RE: [Sipping] I-D ACTION:draft-ietf-sipping-sipt-04.txt

["Peterson, Jon" <jon.peterson@neustar.biz>]

Support for Content-Disposition 'handling' parameter is now specified in
RFC3261 - it is not predicated on supporting any ISUP MIME bodies (although
the fact that the parameter happens to be defined in RFC3204 has admittedly
been a source consternation to some, especially outside the SIP community).
In fact, RFC3204 defines the parameter only because it happened to pass
before RFC3261 - originally, RFC2543bis defined the parameter and the
isup-mime Internet-Draft referenced it in bis, but the definition was moved
to RFC3204 in order to get the document through the IESG.
 
So, I don't think we need to import the concept of Trust Domains to SIP-T in
order to guarantee that the Content-Disposition 'handling' parameter will be
understood. This is no more unsafe than relying on remote endpoints to
support any other statute of RFC3261.
 
Jon Peterson
NeuStar, Inc.

-----Original Message-----
From: Mark Watson [mailto:mwatson@nortelnetworks.com]
Sent: Friday, July 12, 2002 8:08 PM
To: sipping@ietf.org
Subject: RE: [Sipping] I-D ACTION:draft-ietf-sipping-sipt-04.txt



All, 

As an aside to the security issue, there is an issue with respect to ISUP
compatibility which is not addressed by the use of S/MIME.

ISUP may carry information which is marked as 'essential' for the call to
continue according to the compatibility mechanism. If this information
cannot be propogated to a point where it is understood, then the call MUST
be released. Therefore handling of such ISUP bodies is mandatory
('handling=required' in the Content-Disposition).

In these cases, the message can only be sent if it is known that the
downstream nodes correctly act on the Content-Disposition header. S/MIME
will not help us here - the receiving node needs to be known to the sending
node a priori, and known to behave in this way (and authenticated) i.e. we
are in Trust Domain territory.

Does anyone feel this needs clarification ? My concern is that people may
mistakenly believe that S/MIME encryption/integrity makes it safe to send
ISUP bodies in all cases, whereas this is only the case if
'handling=optional'.

Regards, 

Mark 

> -----Original Message----- 
> From: Internet-Drafts@ietf.org [ mailto:Internet-Drafts@ietf.org
<mailto:Internet-Drafts@ietf.org> ] 
> Sent: 07 July 2002 17:33 
> Cc: sipping@ietf.org 
> Subject: [Sipping] I-D ACTION:draft-ietf-sipping-sipt-04.txt 
> 
> 
> A New Internet-Draft is available from the on-line 
> Internet-Drafts directories. 
> This draft is a work item of the Session Initiation Proposal 
> Investigation Working Group of the IETF. 
> 
>       Title           : SIP for Telephones (SIP-T): Context 
> and Architectures 
>       Author(s)       : A. Vemuri, J. Peterson 
>       Filename        : draft-ietf-sipping-sipt-04.txt 
>       Pages           : 32 
>       Date            : 05-Jul-02 
>       
> The popularity of gateways that interwork between the PSTN (Public 
> Switched Telephone Network) and SIP networks has motivated the 
> publication of a set ofcommon practices that can assure consistent 
> behavior across implementations.  This document taxonomizes the uses 
> of PSTN-SIP gateways, provides uses  cases, and identifies mechanisms 
> necessary for interworking.  The mechanisms detail how SIP provides 
> for both 'encapsulation' (carriage of PSTN signaling across a SIP 
> network) and 'translation' (protocol mapping). 
> 
> A URL for this Internet-Draft is: 
> http://www.ietf.org/internet-drafts/draft-ietf-sipping-sipt-04.txt
<http://www.ietf.org/internet-drafts/draft-ietf-sipping-sipt-04.txt>  
> 
> To remove yourself from the IETF Announcement list, send a message to 
> ietf-announce-request with the word unsubscribe in the body 
> of the message. 
> 
> Internet-Drafts are also available by anonymous FTP. Login 
> with the username 
> "anonymous" and a password of your e-mail address. After logging in, 
> type "cd internet-drafts" and then 
>       "get draft-ietf-sipping-sipt-04.txt". 
> 
> A list of Internet-Drafts directories can be found in 
> http://www.ietf.org/shadow.html <http://www.ietf.org/shadow.html>  
> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
<ftp://ftp.ietf.org/ietf/1shadow-sites.txt>  
> 
> 
> Internet-Drafts can also be obtained by e-mail. 
> 
> Send a message to: 
>       mailserv@ietf.org. 
> In the body type: 
>       "FILE /internet-drafts/draft-ietf-sipping-sipt-04.txt". 
>       
> NOTE: The mail server at ietf.org can return the document in 
>       MIME-encoded form by using the "mpack" utility.  To use this 
>       feature, insert the command "ENCODING mime" before the "FILE" 
>       command.  To decode the response(s), you will need "munpack" or 
>       a MIME-compliant mail reader.  Different MIME-compliant 
> mail readers 
>       exhibit different behavior, especially when dealing with 
>       "multipart" MIME messages (i.e. documents which have been split 
>       up into multiple messages), so check your local documentation on 
>       how to manipulate these messages. 
>               
>               
> Below is the data which will enable a MIME compliant mail reader 
> implementation to automatically retrieve the ASCII version of the 
> Internet-Draft. 
>