Re: [Sipping] WGLC Review: draft-ietf-sipping-capacity-attribute-01.txt

Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com> Fri, 22 September 2006 05:58 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GQe31-0002ma-So; Fri, 22 Sep 2006 01:58:03 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GQe30-0002mI-B4 for sipping@ietf.org; Fri, 22 Sep 2006 01:58:02 -0400
Received: from mailgw3.ericsson.se ([193.180.251.60]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GQe2r-0000zQ-Fs for sipping@ietf.org; Fri, 22 Sep 2006 01:58:02 -0400
Received: from esealmw128.eemea.ericsson.se (unknown [153.88.254.121]) by mailgw3.ericsson.se (Symantec Mail Security) with ESMTP id C02CD4F001C; Fri, 22 Sep 2006 07:56:45 +0200 (CEST)
Received: from esealmw126.eemea.ericsson.se ([153.88.254.170]) by esealmw128.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Fri, 22 Sep 2006 07:56:45 +0200
Received: from mail.lmf.ericsson.se ([131.160.11.50]) by esealmw126.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Fri, 22 Sep 2006 07:56:44 +0200
Received: from [131.160.36.35] (EH3I2003TGFCPET.lmf.ericsson.se [131.160.36.35]) by mail.lmf.ericsson.se (Postfix) with ESMTP id E14F42589; Fri, 22 Sep 2006 08:56:44 +0300 (EEST)
Message-ID: <45137B1C.40408@ericsson.com>
Date: Fri, 22 Sep 2006 08:56:44 +0300
From: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
User-Agent: Thunderbird 1.5.0.7 (Windows/20060909)
MIME-Version: 1.0
To: Samir Srivastava <samirsr@nortel.com>
Subject: Re: [Sipping] WGLC Review: draft-ietf-sipping-capacity-attribute-01.txt
References: <62B9B0847CC47543B6B3B5E26BD268E60E92541D@zrc2hxm2.corp.nortel.com>
In-Reply-To: <62B9B0847CC47543B6B3B5E26BD268E60E92541D@zrc2hxm2.corp.nortel.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 22 Sep 2006 05:56:44.0594 (UTC) FILETIME=[E2191920:01C6DE0B]
X-Brightmail-Tracker: AAAAAA==
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 5011df3e2a27abcc044eaa15befcaa87
Cc: Miguel Garcia <Miguel.An.Garcia@nokia.com>, sipping@ietf.org, Mary Barnes <mary.barnes@nortel.com>
X-BeenThere: sipping@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SIPPING Working Group \(applications of SIP\)" <sipping.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sipping@ietf.org>
List-Help: <mailto:sipping-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=subscribe>
Errors-To: sipping-bounces@ietf.org

Hi,

recommending S/MIME and SIPS has been the standard practice in all the 
drafts SIPPING has been producing in a long time. I do not think this 
draft is the place to discuss the relationship between TLS, IPsec, VPNs, 
etc. I believe such relationship must be tackled by the SIP 
specification and its updates.

Cheers,

Gonzalo


Samir Srivastava wrote:
> Hi Miguel,
> 
> My concerns were driven by the dynamic nature of cipher technologies.
> And we have the problems coming from others as SIPS is mentioned as
> *statically* for the security at numerous places.
> 
> IMHO, we should have boiler-plate kind of stuff in the security section
> which takes into the account the security provided by underlying secure
> protocol layers generically.
> 
> And then each specification addresses other security aspects for in
> particular to that specification in the separate paragraph in the
> Security Considerations.
> 
> Hopefully, it addresses the concerns of SIPS proponents in future.
> 
> Thx
> Samir
> 
>> -----Original Message-----
>> From: Miguel Garcia [mailto:Miguel.An.Garcia@nokia.com]
>> Sent: Thursday, September 21, 2006 3:30 AM
>> To: Srivastava, Samir (SC100:8826)
>> Cc: Barnes, Mary (RICH2:B601); Gonzalo.Camarillo@ericsson.com;
>> sipping@ietf.org
>> Subject: Re: [Sipping] WGLC Review:
> draft-ietf-sipping-capacity-attribute-
>> 01.txt
>>
>> I think the spirit of the text is not to exclude any technology. In
>> essence, any technology that is able to cypher SIP messages is
> suitable
>> to protect privacy. We should probably  mention TLS as an example of
> one
>> of such technologies.
>>
>> /Miguel
>>
>> Samir Srivastava wrote:
>>> Hi,
>>>
>>> What is the reason for not considering IPSEC tunnels in the text?
> DTLS
>>> is still open issue. So better open-ended text can be phrased like
>>>
>>> "... was sent over a secured channel provided by the underlying
> layers
>>> e.g.
>>> TLS, IPSEC ...."
>>>
>>> How long we want to carry S/MIME with it's deploy ability issues. If
>>> still we want to use S/MIME atleast known issues with it should be
>>> listed similar to 3261. Or reference to section of 3261 should be
> given.
>>>
>>> IMHO, SIP message means REQUEST and RESPONSE both. So the text
> should be
>>> well aligned like ".... SIP request unless the SIP request ..." or
> with
>>> the "message" word.
>>>
>>> Thx
>>> Samir
>>>
>>>> - Section 8, 3rd paragraph, 3rd sentence. "was" -> "is"
>>>> OLD:
>>>>    Eavesdroppers are able to watch URI-lists contained in SIP
>>>>    requests unless the SIP message was sent over a secured channel
>>> with
>>>>    Transport Layer Security (TLS) [3] or unless the URI-list body
>>> itself
>>>>    is encrypted with S/MIME [8].
>>>> NEW:
>>>>    Eavesdroppers are able to watch URI-lists contained in SIP
>>>>    requests unless the SIP message is sent over a secured channel
> with
>>>>    Transport Layer Security (TLS) [3] or unless the URI-list body
>>> itself
>>>>    is encrypted with S/MIME [8].
>>>>
>> --
>> Miguel A. Garcia           tel:+358-50-4804586
>> sip:miguel.garcia@neonsite.net
>> Nokia Research Center      Helsinki, Finland


_______________________________________________
Sipping mailing list  https://www1.ietf.org/mailman/listinfo/sipping
This list is for NEW development of the application of SIP
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sip@ietf.org for new developments of core SIP