Re: RE: [Sipping] SIPPING review ofdraft-vanelburg-sipping-served-user-02.txt]
Spencer Dawkins <spencer@mcsr-labs.org> Thu, 01 November 2007 06:07 UTC
Return-path: <sipping-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1InTDc-0003VO-H2; Thu, 01 Nov 2007 02:07:52 -0400
Received: from sipping by megatron.ietf.org with local (Exim 4.43) id 1InTDa-0003UJ-I4 for sipping-confirm+ok@megatron.ietf.org; Thu, 01 Nov 2007 02:07:50 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1InTDT-0003G0-VB for sipping@ietf.org; Thu, 01 Nov 2007 02:07:44 -0400
Received: from usaga01-in.huawei.com ([206.16.17.211]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1InTDO-0001Hh-MC for sipping@ietf.org; Thu, 01 Nov 2007 02:07:40 -0400
Received: from huawei.com (usaga01-in [172.18.4.6]) by usaga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JQT00380D0PB0@usaga01-in.huawei.com> for sipping@ietf.org; Wed, 31 Oct 2007 23:07:37 -0700 (PDT)
Received: from s73602 (cpe-72-190-0-23.tx.res.rr.com [72.190.0.23]) by usaga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0JQT0046MD0HC7@usaga01-in.huawei.com> for sipping@ietf.org; Wed, 31 Oct 2007 23:07:37 -0700 (PDT)
Date: Thu, 01 Nov 2007 01:06:54 -0500
From: Spencer Dawkins <spencer@mcsr-labs.org>
Subject: Re: RE: [Sipping] SIPPING review ofdraft-vanelburg-sipping-served-user-02.txt]
To: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
Message-id: <095701c81c4d$6777e7b0$6401a8c0@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
Content-type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="response"
Content-transfer-encoding: 7bit
X-Priority: 3
X-MSMail-priority: Normal
References: <472835B0.2050305@ericsson.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e95407604bef3289cd27cb4f3b3a35b4
Cc: sipping@ietf.org, Mary Barnes <mary.barnes@nortel.com>, Jon Peterson <jon.peterson@neustar.biz>
X-BeenThere: sipping@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SIPPING Working Group \(applications of SIP\)" <sipping.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sipping@ietf.org>
List-Help: <mailto:sipping-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=subscribe>
Errors-To: sipping-bounces@ietf.org
Hi, Gonzalo, > Hi Spencer, > > Hans Erik responded to your expert comments with the email below. Could > you please have a look at it and let the mailing list know whether those > changes address your concerns? > > Once your concerns are addressed, we will be forwarding this draft to Jon > for publication. > > Thanks! > > Gonzalo My understanding is that for this type of document, I just need to feel good about the checklist questions, right? I am satisfied with Hans Erik's answers. I don't think it's appropriate for me to pursue other changes that aren't required in order to meet the expert review criteria. Thanks, Spencer > -------- Original Message -------- > Subject: RE: [Sipping] SIPPING review > ofdraft-vanelburg-sipping-served-user-02.txt > Date: Fri, 12 Oct 2007 15:02:46 +0200 > From: Hans Erik van Elburg <hanserik.van.elburg@ericsson.com> > To: Spencer Dawkins <spencer@mcsr-labs.org>, <sipping@ietf.org> > CC: ext Cullen Jennings <fluffy@cisco.com>, Jon Peterson > <jon.peterson@neustar.biz> > > Hi Spencer, > > Thanks a lot for performing the review! > > Some short response on the expert review comments below: > - On note 2: > There is some indication of the use of this header in clause 5 where it > states that > "This header field can be added to initial requests routed from an > S-CSCF to an AS > or from an AS to an S-CSCF." > However I think we need to improve this to: > "initial requests for a dialog or standalone requests". > > - On note 3: > This is not yet another identity header being transported end to end. It > is only information shared between a SIP proxy (S-CSCF) and an > Application Server in the IMS architecture, as such it is not another > identity. > > - On note 7: > I quickly glanced through the main MEDIACTRL drafts, but they don't seem > to link in an AS on the dialog between two endpoints. But use a > dedicated dialog between an MS and an AS that manages the control > channel. Therefore I doubt that P-Served-User has application in that > context, I would expect the existing identity mechanisms to be > sufficient. > > Further I have tried to introduce all 3GPP specifics in a way that I > thought understandable to IETF, that is why certain parts are quite > chatty. If I failed there then we need to improve, but it is not yet > clear to me what is not clear. > > Response to the other comments can be found inline tagged with > "HansErik:". > > I sumitted an 03 version that until it appears on the IETF site can be > found here: > http://elburg.eln-research.nl/drafts/draft-vanelburg-sipping-served-user > -03.txt > > Best