RE: [Sipping] draft-camarillo-sipping-sbc-funcs-02.txt
"Medhavi Bhatia" <mbhatia@nextone.com> Fri, 21 October 2005 17:34 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ET0mw-0005LY-6A; Fri, 21 Oct 2005 13:34:42 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ET0mu-0005LT-7b for sipping@megatron.ietf.org; Fri, 21 Oct 2005 13:34:40 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA20582 for <sipping@ietf.org>; Fri, 21 Oct 2005 13:34:30 -0400 (EDT)
Received: from dreadnought.cnchost.com ([207.155.248.18]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1ET0z5-00076N-Ir for sipping@ietf.org; Fri, 21 Oct 2005 13:47:16 -0400
Received: from LT10547 (pool-138-88-126-151.res.east.verizon.net [138.88.126.151]) by dreadnought.cnchost.com id NAA02932; Fri, 21 Oct 2005 13:34:27 -0400 (EDT) [ConcentricHost SMTP Relay 1.17]
Message-ID: <200510211734.NAA02932@dreadnought.cnchost.com>
From: Medhavi Bhatia <mbhatia@nextone.com>
To: henry@sinnreich.net, 'Arjun Roychowdhury' <arjunrc@gmail.com>
Subject: RE: [Sipping] draft-camarillo-sipping-sbc-funcs-02.txt
Date: Fri, 21 Oct 2005 13:34:24 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
In-Reply-To: <200510211357.JAA22962@ietf.org>
Thread-Index: AcXV8C6QbMUqojAPTHqGxQoRonqDOgAVkWzgAAdJ1KA=
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 944ecb6e61f753561f559a497458fb4f
Content-Transfer-Encoding: 7bit
Cc: 'sipping' <sipping@ietf.org>
X-BeenThere: sipping@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SIPPING Working Group \(applications of SIP\)" <sipping.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sipping@ietf.org>
List-Help: <mailto:sipping-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=subscribe>
Sender: sipping-bounces@ietf.org
Errors-To: sipping-bounces@ietf.org
BCP track? I think we still need a major focus change on the draft before it becomes more generally useful. The intent of the draft is the right thing to do, however it is really suggesting requirements on what needs to be done and can't be done using standardized SIP. Another case is the existence of similar behavior in other platforms like prepaid for broadband (which tends to use similar NAT traversal techniques). The case is that in some closed environments these mechanisms are seen as valid choices to make (Consider IMS/TISPAN border elements for example). I think the draft needs to focus on these alternate ways of doing things and potentially point out the considerations which need to be kept in mind when the implementers do the analysis and make a choice. It should definitely not make a case that the analysis needs to be done only for SBCs (which is why I think it needs a focus change). -Medhavi. > -----Original Message----- > From: sipping-bounces@ietf.org [mailto:sipping-bounces@ietf.org] On Behalf Of > henry@sinnreich.net > Sent: Friday, October 21, 2005 9:57 AM > To: 'Arjun Roychowdhury' > Cc: 'sipping' > Subject: RE: [Sipping] draft-camarillo-sipping-sbc-funcs-02.txt > > Arjun, > > We need not burden the list again with a new flare-up discussing SBCs all > over again and I apologize if I may have caused this discussion. > > Let's trust the authors of the I-D to add more substance to the Security > section and maybe deal with some of the other topics previously discussed. > > This is a document that should be quickly advanced on the BCP track, since > the topic is of high interest in the industry. > > Thanks, Henry > > -----Original Message----- > From: Arjun Roychowdhury [mailto:arjunrc@gmail.com] > Sent: Thursday, October 20, 2005 10:33 PM > To: henry@sinnreich.net > Cc: sipping > Subject: Re: [Sipping] draft-camarillo-sipping-sbc-funcs-02.txt > > I really feel like playing devils' advocate, since I know, deep > inside, you really think SBCs are nice kids who just need to be 'wired > right'. So here goes .... > > It seems the only unfriendly thing an SBC does is that it modifies > messages without the knowledge of the UAs - though this is not the > concern - the concern is that this in turn breaks end-end protection, > if it is used (that is the one consistent reason in all the sections). > > In all fairness, I have a hard time understanding why the SBC is > turning out to be the 'Anti-Internet'. The end-end principle of the > Internet has always