Re: [Sipping] new draft on ICE for opening SIP dialogs: draft-lowekamp-sipping-ice-for-sip-00
Jonathan Rosenberg <jdrosen@cisco.com> Sat, 17 November 2007 06:49 UTC
Return-path: <sipping-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1ItHUz-0001sX-0j; Sat, 17 Nov 2007 01:49:49 -0500
Received: from sipping by megatron.ietf.org with local (Exim 4.43) id 1ItHUx-0001q9-2R for sipping-confirm+ok@megatron.ietf.org; Sat, 17 Nov 2007 01:49:47 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1ItHUw-0001p3-MW for sipping@ietf.org; Sat, 17 Nov 2007 01:49:46 -0500
Received: from rtp-iport-2.cisco.com ([64.102.122.149]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1ItHUt-00018A-0T for sipping@ietf.org; Sat, 17 Nov 2007 01:49:46 -0500
Received: from rtp-dkim-1.cisco.com ([64.102.121.158]) by rtp-iport-2.cisco.com with ESMTP; 17 Nov 2007 01:49:43 -0500
Received: from rtp-core-2.cisco.com (rtp-core-2.cisco.com [64.102.124.13]) by rtp-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id lAH6ngnE009947; Sat, 17 Nov 2007 01:49:42 -0500
Received: from xbh-rtp-211.amer.cisco.com (xbh-rtp-211.cisco.com [64.102.31.102]) by rtp-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id lAH6ngVt029412; Sat, 17 Nov 2007 06:49:42 GMT
Received: from xfe-rtp-202.amer.cisco.com ([64.102.31.21]) by xbh-rtp-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Sat, 17 Nov 2007 01:49:42 -0500
Received: from [10.82.224.9] ([10.82.224.9]) by xfe-rtp-202.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Sat, 17 Nov 2007 01:49:42 -0500
Message-ID: <473E8F26.4090308@cisco.com>
Date: Sat, 17 Nov 2007 01:50:14 -0500
From: Jonathan Rosenberg <jdrosen@cisco.com>
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: Bruce Lowekamp <lowekamp@sipeerior.com>
Subject: Re: [Sipping] new draft on ICE for opening SIP dialogs: draft-lowekamp-sipping-ice-for-sip-00
References: <20d2bdfb0711140456s462aeec8i8e46da10b537ca7c@mail.gmail.com>
In-Reply-To: <20d2bdfb0711140456s462aeec8i8e46da10b537ca7c@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 17 Nov 2007 06:49:42.0070 (UTC) FILETIME=[07EE3560:01C828E6]
X-TM-AS-Product-Ver: SMEX-8.0.0.1181-5.000.1023-15550.002
X-TM-AS-Result: No--30.465200-8.000000-31
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=3687; t=1195282182; x=1196146182; c=relaxed/simple; s=rtpdkim1001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jdrosen@cisco.com; z=From:=20Jonathan=20Rosenberg=20<jdrosen@cisco.com> |Subject:=20Re=3A=20[Sipping]=20new=20draft=20on=20ICE=20for=20opening=20 SIP=20dialogs=3A=09draft-lowekamp-sipping-ice-for-sip-00 |Sender:=20 |To:=20Bruce=20Lowekamp=20<lowekamp@sipeerior.com>; bh=aOAJztM9WSEuQCKZhitgfgg6z43an+gS97BNZAnf350=; b=G6iaeoNz2wEppSzDvEAr8SfKAVvX+1EnvLL1XERhB5wuHG0WWcbl7+d1PaN0f/P23GAuHLja bEOXhnBIyE2iwcSKa0OJfNubZB7k5VcryhOX5ZQuARYvIfmTH5ixi68Z;
Authentication-Results: rtp-dkim-1; header.From=jdrosen@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim1001 verified; );
X-Spam-Score: -4.0 (----)
X-Scan-Signature: b280b4db656c3ca28dd62e5e0b03daa8
Cc: sipping@ietf.org
X-BeenThere: sipping@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SIPPING Working Group \(applications of SIP\)" <sipping.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sipping@ietf.org>
List-Help: <mailto:sipping-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=subscribe>
Errors-To: sipping-bounces@ietf.org