Regards, > /Hans Erik > > -----Original Message----- > From: Spencer Dawkins [mailto:spencer@mcsr-labs.org] > Sent: Monday, October 08, 2007 7:53 PM > To: sipping@ietf.org > Cc: ext Cullen Jennings; Jon Peterson > Subject: [Sipping] SIPPING review > ofdraft-vanelburg-sipping-served-user-02.txt > > I was asked to provide an expert review for this draft. My review > follows. > > The ADs should pay particular attention to notes 3 and 7 below - they > are the requirements I'm still not sure are satisfied. > > I also included additional comments for the authors, but these comments > should not be considered part of the expert review. > > Thanks, > > Spencer > > Summary... > > 1. A designated expert (as defined in RFC 2434 [4]) MUST review the > proposal for applicability to SIP and conformance to these > guidelines. The Expert Reviewer will send email to the Transport > Area Directors on this determination. The expert reviewer can > cite one or more of the guidelines that haven't been followed in > his/her opinion. > > * Spencer Dawkins is the designated expert. This e-mail is sent to the > SIPPING mailing list. The RAI ADs are copied in this email. > > 2. The proposed extension MUST NOT define SIP option tags, response > codes, or methods. > > * The draft satisfies this requirement: The draft defines a new P-Header > called "P-Served-User" that identifies an IMS Public User Identity. > > I should mention that I didn't see any explanation of usage for this > P-Header - is it applicable for all SIP methods? response codes? etc. > > 3. The function of the proposed header MUST NOT overlap with current > or planned chartered extensions. > > * The draft satisfies this requirement to the best of my ability to tell > (although this isn't easy to know for sure because "served user" is only > defined as "IMS Public User Identity of the user" in this specification > - I'm fairly sure that we don't have current or planned chartered > extensions for exactly this, but can't be sure that we don't have > current or planned chartered extensions for anything analogous to this, > and that's the critical question). > > I wish this draft did not define Yet Another Identity (as Jeroen pointed > out), but I don't think this concern belongs in my expert review. > > 4. The proposed header MUST be of a purely informational nature, and > MUST NOT significantly change the behavior of SIP entities which > support it. Headers which merely provide additional information > pertinent to a request or a response are acceptable. If the > headers redefine or contradict normative behavior defined in > standards track SIP specifications, that is what is meant by > significantly different behavior. > > * The draft satisfies this requirement: the P-Served-User header > contains an IMS Public User Identity. This header does not redefine or > contradict normative behavior defined in standards track SIP > specifications. > > A proxy or AS might change its behavior based on a difference between > P-Served-User and some other identity, but since conveying the > difference between this the P-Served-User identity and other SIP > identities is the goal for this P-header, this effect seems reasonable. > > 5. The proposed header MUST NOT undermine SIP security in any sense. > The Internet Draft proposing the new header MUST address security > issues in detail as if it were a Standards Track document. Note > that, if the intended application scenario makes certain > assumptions regarding security, the security considerations only > need to meet the intended application scenario rather than the > general Internet case. In any case, security issues need to be > discussed for arbitrary usage scenarios (including the general > Internet case). > > * The draft satisfies this requirement: The security section describes > the security considerations that apply to insecure network paths and > allows for two methods of securing those paths (physical security and > IPsec). The draft also points out the need to remove these headers at > domain trust boundaries. > > 6. The proposed header MUST be clearly documented in an (Individual > or Working Group) Informational RFC, and registered with IANA. > > * The draft satisfies this requirement: It is intended to become an > Informational RFC, and lists the header in its IANA section. The IANA > section includes all the information that > http://www.iana.org/assignments/sip-parameters contains for entries in > the header field subregistry. > > 7. An applicability statement in the Informational RFC MUST clearly > document the useful scope of the proposal, and explain its > limitations and why it is not suitable for the general use of SIP > in the Internet. > > * The draft may very well satisfy this requirement: Two points