been challenged at the network layer (which has > nothing to do with the application layer) for a long time, including > technologies like NAT, Firewalls,ALGs, relays, split DNS and similar. > Several RFCs talk about the realistic challenge of e-e and actually > discuss realistic scenarios where e-e may not work (The Rise of the > Middle and the Future of End-End - 3724) > > The biggest issue seems to be 'done without knowledge' and 'end-end > encryption' seems secondary, at least at the network layer of the > Internet (as an example, the NAT WG suggested RSIP as an adjunct to > NAT to make it 'friendly'). If this is the biggest problem, then the > solution is easier - let the SBC 'tell' the UAs via some SIP mechanism > that it is playing 'big brother'. That information could be used to > inform the UAs 'legally' that due to network policies the outside > world is not seeing what they are sending - and if the SBC tells them > what the change is, then maybe the UAs can get 'smarter' in operation > for that session. (Sorry, I am not smart enough to figure out what > 'smarter' really means, at least for now) > > > > > > - If the SBC is compromised (it happens on the Internet) then what are the > > vulnerabilities for (1) SIP signaling and (2) RTP media streams? > > This is a problem not specific to SBCs. What if the mailserver of a > corporate domain gets compromised ? What if the backend datastore of a > credit card company gets compromised by a web server exploit ? Same > story. > > regds > arjun > -- > Arjun Roychowdhury > > > > _______________________________________________ > Sipping mailing list https://www1.ietf.org/mailman/listinfo/sipping > This list is for NEW development of the application of SIP > Use sip-implementors@cs.columbia.edu for questions on current sip > Use sip@ietf.org for new developments of core SIP _______________________________________________ Sipping mailing list https://www1.ietf.org/mailman/listinfo/sipping This list is for NEW development of the application of SIP Use sip-implementors@cs.columbia.edu for questions on current sip Use sip@ietf.org for new developments of core SIP
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Dolly, Martin C, ALABS
- [Sipping] Re: draft-elwell-sipping-service-retarg… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… GARCIN Sebastien RD-CORE-ISS
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Henry Sinnreich
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Henry Sinnreich
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- [Sipping] Do we have a problem with History-Info … Dean Willis
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- [Sipping] draft-elwell-sipping-service-retargetin… Dean Willis
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Henry Sinnreich
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] draft-camarillo-sipping-sbc-funcs-0… Dan Wing
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Michael Hammer (mhammer)
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Paul Kyzivat
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Mary Barnes
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Mary Barnes
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- Re: [Sipping] Re: draft-elwell-sipping-service-re… David R Oran
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Dean Willis
- Re: [Sipping] Re: draft-elwell-sipping-service-re… Jeroen van Bemmel
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John
- [Sipping] draft-camarillo-sipping-sbc-funcs-02.txt henry
- Re: [Sipping] draft-camarillo-sipping-sbc-funcs-0… Arjun Roychowdhury
- RE: [Sipping] draft-camarillo-sipping-sbc-funcs-0… henry
- RE: [Sipping] draft-camarillo-sipping-sbc-funcs-0… Medhavi Bhatia
- RE: [Sipping] draft-camarillo-sipping-sbc-funcs-0… henry
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Francois Audet
- RE: [Sipping] draft-camarillo-sipping-sbc-funcs-0… Henry Sinnreich
- Re: [Sipping] draft-camarillo-sipping-sbc-funcs-0… David R Oran
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Dale R. Worley
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Dale R. Worley
- Re: [Sipping] draft-camarillo-sipping-sbc-funcs-0… Gonzalo Camarillo
- RE: [Sipping] Re: draft-elwell-sipping-service-re… Elwell, John