[sipcore] Doc Shepherd review of draft-ietf-sipcore-rejected-05
"A. Jean Mahoney" <mahoney@nostrum.com> Tue, 02 April 2019 21:39 UTC
Return-Path: <mahoney@nostrum.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31E3C120333; Tue, 2 Apr 2019 14:39:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Level:
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id poAWer_ajBAd; Tue, 2 Apr 2019 14:39:23 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8AB812032E; Tue, 2 Apr 2019 14:39:16 -0700 (PDT)
Received: from mutabilis-2.local ([47.186.39.7]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x32LdFOw088967 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Tue, 2 Apr 2019 16:39:15 -0500 (CDT) (envelope-from mahoney@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1554241156; bh=l6QFfF1d5Dqf2+bp0uRuRzd/ykBVAom66ND+GtSwNts=; h=To:From:Subject:Date; b=H/sHRQGHwsqn7WjXIrvVfNyCBwGVfWP/DunHfp30Oma2Y9RiP4uHwGTwpn2tHHX4f 8oqHeYLqmMGSkbclDOKKMXuZFw+JXKPJNzAQVKfwfbhISE0aMhSPmp7gHpjdfF013W tosySZs5ZA5xcW1arf7BIsDplvE8EvekxlJ5/fr0=
X-Authentication-Warning: raven.nostrum.com: Host [47.186.39.7] claimed to be mutabilis-2.local
To: draft-ietf-sipcore-rejected@ietf.org, SIPCORE <sipcore@ietf.org>
From: "A. Jean Mahoney" <mahoney@nostrum.com>
Message-ID: <2508d59d-e270-cfa4-e79c-d9da0f3c589c@nostrum.com>
Date: Tue, 02 Apr 2019 16:39:14 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/ndojYpgCuMam79yonx-JToaDzAI>
Subject: [sipcore] Doc Shepherd review of draft-ietf-sipcore-rejected-05
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 21:39:27 -0000
Hi Eric and Bhavik,
Thanks for addressing all of the feedback so far. In preparation for the
Doc Shepherd Write-up, I have run idnits, gone through the ID Checklist,
and made my own pass through the draft. I have the following feedback
below (overwhelmingly nits) -
Thanks!
Jean
------------------------------------------------------------------------
Major issues:
-------------
None.
Minor issues:
-------------
The Terminology section still needs a bit of tweaking (idnits complains):
In draft:
This document uses the terms "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" as described in BCP14 [RFC2119][RFC8174] when, and only
when, they appear in all capitals, as shown here.
Current boilerplate:
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
Nits:
-----
Throughout the document, replace "Call-Info header" with "Call-Info
header field".
1. Introduction
Expand the acronym UAC on first use.
s/Figure 1 and Figure 2 shows/Figure 1 and Figure 2 show
Current:
The problem here is that network elements downstream
from the intermediary might interpret the 607 as a user (human)
marking the call as unwanted, as opposed to a statistical, machine
learning, vulnerable to the base rate fallacy [BaseRate] algorithm
rejecting the call. In other words, those downstream entities should
not be relying on another entity 'deciding' the call is unwanted.
Suggested:
The problem here is that network elements downstream
from the intermediary might interpret the 607 as coming from a user
(human) that has marked the call as unwanted, as opposed to coming
from an algorithm using statistics or machine learning to reject
the call. An algorithm can be vulnerable to the base rate fallacy
[BaseRate]. In other words, those downstream entities should not rely
on another entity 'deciding' the call is unwanted.
s/SIP header passed back/Call-Info header field passed back
3.3 UAC Operation
s/feature capability tag in the INVITE request/feature capability
indicator in the Feature-Caps header field of the INVITE request
3.4 Legacy Interoperation
Current:
One aspect of using a feature capability is only the network elements
that will consume (UAC) or play an announcement (media gateway, SBC,
or proxy) need understand the sip.608 feature capability. All other
(existing) infrastructure can remain without modification, assuming
they are conformant to Section 16.6 of [RFC3261], specifically they
will pass headers such as "Feature-Capability: sip.608" unmodified.
Suggested:
One aspect of using a feature capability is that only the network
elements that will either consume (UAC) or play an announcement
(media gateway, session border controller (SBC) [RFC7092], or proxy)
need to understand the sip.608 feature capability. The rest of the
infrastructure does not need to be modified, assuming that the other
network elements conform to Section 16.6 of [RFC3261], specifically
that they will pass header fields such as "Feature-Capability:
sip.608" unmodified.
3.5 Announcement Requirements
s/that will be doing the announcement/that handles the announcement
s/the modality for conveying/how to convey
4.1 Full Exchange
In the examples, follow guidance from RFC2606, RFC3849, and RFC6890 on
constructing example addresses, FQDNs, and TNs:
o Replace IPv4 addresses with addresses in the example space
[RFC6890]: 192.0.2.0/24
Or better yet, use IPv6 examples [RFC3849]: 2001:DB8::/32
o Use example FQDNs specified in [RFC2606].
o Use example phone numbers in the following space:
+1<area code>555<0100-0199>
s/exemplary purposes/example purposes
s/at rest/at best
5.4. Call-Info Purpose
Current:
This
modifies the registry header field parameters and parameter values by
adding this RFC as a reference to the line for the header field
"Call-Info" and parameter name "purpose":
Suggested:
This
modifies the "Header Field Parameters and Parameter Values"
subregistry of the "Session Initiation Protocol (SIP) Parameters"
registry by adding this RFC as a reference to the line for the
header field "Call-Info" and parameter name "purpose":
6. Security Considerations
Current:
Another risk is for an attacker to purposely not include the sip.608
feature capability in a flood of INVITE requests, direct those
requests to proxies known to insert the sip.608 feature, and direct
the SDP to a victim device.
Suggested:
Another risk is for an attacker to flood a proxy that supports the
sip.608 feature with INVITE requests that lack the sip.608 feature
capability in order to direct the SDP to a victim's device.
s/pharming/phishing (For more info on this edit, see RFC4949)
s/lookup/look up
s/dialled/dialed
s/jourisdiction's/jurisdiction's
8.3 Informative References
[BaseRate] s/ http://www.dtic.mil/get-tr-doc/pdf?AD=ADA045772 /
https://apps.dtic.mil/docs/citations/ADA045772
- [sipcore] Doc Shepherd review of draft-ietf-sipco… A. Jean Mahoney
- Re: [sipcore] Doc Shepherd review of draft-ietf-s… Eric Burger
- Re: [sipcore] Doc Shepherd review of draft-ietf-s… A. Jean Mahoney