here. > > First, I'm reading "in the Internet" as "in non-IMS environments", so > the text that says > > When SIP is used on the Internet, there are typically no proxies > involving an application server over an ISC interface. Consequently, > the P-Served-User header field does not seem useful in a general > Internet environment. > > does make me wonder if similar functionality is useful in non-IMS > environments (for example, MEDIACTRL use of ASs might also find a > similar capability useful). > > Second, sections 3.1-3.4 are very dense (a lot of 3GPP-specific call > flows that are mostly the same from scenario to scenario), and I'm not > sure how "clear" this text is to the non-3GPP SIP community that needs > to reach consensus that this P-Header would not be useful in a non-3GPP > environment. > > -------------------------------------------------------------- > > The following notes are included for the draft authors, but aren't part > of the expert review. > > 1. Introduction > > The 3rd-Generation Partnership Project (3GPP) IMS (IP Multimedia > Subsystem) uses SIP (RFC3261 [2]) as its main signalling protocol. > (For more information on the IMS, a detailed description can be found > in 3GPP TS 23.228 [8] and 3GPP TS 24.229 [10].) 3GPP has identified a > set of requirements that can be met, according to the procedures in > RFC 3427 [5], by defining a new SIP P-header. > > Spencer: I am hoping that you're saying "that are most appropriately > met", but (nit) this should probably be "met by defining a new SIP > P-header, according to the procedures in RFC 3427 [5]". > HansErik: Changed accordingly. > > Spencer: I note that neither the abstract nor the introduction actually > summarize what that requirement is. Could a one-sentence description be > added? > HansErik: Changed to "3GPP has identified issues with the linking in of > a SIP application server that are most appropriately resolved by > defining a new SIP P-header, > according to the procedures in RFC 3427 <xref target="RFC3427"/>." > The issue is hinted at in the abstract and is further explained in the > remainder of the document. > > The remainder of this document is organized as follows. Section 3 > outlines the problem using particular service scenarios and Section 4 > discusses the requirements derived from these scenarios. Section 5 > defines the P-Served-User header field, which meets those > requirements, and Section 6 discusses the applicability and scope of > this new header field. Section 7 registers the P-Served-User header > field with the IANA and Section 8 discusses the security properties > of the environment where this header field is intended to be used. > > 3.1. General > > In the 3GPP IMS the S-CSCF (Serving CSCF) is a SIP proxy that serves > as a registrar and handles originating and terminating session states > for users allocated to it. This means that any call that is > originated by a specific user or any call that is terminated to that > specific user will pass through an S-CSCF that is allocated to that > user. > > Spencer: If this draft can be slightly de-3GPPed, it would be much > easier for the IETF community to understand (and to agree with). Simply > referring to the CSCF as a SIP proxy in many places would be a simple > change, and text like "over the Cx interface" is true but not necessary > for an understanding of this proposed P-header within the IETF. Some > uses of 3GPP terminology in the Abstract and Introduction are useful, > because they provide context for the request. > HansErik: I think that the first sentence of section 3.1 is very clear > in this: > "In the 3GPP IMS the S-CSCF (Serving CSCF) is a SIP proxy that serves as > a registrar and handles originating and terminating session states for > users allocated to it. " > I prefer to keep the text as is, I think appropriate clarification is > provided for the IETF community to understand how this is used. > > > At the moment that an S-CSCF is allocated for a specific user, a user > profile is downloaded to the S-CSCF from the HSS (Home Subscriber > Server) over the Cx interface. This user profile tells the S-CSCF > whether the user is allowed to originate or terminate calls or > > Spencer: either this is garbled or my English skills have evaporated. > Perhaps "important for this particular document" was cut-and-pasted in > error? > HansErik: I removed the offending fragment. I guess it missed the needed > punctuation. But I agree removing it completely is better. > > important for this particular document whether an AS needs to be > linked in over the ISC interface. The user profile information that > determines whether particular initial request need to be sent to a > particular AS is called initial Filter Criteria (iFC), see for > example 3GPP