[sipcore] Draft new version: draft-ietf-sipcore-keep-07 [was: Comments on draft-ietf-sipcore-keep-05]
Christer Holmberg <christer.holmberg@ericsson.com> Wed, 13 October 2010 16:59 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: sipcore@core3.amsl.com
Delivered-To: sipcore@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D6F373A67B7 for <sipcore@core3.amsl.com>; Wed, 13 Oct 2010 09:59:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.024
X-Spam-Level:
X-Spam-Status: No, score=-6.024 tagged_above=-999 required=5 tests=[AWL=0.575, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VqDbbkAJpwLF for <sipcore@core3.amsl.com>; Wed, 13 Oct 2010 09:59:46 -0700 (PDT)
Received: from mailgw9.se.ericsson.net (mailgw9.se.ericsson.net [193.180.251.57]) by core3.amsl.com (Postfix) with ESMTP id 7C2863A68D5 for <sipcore@ietf.org>; Wed, 13 Oct 2010 09:59:45 -0700 (PDT)
X-AuditID: c1b4fb39-b7c6dae000006ad7-24-4cb5e5cd5178
Received: from esessmw0256.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw9.se.ericsson.net (Symantec Mail Security) with SMTP id 3A.32.27351.DC5E5BC4; Wed, 13 Oct 2010 19:01:01 +0200 (CEST)
Received: from ESESSCMS0356.eemea.ericsson.se ([169.254.1.175]) by esessmw0256.eemea.ericsson.se ([10.2.3.125]) with mapi; Wed, 13 Oct 2010 19:01:01 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>, Adam Roach <adam@nostrum.com>
Date: Wed, 13 Oct 2010 19:00:57 +0200
Thread-Topic: Draft new version: draft-ietf-sipcore-keep-07 [was: Comments on draft-ietf-sipcore-keep-05]
Thread-Index: Actq70S6l+pcjWuzSV6PuLDgLeJWbAAAVErwAAHMK8A=
Message-ID: <7F2072F1E0DE894DA4B517B93C6A058502DF36E7@ESESSCMS0356.eemea.ericsson.se>
References: <430FC6BDED356B4C8498F634416644A926943819D1@mail> <7F2072F1E0DE894DA4B517B93C6A058502DF35BF@ESESSCMS0356.eemea.ericsson.se> <4CB5C21A.5080000@nostrum.com> <7F2072F1E0DE894DA4B517B93C6A058502DF3684@ESESSCMS0356.eemea.ericsson.se> <4CB5D6C3.2050100@nostrum.com> <7F2072F1E0DE894DA4B517B93C6A058502DF36C2@ESESSCMS0356.eemea.ericsson.se>
In-Reply-To: <7F2072F1E0DE894DA4B517B93C6A058502DF36C2@ESESSCMS0356.eemea.ericsson.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAA==
Cc: "sipcore@ietf.org" <sipcore@ietf.org>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, Hadriel Kaplan <HKaplan@acmepacket.com>
Subject: [sipcore] Draft new version: draft-ietf-sipcore-keep-07 [was: Comments on draft-ietf-sipcore-keep-05]
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Oct 2010 16:59:48 -0000
Hi, I've submitted a new version of the keep-alive draft. The changes are: - I added the text suggested by Adam to the security considerations section. - Small minor change in the 4th paragraph of section 4.1, as suggested by Paul earlier (after -06 had been submitted). Regards, Christer > -----Original Message----- > From: sipcore-bounces@ietf.org > [mailto:sipcore-bounces@ietf.org] On Behalf Of Christer Holmberg > Sent: 13. lokakuuta 2010 19:07 > To: Adam Roach > Cc: sipcore@ietf.org; Gonzalo Camarillo; Hadriel Kaplan > Subject: Re: [sipcore] Comments on draft-ietf-sipcore-keep-05 > > > Your text proposal looks good. I can add it. > > Regards, > > Christer > > > -----Original Message----- > > From: Adam Roach [mailto:adam@nostrum.com] > > Sent: 13. lokakuuta 2010 18:57 > > To: Christer Holmberg > > Cc: sipcore@ietf.org; Hadriel Kaplan; rjsparks@nostrum.com; Gonzalo > > Camarillo > > Subject: Re: Comments on draft-ietf-sipcore-keep-05 > > > > > > On 10/13/10 10:28 AM, Christer Holmberg wrote: > > > Hi, > > > > > >>>> a) Any downstream SIP entity, beyond the adjacent > > downstream peer > > >>>> node, can modify the Via header identifying the local > > node and thus > > >>>> cause the local node to send keepalives to its > adjacent peer (at > > >>>> high rates) if the peer does not support > > >>> ... > > >>> Nothing was added regarding a),because entities can > always check > > >>> that, before forwarding responses, the the Via header > > field hasn't > > >>> been tempered with. > > >> The purpose of the "Security Considerations" section is to warn > > >> implementors about things they need to take into > consideration to > > >> avoid security problems. Shouldn't the document at least > > suggest that > > >> implementations validate the Via header field to prevent > > this kind of > > >> attack? > > > Fair enough. > > > > > > I can add the following text: > > > > > > "Downstream SIP entities can modify Via header fields > > identifying other SIP entities, > > > and cause keepalives to be sent (at hight rates) to > > entities that do not not support > > > the keepalive mechanism. SIP entities can prevent this, > > when a SIP response is received, > > > by validating that Via headers have not been modified > > in a way which would cause such > > > sending of keepalives." > > > > That's good, but I think we can improve it by more clearly > calling out > > what the implementations need to look for: > > > > "Downstream SIP entities can modify Via header fields identifying > > other SIP entities, and cause keepalives to be sent (at > high rates) to > > entities that do not not support the keepalive mechanism. > SIP entities > > can prevent this, when a SIP response is received, by > examining their > > own Via header field to determine that downstream entities have not > > added a 'keep' parameter or set an existing 'keep' parameter to a > > value not supported by the implementation." > > > > /a > > > > > _______________________________________________ > sipcore mailing list > sipcore@ietf.org > https://www.ietf.org/mailman/listinfo/sipcore >
- [sipcore] Comments on draft-ietf-sipcore-keep-05 Hadriel Kaplan
- Re: [sipcore] Comments on draft-ietf-sipcore-keep… Christer Holmberg
- Re: [sipcore] Comments on draft-ietf-sipcore-keep… Adam Roach
- Re: [sipcore] Comments on draft-ietf-sipcore-keep… Christer Holmberg
- Re: [sipcore] Comments on draft-ietf-sipcore-keep… Adam Roach
- Re: [sipcore] Comments on draft-ietf-sipcore-keep… Christer Holmberg
- [sipcore] Draft new version: draft-ietf-sipcore-k… Christer Holmberg