.se>
Accept-Language: en-US, cs-CZ
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.18]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrPLMWRmVeSWpSXmKPExsUyM+Jvje68lxEhBqfSLL7+2MTmwOixZMlP pgDGKC6blNSczLLUIn27BK6MKTtPMxWcF6o4uO4LWwNjH38XIyeHhICJxLXOXYwQtpjEhXvr 2boYuTiEBI4wSuy6f4EVwlnIKPFu72WwKjYBPYmJW46wgtgiApoSy79tZQexhQV8JN6fv8sG EQ+WWHTqDzOErSdx5eljJhCbRUBFYmrLU7A4r4CvxO8f+8DqGQVkJa7+6QWbzywgLnHryXwm iIsEJJbsOc8MYYtKvHz8jxXCVpT4+GofVL2OxILdn9ggbG2JZQtfQ80XlDg58wnLBEbhWUjG zkLSMgtJyywkLQsYWVYxihanFhfnphsZ66UWZSYXF+fn6eWllmxiBIb4wS2/dXcwrn7teIhR gINRiYfXwDEiRIg1say4MvcQozQHi5I476Jz84KFBNITS1KzU1MLUovii0pzUosPMTJxcEo1 MGZvaVfkON+ceX/nF8PwY5Eu+9imfdZfZu7JcHWP8b0JG7d5RhayWzHf8rhjkq6c/Xnb/qcm c55EBk5fY994NyN2j4F8qn0H746JLCdnic6e9oTZovqflNqu7jk3Fzm9lZMw+WJ3S031RsIx r+NLK/nETR9a63XeSlmbaswf78zO0tu+JkjplBJLcUaioRZzUXEiAOrmI/9SAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/sipcore/lBuzEKIINqzgYFRb9QATpmpTAfM
Subject: [sipcore] Comments to draft-sparks-sipcore-refer-explicit-subscription-02.txt
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Nov 2014 14:58:42 -0000
Hello,
I reviewed the draft-sparks-sipcore-refer-explicit-subscription-02.
Generally, I consider it in a good shape.
COMMENT 1:
---------------------
Abstract states: "
The Session Initiation Protocol (SIP) REFER request, as defined by
RFC3515, triggers an implicit SIP-Specific Event Notification
framework subscription.
"
It would be good to also point out that RFC4488 tried to remove this trigger for creating implicit notification but did not do the work entirely so usage of RFC4488 may need to rely on application logic in UAS handling the REFER request.
---------------------
COMMENT 2:
---------------------
2. Introduction states: "
REFER as defined by [RFC3515] triggers an implicit SIP-Specific Event
Framework subscription. Sending a REFER within a dialog established
by an INVITE results in dialog reuse and the associated problems
described in [RFC5057]."
Again, it would be good to also state that usage of RFC4488 together with application logic enables prevention of creation of implicit subscription. However, it would be good to have a protocol mechanism which do not need to rely on the application logic.
---------------------
COMMENT 3:
---------------------
6. Introduction states: "
UA MUST NOT include the
'explicitsub' or 'nosub' option tag in the Require header field of
any SIP response other than a 421 response to a REFER request."
IMO, this is against RFC3261 stating ("Any extensions applied to a non-421 response MUST be listed in a Require header field included in the response.").
I have seen that this has already been raised at http://www.ietf.org/mail-archive/web/sipcore/current/msg06338.html and I would be happy with resolution proposed there.
---------------------
COMMENT 4:
---------------------
Some of the security issues apply only to explicitsub, but the text does not make it clear.
---------------------
PROPOSED SOLUTION 4:
---------------------
it might be good to split the section 8. Security Considerations to three subsections,
- 1st subsection focused on generic issues applicable to both explicitsub and nosub
- 2nd subsection focused on issues applicable to explicitsub only
- 3rd subsection focused on issues applicable to nosub only
---------------------
Kind regards
Ivo Sedlacek
- [sipcore] Comments to draft-sparks-sipcore-refer-… Ivo Sedlacek