IETF Logo Mail Archive

Re: [sipcore] New Version Notification for draft-ibc-sipcore-sip-websocket-00 (previously draft-ibc-rtcweb-sip-websocket-00)

Iñaki Baz Castillo <ibc@aliax.net> Mon, 05 December 2011 14:27 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D216521F8BD8 for <sipcore@ietfa.amsl.com>; Mon, 5 Dec 2011 06:27:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.557
X-Spam-Level:
X-Spam-Status: No, score=-2.557 tagged_above=-999 required=5 tests=[AWL=0.120, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Bo303w+9RoW for <sipcore@ietfa.amsl.com>; Mon, 5 Dec 2011 06:27:52 -0800 (PST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 2A62421F8BBA for <sipcore@ietf.org>; Mon, 5 Dec 2011 06:27:51 -0800 (PST)
Received: by vbbez10 with SMTP id ez10so1515808vbb.31 for <sipcore@ietf.org>; Mon, 05 Dec 2011 06:27:51 -0800 (PST)
Received: by 10.52.88.5 with SMTP id bc5mr4771140vdb.15.1323095271269; Mon, 05 Dec 2011 06:27:51 -0800 (PST)
MIME-Version: 1.0
Received: by 10.220.203.8 with HTTP; Mon, 5 Dec 2011 06:27:30 -0800 (PST)
In-Reply-To: <CA+cEqjfNrboyiDjMmVQGFMXJWqyXpN5Uxiza3Pz454eWSH7v7w@mail.gmail.com>
References: <CALiegfm8Dv8kHE1xrt59vBzLzB29mOvjH6YR2m=vm=p_BtSBTw@mail.gmail.com> <CAGTXFp82jNsCUBM=j=Tq1Xc5cOr7P1Hbp9gv5MQyeVBoOS5=ng@mail.gmail.com> <5470070492D34F4EAC60E4ED91CB3841@gsmlaptop> <CALiegfmdxJQ+fAevUCfOaJjRkja-vW2Sqh-83-J=3_E5Ba1j6A@mail.gmail.com> <CA+cEqjc+2JR8S5i=kcpSz96KC_Mtd9OThafcGgeeAXaFEzZoWQ@mail.gmail.com> <CALiegfnCym7NdEs=TH=UtYjsK6jgqkVfHaeyHo1VU1QMTb-VyA@mail.gmail.com> <CA+cEqjctnA4_0Oef-juusN3=LUiao414DYUJhO6od+JYkutkJg@mail.gmail.com> <CALiegf=3HF3TdKof+Pghqzmzs192sDXRvO_GzU7TDODAT+bVwg@mail.gmail.com> <CA+cEqjfNrboyiDjMmVQGFMXJWqyXpN5Uxiza3Pz454eWSH7v7w@mail.gmail.com>
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Mon, 05 Dec 2011 15:27:30 +0100
Message-ID: <CALiegfm2V9E+ocj9jaTxyCb+nbzfOkFcKJ2knwu9-ZAy5s++QQ@mail.gmail.com>
To: Gilad Shaham <gilad@voxisoft.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: José Luis Millán <jmillan@aliax.net>, "SIPCORE (Session Initiation Protocol Core) WG" <sipcore@ietf.org>
Subject: Re: [sipcore] New Version Notification for draft-ibc-sipcore-sip-websocket-00 (previously draft-ibc-rtcweb-sip-websocket-00)
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Dec 2011 14:27:52 -0000

2011/12/5 Gilad Shaham <gilad@voxisoft.com>:
>> Take into account that when a JavaScript code (running in a web
>> browser) open a WebSocket connection given a WS URI with domain, the
>> JavaScript code is not aware of the resulting IP nor the IP family
>> (IPv4 or IPv6). So IMHO using a IP address in Via/Contact is a bad
>> idea.
>
> I agree the later messages should not try to resolve an IP address, but I
> still don't see why it's that much different to have an invalid IP rather
> than an invalid domain. The advantage of an IP is that you are sure no one
> would try to resolve it, although it's true you would have no idea whether
> to place IPv4 or IPv6 in there and you'd just have to choose one of them. So
> it's not that I think one is better than the other, but some may ask for
> this option from compatibility point of view - I assume some implementations
> were never built with domain name in Contact header or in Via header in
> mind, although this is perfectly legitimate to do so. Anyway, if you
> strongly object to IP, domain is good too.

Hi, I strongly expect that any SIP implementation must accept a
hostname in the Via sentby-host, if not the problem is not here :)

And about a hostname in the Contact URI, GRUU already does it so if we
enforce GRUU we do require that remote peers must allow a Contact URI
with hostname. If not, the problem is not here again :)

IMHO "domain.invalid" is the best choice, as it is an "standard"
unresolvable domain according to RFC 2606 section 2:

      ".invalid" is intended for use in online construction of domain
      names that are sure to be invalid and which it is obvious at a
      glance are invalid.



>> Assuming that a domain is used, I think that which one to set should
>> not be normative, for the following reasons:
>>
>> 1) If Outbound is being used (and it's a MUST for these kind of SIP
>> endpoints) the host in Via and Contact does not matter (for
>> registration or dialogs).
>>
>> 2) If GRUU is used, the host in Contact would be a globally routable
>> URI. If GRUU is not used, then there is no way  at all for SIP REFER
>> mechanism to work (since a SIP WebSocket client can only be contacted
>> via the WS connection it has opened with the WS server). So the domain
>> in Contact does not matter (with GRUU it will always work, without
>> GRUU it will never work).
>>
>>
> Seems right. So we are saying a UA MAY include an invalid host part in the
> registration Contact header and any request top Via header. The UA MUST
> support Outbound and SHOULD (or MUST) support GRUU.
> Actually, there is good reason to consider mandating GRUU for this scenario.
> The reason is that suppose 2 different users named Alice register to 2
> different AORs. Both Alice users go through the same proxy (named P1) that
> supports websockets and it forwards the requests to the different
> registrars. When an incoming request to one of the Alices comes in, a proxy
> will forward the request to alice@<invalid host> through P1, but P1 cannot
> distinguish the two and they are in fact different users. I also believe UAs
> should be encouraged to compare the instance id of incoming requests.

In the scenario you describe Outbound must take place (the registrar
can only send incoming requests to the users via their outbound SIP
EDGE proxy implementing WebSocket transport). So the Path header the
EDGE proxy adds to the REGISTER includes a flow token (RFC 5626),
probably in the URI username part.

When the registrar routes an incoming request to a registration
binding of one of those WS clients, such request will contain a Route
header with same value as the Path header during registration, and the
EDGE proxy will associate the flow token in such Route URI to the
corresponding WebSocket connection. This is, the Outbound EDGE proxy
does not inspect the request URI for incoming requets, but just the
Route URI and the Outbound flow token in it.

-- 
Iñaki Baz Castillo
<ibc@aliax.net>

v2.23.0 | Report a Bug | By Email