Re: [siprec] FW: I-DAction:draft-hutton-siprec-session-recording-arch-01.txt
"Henry Lum" <Henry.Lum@alcatel-lucent.com> Mon, 05 July 2010 15:04 UTC
Return-Path: <Henry.Lum@alcatel-lucent.com>
X-Original-To: siprec@core3.amsl.com
Delivered-To: siprec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0FED43A68DD for <siprec@core3.amsl.com>; Mon, 5 Jul 2010 08:04:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.221
X-Spam-Level:
X-Spam-Status: No, score=-1.221 tagged_above=-999 required=5 tests=[AWL=-1.379, BAYES_50=0.001, HTML_MESSAGE=0.001, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3aEgflXQjXaX for <siprec@core3.amsl.com>; Mon, 5 Jul 2010 08:04:55 -0700 (PDT)
Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by core3.amsl.com (Postfix) with ESMTP id 2D0463A68ED for <siprec@ietf.org>; Mon, 5 Jul 2010 08:04:55 -0700 (PDT)
Received: from usnavsmail4.ndc.alcatel-lucent.com (usnavsmail4.ndc.alcatel-lucent.com [135.3.39.12]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id o65F4s7L017263 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 5 Jul 2010 10:04:55 -0500 (CDT)
Received: from relay-out2.dc (relay-out2.dc.genesyslab.com [172.22.68.188]) by usnavsmail4.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id o65F4q1U014726 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 5 Jul 2010 10:04:54 -0500
Received: from g2.genesyslab.com (g2.genesyslab.com [192.168.20.138]) by relay-out2.dc (8.13.8+Sun/8.13.8) with ESMTP id o65F4q6o013277; Mon, 5 Jul 2010 08:04:52 -0700 (PDT)
Received: from NAHALD.us.int.genesyslab.com ([192.168.20.92]) by g2.genesyslab.com with Microsoft SMTPSVC(6.0.3790.4675); Mon, 5 Jul 2010 08:04:51 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CB1C53.6B193C62"
Date: Mon, 05 Jul 2010 08:03:47 -0700
Message-ID: <059AF07365DC474393A19A3AF187DF7405D3DC7E@NAHALD.us.int.genesyslab.com>
In-Reply-To: <AANLkTin_dY08TyXYKuV4y6JyNQPII-0WC2dwXTgIPFzr@mail.gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [siprec] FW: I-DAction:draft-hutton-siprec-session-recording-arch-01.txt
Thread-Index: AcsaH52zd6TwG8nqQqikj3oLhwVjVgCMqSWQ
References: <101C6067BEC68246B0C3F6843BCCC1E3070DDA9BA1@MCHP058A.global-ad.net><AANLkTilUmhE1XeYruD1mhts-NFqaOLoI_W_UN_NZjwPB@mail.gmail.com><101C6067BEC68246B0C3F6843BCCC1E3070FCD2D9E@MCHP058A.global-ad.net><4C2E2646.3060306@cisco.com><AANLkTilezZo979Nc8C_aa1WGW4d6on2rdauKz-DKZ-5e@mail.gmail.com><4C2E3B79.4030909@cisco.com> <AANLkTin_dY08TyXYKuV4y6JyNQPII-0WC2dwXTgIPFzr@mail.gmail.com>
From: Henry Lum <Henry.Lum@alcatel-lucent.com>
To: Peter Musgrave <peter.musgrave@magorcorp.com>, Paul Kyzivat <pkyzivat@cisco.com>
X-OriginalArrivalTime: 05 Jul 2010 15:04:51.0920 (UTC) FILETIME=[6B5B4D00:01CB1C53]
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.12
Cc: siprec@ietf.org
Subject: Re: [siprec] FW: I-DAction:draft-hutton-siprec-session-recording-arch-01.txt
X-BeenThere: siprec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Recording Working Group Discussion List <siprec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/siprec>, <mailto:siprec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/siprec>
List-Post: <mailto:siprec@ietf.org>
List-Help: <mailto:siprec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/siprec>, <mailto:siprec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jul 2010 15:04:57 -0000
Hi Peter, Another problem with the proxy approach is that the proxy must share the SRTP private keys in the CS to the recorder in the 3pcc call leg since the recorder is acting both as the recorder and the media relay. This could potentially be a security risk and there is a requirement REQ-032 that states we cannot do this. Regards, Henry From: siprec-bounces@ietf.org [mailto:siprec-bounces@ietf.org] On Behalf Of Peter Musgrave Sent: July-02-10 3:49 PM To: Paul Kyzivat Cc: siprec@ietf.org Subject: Re: [siprec] FW: I-DAction:draft-hutton-siprec-session-recording-arch-01.txt Inline On Fri, Jul 2, 2010 at 3:18 PM, Paul Kyzivat <pkyzivat@cisco.com> wrote: Peter Musgrave wrote: Hi Paul/Andrew, I guess what I had in mind was something like the flow below (where the proxy is in the signalling path and the RS is inserted as a recording media relay). It's essentially a low-tech 3PCC approach. The same kind of thing could be done mid-call with reINVITEs. I suspect there are better approaches - but hopefully this is illustrative. The