TS 23.218 [7]. > > Spencer: the previous paragraph has a lot more detail than necessary. Is > this saying more than "When a S-CSCF is allocated for a specific user, > the S-CSCF receives a profile that tells the S-CSCF whether the user is > allowed to originate or terminate calls, or whether an application > server is required"? > HansErik: But the iFC concept is referred to later on, this was a > natural place to introduce it as it is not generally understioiod in the > IETF community. Or do I misinterpret your comment here? > > To be able for an S-CSCF to perform its responsibilities it needs to > determine on which users behalf it is performing its tasks and which > session case is applicable for the particular request. (For session > case see 3GPP TS 29.228 [11]) The session case distinguishes the > originating and terminating call cases and whether the particular > user is registered or not. > > When the S-CSCF determines that for an incoming initial request the > originating call case applies, it determines the served user by > looking at the P-Asserted-Identity header field ( RFC 3325 [4]) which > carries the network asserted identity of the originating user. When > after processing the iFC for this initial request the S-CSCF decides > to forward the request to an AS, the AS has to go through a similar > process of determining the session case and the served user. Since > it should come to the same conclusion that this is an originating > session case it has to look at the P-Asserted-Identy header field as > well to determine the served user. > > When the S-CSCF determines that for an incoming initial request the > terminating call case applies, it determines the served user by > looking at the Request-URI ( RFC 3261 [2]) which carries the identity > of the intended terminating user. When after processing the iFC for > this initial request the S-CSCF decides to forward the request to an > AS, the AS has to go through a similar process of determining the > session case and the served user. Since it should come to the same > conclusion that this is a terminating session case it has to look at > the Request-URI as well to determine the served user. > > In the originating case it can be observed that while the P-Asserted- > Identity header field just represents the originating user when it > enters the S-CSCF, it is overloaded with another meaning when it is > sent to an AS over the ISC interface. This other meaning is that it > serves as a representation of the served user. > > In the terminating case a similar overloading happens to the Request- > URI, while it first only represented the identity of the intended > terminating user, it is overloaded with another meaning when it is > sent to an AS over the ISC interface. This other meaning is that it > serves as a representation of the served user. > > In basic call scenarios this does not show up as a problem, but once > more complicated service scenarios (notably forwarding services) > needs to be realised it poses severe limitations. Such scenarios are > brought forward in the following sub sections. > > 3.2. Diversion; continue on terminating leg, but finish subsequent > terminating iFC first > > Spencer: given that sections 3.1-3.4 are very dense and repetitive, and > you think 3.2 justifies this header, you might either delete the others > or simply list additional scenarios in one paragraph. > HansErik: I think all the scenarios are needed, allthough they may seem > repetitive all emphasize another crucial aspect of the problem. 3.2 > overloading of the Request URI, 3.3 overloading of the > P-Asserted-Identity and 3.4 a non-forwarding scenario that shows that > there are also cases not related to forwarding that are not able to > realize because of P-Asserted-Identity overloading. > > > > > _______________________________________________ > Sipping mailing list https://www1.ietf.org/mailman/listinfo/sipping > This list is for NEW development of the application of SIP > Use sip-implementors@cs.columbia.edu for questions on current sip > Use sip@ietf.org for new developments of core SIP > > > _______________________________________________ > Sipping mailing list https://www1.ietf.org/mailman/listinfo/sipping > This list is for NEW development of the application of SIP > Use sip-implementors@cs.columbia.edu for questions on current sip > Use sip@ietf.org for new developments of core SIP > > > _______________________________________________ Sipping mailing list https://www1.ietf.org/mailman/listinfo/sipping This list is for NEW development of the application of SIP Use sip-implementors@cs.columbia.edu for questions on current sip Use sip@ietf.org for new developments of core SIP
- Re: RE: [Sipping] SIPPING review ofdraft-vanelbur… Spencer Dawkins