IETF Logo Mail Archive

Re: [sipcore] Resend: WGLC: draft-ietf-sipcore-digest-scheme

worley@ariadne.com (Dale R. Worley) Tue, 21 May 2019 02:17 UTC

Return-Path: <worley@alum.mit.edu>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA64C120074 for <sipcore@ietfa.amsl.com>; Mon, 20 May 2019 19:17:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.934
X-Spam-Level:
X-Spam-Status: No, score=-1.934 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcastmailservice.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id alhD6YQpHxMV for <sipcore@ietfa.amsl.com>; Mon, 20 May 2019 19:17:18 -0700 (PDT)
Received: from resqmta-ch2-01v.sys.comcast.net (resqmta-ch2-01v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B7DF120021 for <sipcore@ietf.org>; Mon, 20 May 2019 19:17:17 -0700 (PDT)
Received: from resomta-ch2-14v.sys.comcast.net ([69.252.207.110]) by resqmta-ch2-01v.sys.comcast.net with ESMTP id SthyhdjIbLJtxSuL6hqaEG; Tue, 21 May 2019 02:17:16 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastmailservice.net; s=20180828_2048; t=1558405036; bh=f35Q3XKLDwUdsdPxsTpPfmfsXWfHMhbGYIEmIRuwUls=; h=Received:Received:Received:Received:From:To:Subject:Date: Message-ID; b=JARyodjRr0nG7QWWsbzbFKFb42og0I1cxYfSalSZV1ZHNZz9GFzcDn2flMijZLthZ y+FXpdU05LLPWwBVW8sWf+mpJtsClIU245IrJFtDuxEw5mBlAmm+L2gbbwklQA/wdY oCDNvwwcT5CAUDvbbNMqr6GJo7fDu2wFNeC/VDKxJcR61FL7JM6wxYDTZPCq55Gh83 xEOVVPkKiLHoAb0+N+JEDAIkFucxNU0IJCYHDqZDtVOyw6NDfh3KmKjifjxZFZ+tZJ 9F0EzC1yhYbBhDGzVEFoBW9BvpZuQ90iThm3WiFePo/ekrh04EAHah56HsqNOYdcP8 gcaYJk0bv95LA==
Received: from hobgoblin.ariadne.com ([24.91.37.100]) by resomta-ch2-14v.sys.comcast.net with ESMTPA id SuL5hwCteZrgwSuL6hpL6l; Tue, 21 May 2019 02:17:16 +0000
X-Xfinity-VAAS: gggruggvucftvghtrhhoucdtuddrgeduuddruddtledgheeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuvehomhgtrghsthdqtfgvshhipdfqfgfvpdfpqffurfetoffkrfenuceurghilhhouhhtmecufedttdenucdnvehorghsthgrlhculdeftddtmdenucfjughrpefhvffujghssedttddttddttddtnecuhfhrohhmpeifohhrlhgvhiesrghrihgrughnvgdrtghomhculdffrghlvgcutfdrucghohhrlhgvhidmnecukfhppedvgedrledurdefjedruddttdenucfrrghrrghmpehhvghlohephhhosghgohgslhhinhdrrghrihgrughnvgdrtghomhdpihhnvghtpedvgedrledurdefjedruddttddpmhgrihhlfhhrohhmpeifohhrlhgvhiesrghluhhmrdhmihhtrdgvughupdhrtghpthhtoheprhhifhgrrghtrdhivghtfhesghhmrghilhdrtghomhdprhgtphhtthhopehsihhptghorhgvsehivghtfhdrohhrghenucevlhhushhtvghrufhiiigvpedt
X-Xfinity-VMeta: sc=300;st=spam
Received: from hobgoblin.ariadne.com (hobgoblin.ariadne.com [127.0.0.1]) by hobgoblin.ariadne.com (8.14.7/8.14.7) with ESMTP id x4L2HF5I022533; Mon, 20 May 2019 22:17:15 -0400
Received: (from worley@localhost) by hobgoblin.ariadne.com (8.14.7/8.14.7/Submit) id x4L2HE2o022530; Mon, 20 May 2019 22:17:14 -0400
X-Authentication-Warning: hobgoblin.ariadne.com: worley set sender to worley@alum.mit.edu using -f
From: worley@ariadne.com
To: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
Cc: sipcore@ietf.org
In-Reply-To: <CAGL6epLxSTSXWxfNjsHjAh22c0OgvyP4Ss5rWpjjQi5D84ou4A@mail.gmail.com> (rifaat.ietf@gmail.com)
Sender: worley@ariadne.com
Date: Mon, 20 May 2019 22:17:14 -0400
Message-ID: <87lfz0eel1.fsf@hobgoblin.ariadne.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/oh23vAUbOyDEnIVEANjpYnmTUsI>
Subject: Re: [sipcore] Resend: WGLC: draft-ietf-sipcore-digest-scheme
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 02:17:20 -0000

Rifaat Shekh-Yusef <rifaat.ietf@gmail.com> writes:
> I liked your proposed changes; I will incorporate them into the next
> version of the document.

Though I did make a mistake -- RFC 7616 only applies to HTTP, so the
statement in draft-ietf-sipcore-digest-scheme-02 section 2.3 para 2 is
not redundant, even though it appears to be repeating RFC 7616.  Therefore...

>> This suggests the wording could be improved along thse lines (changes
>> marked with "|"):
>>
>>    2.1.  Hash Algorithms
>>
>>    The Digest scheme has an 'algorithm' parameter that specifies the
>>    algorithm to be used to compute the digest of the response.  The IANA
>>  | registry named "Hash Algorithms for HTTP Digest Authentication"
>>  | specifies the algorithms
>>  | that correspond to 'algorithm' values.
>>
>>    [RFC3261] specifies only one algorithm, MD5, which is used by
>>    default.  This document extends [RFC3261] to allow use of any
>>    registered algorithm.
>>
>>  | [RFC7616] specifies the usage preference when a response
>>  | contains multiple challenges specifying different algorithms.  That
>>  | specification is not changed by this document.

The above sentence is incorrect.  I intended it to replace the current
para 3 of the section, and it would be good to replace para 3 with
something correct that clarifies the same question.  Perhaps something
like

   A UAS prioritizes which algorithm to use based on the ordering of the
   challenge headers in the response it is processing.  That process is
   specified in section 2.3 and parallels the process used in HTTP
   specified by [RFC7616].

>>    Note that [RFC7616] defines a -sess variant for each algorithm; the
>>    -sess variants are not used with SIP.

Dale

v2.23.0 | Report a Bug | By Email