Bruce, Interesting draft. My biggest concern is that in practice this would never be utilized in a regular SIP proxy chain since it requires every proxy along the path to support the mechanism. I wonder if there are intermediate solutions that allow path optimization along subsets of the path. Not obvious how to do that, but a thought. It was entirely unclear to me how the e2e TLS connection is authenticated. What certificate does each endpoint use? It seems like we need something like DTLS-SRTP that exchanges a fingerprint of a self-signed cert in the SDP routed through the proxy chain, and that is used to drive the e2e TLS connection. Seems like a big part of the motivation here is in p2psip, to find a way to route the initial INVITE tunneled through the DHT, and then later on do ICE to optimize this out. The purported reason for this is that call setups are faster when the INVITE is tunneled through the DHT. That may be true, but I think the difference is irrelevant. In a consumer DHT, you'll have nodes all over the world. So each hop through the DHT can be pretty long, 100ms+ perhaps. If it takes log hops to get through, for any reasonable sized DHT this is between 10 and 20 hops. So you are already in the 1-2 second delay range to cross the DHT. ICE itself will ideally complete in a few RTT between caller and called party, and thus is a small percentage of the overall penalty you already paid traversing the DHT. Given that the mechanism in here is a big change in SIP and probably ONLY usfeul in the p2psip case (given the comment above on limited applicability because each hop needs to support it), I think we better understand the real delay improvements associated with it. Thanks, Jonathan R. Bruce Lowekamp wrote: > Title: Using ICE to establish SIP Dialogs > > Abstract: > This draft explores a way SIP can be extended to allow a new dialog > directly between the endpoints to replace an initial dialog that had > one or more proxies in the signalling path. This technique relies on > ICE to perform hole punching that allows a direct connection to be > used in deployments where a sip-outbound proxy or SBC is used to > establish SIP connections across NAT or firewall boundaries. It can > also be used to replace such a dialog with a secure connection > directly between the endpoints. This technique can be applied to > traditional proxy-based SIP routing as well as to emerging P2PSIP > deployments that lack centrally located proxies. > > This draft describes early work that evolved from ideas initially > developed for P2PSIP that are no longer being pursued. We are > interested in feedback on whether there is broader interest in these > techniques. > > > Author(s): > Bruce Lowekamp, lowekamp@sipeerior.com > David Bryan, dbryan@sipeerior.com > > The automatic submission tool failed on this draft, but it's currently > located at > http://www3.ietf.org/proceedings/staging/draft-lowekamp-sipping-ice-for-sip-00.txt > > Bruce > > > _______________________________________________ > Sipping mailing list https://www1.ietf.org/mailman/listinfo/sipping > This list is for NEW development of the application of SIP > Use sip-implementors@cs.columbia.edu for questions on current sip > Use sip@ietf.org for new developments of core SIP > -- Jonathan D. Rosenberg, Ph.D. 499 Thornall St. Cisco Fellow Edison, NJ 08837 Cisco, Voice Technology Group jdrosen@cisco.com http://www.jdrosen.net PHONE: (408) 902-3084 http://www.cisco.com _______________________________________________ Sipping mailing list https://www1.ietf.org/mailman/listinfo/sipping This list is for NEW development of the application of SIP Use sip-implementors@cs.columbia.edu for questions on current sip Use sip@ietf.org for new developments of core SIP
- [Sipping] new draft on ICE for opening SIP dialog… Bruce Lowekamp
- Re: [Sipping] new draft on ICE for opening SIP di… Jonathan Rosenberg
- Re: [Sipping] new draft on ICE for opening SIP di… Henning Schulzrinne
- RE: [Sipping] new draft on ICE for opening SIPdia… Christer Holmberg
- Re: [Sipping] new draft on ICE for opening SIPdia… Bruce Lowekamp