IETF Logo Mail Archive

Re: [Sipping] Possible Solution to HERFP

Jonathan Rosenberg <jdrosen@cisco.com> Sun, 31 July 2005 10:39 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DzBE5-0004l2-Gc; Sun, 31 Jul 2005 06:39:25 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DzBE2-0004kh-RI for sipping@megatron.ietf.org; Sun, 31 Jul 2005 06:39:23 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA16222 for <sipping@ietf.org>; Sun, 31 Jul 2005 06:39:19 -0400 (EDT)
Received: from ams-iport-1.cisco.com ([144.254.224.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1DzBk5-00057B-3a for sipping@ietf.org; Sun, 31 Jul 2005 07:12:30 -0400
Received: from ams-core-1.cisco.com (144.254.224.150) by ams-iport-1.cisco.com with ESMTP; 31 Jul 2005 12:39:14 +0200
Received: from xbh-ams-332.emea.cisco.com (xbh-ams-332.cisco.com [144.254.231.87]) by ams-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id j6VAdBDg007408; Sun, 31 Jul 2005 12:39:11 +0200 (MEST)
Received: from xfe-ams-331.emea.cisco.com ([144.254.231.72]) by xbh-ams-332.emea.cisco.com with Microsoft SMTPSVC(6.0.3790.0); Sun, 31 Jul 2005 12:39:10 +0200
Received: from [86.255.25.104] ([10.58.48.33]) by xfe-ams-331.emea.cisco.com with Microsoft SMTPSVC(6.0.3790.0); Sun, 31 Jul 2005 12:39:10 +0200
Message-ID: <42EC431A.9010508@cisco.com>
Date: Sat, 30 Jul 2005 23:18:50 -0400
From: Jonathan Rosenberg <jdrosen@cisco.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Rohan Mahy <rohan@ekabal.com>
Subject: Re: [Sipping] Possible Solution to HERFP
References: <dbf0b6ae20c7c5636fe0b2660c1dc1c3@ekabal.com>
In-Reply-To: <dbf0b6ae20c7c5636fe0b2660c1dc1c3@ekabal.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 31 Jul 2005 10:39:10.0246 (UTC) FILETIME=[15D2E460:01C595BC]
X-Spam-Score: 0.6 (/)
X-Scan-Signature: 10ba05e7e8a9aa6adb025f426bef3a30
Content-Transfer-Encoding: 7bit
Cc: 'sipping' WG <sipping@ietf.org>
X-BeenThere: sipping@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SIPPING Working Group \(applications of SIP\)" <sipping.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sipping@ietf.org>
List-Help: <mailto:sipping-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=subscribe>
Sender: sipping-bounces@ietf.org
Errors-To: sipping-bounces@ietf.org

Rohan,

Thanks for revisiting this. I like the draft and think it has merit.

In some sense, the approach is not far from another solution to herfp 
which Jon P. has, inadvertently I think, proposed - that you disallow 
retargeting and require redirect. If, instead of the proxy forking a 
request to N destinations, it redirects with N contacts, each of which 
is actually a gruu URI that routes to the instance which was to be the 
target, you also end up eliminating the herfp problem. Your solution is 
similar by having the proxy tunnel a "redirect" in the 130 response, but 
  you persist the original transaction. That allows the proxy to retain 
control over the forking of the request, while giving the UAC the 
ability to repair the failed branch.

A litmus test for any herfp solution is whether it works for a 
sequential ring kind of application (ring phone 1, then phone 2 after 
10s, then phone 3 after another 10) when phones 1 or two generate a 
repairable error response. I believe your solution meets the litmus 
test. Since the proxy still has the original transaction running, if the 
"child" transaction to phone 2 times out after 10s (assuming phone 2 had 
generated the repairable response), the proxy can cancel the child 
transaction and sequence to the next branch of the original transaction.

I think the usage of response identity as the security mechanism here 
makes no sense. If you want to authorize the 130, you should send the 
original request with sips. I believe the desired property is that you 
would trust a 130 sent by any proxy on the original request path. As 
such, there would be no need for a client-initiated CANCEL in the case 
of a mistrusted response, and this CANCEL was the source of the problems 
discussed previously in this thread.

I think a proxy generating a 130 also needs to set a timer, to deal with 
the case that the client does not try to repair. In such a case, it 
could treat the branch on the original transaction as if it had gotten a 
487. This would allow the sequential forking application litmus test 
above to still work in cases where the client elects not to repair.

Like gruu, you need to discuss the validity and lifecycle maintenance of 
these branch URI. I think that they remain valid only as long as the 
original transaction remains active at the proxy. This would imply that 
constructing such a branch URI is probably done by encoding the outgoing 
branch ID into the user part of the URI. The domain part would be 
constructed so that it routes to that proxy.

What does the proxy do if the user cancels the original transaction? 
Does the proxy CANCEL the children transactions? I think it should. In a 
sense, the child transaction is a stand-in for the failed branch, 
replacing it so that the branch sort-of exists still, but with a 
separate set of transaction identifiers. As such, anything that would 
cause the proxy to terminate the original branch should terminate the child.

Thanks,
Jonathan R.



Rohan Mahy wrote:

> Hi Folks,
> 
> I just submitted a new individual I-D that describes a possible  
> solution to the Heterogeneous Error Response Forking Protocol.  Until  
> it appears in the archives, you can find it here:
> 
> https://scm.sipfoundry.org/rep/ietf-drafts/rohan/herf-fix/draft-mahy- 
> sipping-herfp-fix-00.txt
> https://scm.sipfoundry.org/rep/ietf-drafts/rohan/herf-fix/draft-mahy- 
> sipping-herfp-fix-00.html
> 
> thanks,
> -rohan
> (as an individual)
> 
> 
> _______________________________________________
> Sipping mailing list  https://www1.ietf.org/mailman/listinfo/sipping
> This list is for NEW development of the application of SIP
> Use sip-implementors@cs.columbia.edu for questions on current sip
> Use sip@ietf.org for new developments of core SIP
> 

-- 
Jonathan D. Rosenberg, Ph.D.                   600 Lanidex Plaza
Director, Service Provider VoIP Architecture   Parsippany, NJ 07054-2711
Cisco Systems
jdrosen@cisco.com                              FAX:   (973) 952-5050
http://www.jdrosen.net                         PHONE: (973) 952-5000
http://www.cisco.com

_______________________________________________
Sipping mailing list  https://www1.ietf.org/mailman/listinfo/sipping
This list is for NEW development of the application of SIP
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sip@ietf.org for new developments of core SIP

v2.23.0 | Report a Bug | By Email