proxy uses 3PCC to get A to send to r1 and B to send to r2. The RS relays media from r1 <-> r2 and records each stream. If I understand what you are proposing, it puts the SRS in the media path between Alice and Bob. Yes. This is a blessing and a curse. It ensures that calls where the RS is unavailable do not succeed - so it is likely only appropriate for applications where recording is critical. (Although the proxy could issue reINVITEs and reconnect A and B directly if it can detect the RS has failed). As shown I don't see how it works. The SRS must provide both an offer for Bob and an answer for Alice (that it will splice together) without even having seen Alice's offer. If there is *any* variability in media types, codecs, codec parameters, format numbering, etc. that isn't going to work. Doh! Your are correct. This can be fixed up by sending A's SDP to the RS. There might be better 3PCC sequences as well. The take away is that the proxy can mess with the SDPs so as to insert the RS into the media path. I'm not saying it's a great approach - but if I'm a proxy and I want to do recording I can make it happen. I think a doc which tries to define architectures for recording should say something about proxies (or say that stateful proxy architectures have been considered but have limitations). Cheers, Peter Thanks, Paul I think recording is more likely to be implemented in the SIP server (be that a B2B or proxy) and I think excluding proxies from the recording architecture is a fairly serious limitation. [It's actually ironic I'm sticking up for proxies - since I spent most of my time in a previous job working on B2B's]. Cheers, Peter Alice SProxy RS Bob | | | | | | | | | | | | |INVITE callid=1 (sdp a) | | | |----------------------->| | | | | | | | | | | | |INVITE callid=2(no sdp) | | | |----------------------->| | | | | | | | | | | |200 OK (sdp r1:r2) | | | |<-----------------------| | | | | | | | | | | |INVITE callid=1(sdp r2) | | | |------------------------------------------------>| | | | | | | | | | |200 OK (sdp b) | | | |<------------------------------------------------| | | | | | | | | | |ACK (sdp a:b) | | | |----------------------->| | | | | | | | | | |200 OK (sdp r1) | | | |<-----------------------| | | | | | | | | | | |ACK | | | |----------------------->| | | | | | | | | | | | | | | On Fri, Jul 2, 2010 at 1:47 PM, Paul Kyzivat <pkyzivat@cisco.com <mailto:pkyzivat@cisco.com>> wrote: > > > Hutton, Andrew wrote: >> >> Hi Peter, >> >> I am not sure how this would work using a stateful proxy maybe if you sent >> me a picture and/or some text describing how a stateful proxy could create >> the recording session it would help. > > I too am scratching my head to decide if this could be feasible. > > The only thing that comes to mind is: > > If a proxy in the signaling path for a CS decides that recording is > required, it could send a REFER to an SRS with the Refer-To uri being one of > the participants in the CS, and with a Join header referencing the CS > dialog. > > In that case, the SRC would end up being the UAC or UAS of the CS. The proxy > would not even need to be stateful in that case. In effect it is just one > more way for the SRS to be the initiator of the RC. > > There are however lots of limitations to this that may result in it not > being an interesting solution. > > Thanks, > Paul > >> Regards >> Andy >> >>> >>> -----Original Message----- >>> From: Peter Musgrave [mailto:peter.musgrave@magorcorp.com <mailto:peter.musgrave@magorcorp.com>] Sent: 21 June >>> 2010 18:58 >>> To: Hutton, Andrew >>> Cc: siprec@ietf.org <mailto:siprec@ietf.org> >>> Subject: Re: [siprec] FW: I-D >>> Action:draft-hutton-siprec-session-recording-arch-01.txt >>> >>> Hi Andrew, >>> >>> I agree with the sentiment that the doc is in good shape. >>> >>> My only question is whether the two architectural choices (B2B or >>> endpoint) are enough. Do we see any need for looking at an >>> architecture which would allow a stateful proxy to ensure recording >>> occurs on calls? If this is viewed as a logical sub-case of the B2B >>> man-in-middle mode then perhaps that could be explicitly stated? >>> >>> Regards, >>> >>> Peter Musgrave >>> >>> On Fri, Jun 18, 2010 at 12:33 PM, Hutton, Andrew >>> <andrew.hutton@siemens-enterprise.com <mailto:andrew.hutton@siemens-enterprise.com>> wrote: >>>> >>>> From: i-d-announce-bounces@ietf.org <mailto:i-d-announce-bounces@ietf.org> >>> >>> [mailto:i-d-announce-bounces@ietf.org <mailto:i-d-announce-bounces@ietf.org>] On Behalf Of >>> Internet-Drafts@ietf.org <mailto:Internet-Drafts@ietf.org> >>>> >>>> Sent: 18 June 2010 17:30 >>>> To: i-d-announce@ietf.org <mailto:i-d-announce@ietf.org> >>>> Subject: I-D >>> >>> Action:draft-hutton-siprec-session-recording-arch-01.txt >>>> >>>> A New Internet-Draft is available from the on-line >>> >>> Internet-Drafts directories. >>>> >>>> Title : An Architecture for Media >>> >>> Recording using the Session Initiation Protocol >>>> >>>> Author(s) : A. Hutton, et al. >>>> Filename : >>> >>> draft-hutton-siprec-session-recording-arch-01.txt >>>> >>>> Pages : 15 >>>> Date : 2010-06-18 >>>> >>>> Session recording is a critical requirement in many communications >>>> environments such as call centers and financial trading. In some of >>>> these environments, all calls must be recorded for regulatory, >>>> compliance, and consumer protection reasons. Recording of a session >>>> is typically performed by sending a copy of a media stream to a >>>> recording device. This document describes architectures for >>>> deploying session recording solutions in an environment which is >>>> based on the Session Initiation Protocol (SIP). >>>> >>>> A URL for this Internet-Draft is: >>>> >>> http://www.ietf.org/internet-drafts/draft-hutton-siprec-sessio >>> n-recording-arch-01.txt >>>> >>>> Internet-Drafts are also available by anonymous FTP at: >>>> ftp://ftp.ietf.org/internet-drafts/ >>>> >>>> Below is the data which will enable a MIME compliant mail reader >>>> implementation to automatically retrieve the ASCII version of the >>>> Internet-Draft. >>>> >>>> _______________________________________________ >>>> siprec mailing list >>>> siprec@ietf.org <mailto:siprec@ietf.org> >>>> https://www.ietf.org/mailman/listinfo/siprec >>>> >>>> >> _______________________________________________ >> siprec mailing list >> siprec@ietf.org <mailto:siprec@ietf.org> >> https://www.ietf.org/mailman/listinfo/siprec >> > ------------------------------------------------------------------------------------------------------------------- CONFIDENTIALITY NOTICE: This e-mail and any files attached may contain confidential and proprietary information of Alcatel-Lucent and/or its affiliated entities. Access by the intended recipient only is authorized. Any liability arising from any party acting, or refraining from acting, on any information contained in this e-mail is hereby excluded. If you are not the intended recipient, please notify the sender immediately, destroy the original transmission and its attachments and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Copyright in this e-mail and any attachments belongs to Alcatel-Lucent and/or its affiliated entities.
- [siprec] FW: I-D Action:draft-hutton-siprec-sessi… Hutton, Andrew
- Re: [siprec] FW: I-D Action:draft-hutton-siprec-s… Paul Kyzivat
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Ram Mohan R (rmohanr)
- Re: [siprec] FW: I-D Action:draft-hutton-siprec-s… Peter Musgrave
- Re: [siprec] FW:I-DAction:draft-hutton-siprec-ses… Henry Lum
- Re: [siprec] FW:I-DAction:draft-hutton-siprec-ses… Leon Portman
- Re: [siprec] FW: I-D Action:draft-hutton-siprec-s… Hutton, Andrew
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Deepanshu Gautam
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Paul Kyzivat
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Deepanshu Gautam
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Elwell, John
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Paul Kyzivat
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Deepanshu Gautam
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Paul Kyzivat
- Re: [siprec] FW: I-D Action:draft-hutton-siprec-s… Hutton, Andrew
- Re: [siprec] FW: I-D Action:draft-hutton-siprec-s… Paul Kyzivat
- Re: [siprec] FW: I-D Action:draft-hutton-siprec-s… Peter Musgrave
- Re: [siprec] FW: I-D Action:draft-hutton-siprec-s… Paul Kyzivat
- Re: [siprec] FW: I-D Action:draft-hutton-siprec-s… Peter Musgrave
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Henry Lum
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Peter Musgrave
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Deepanshu Gautam
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Hutton, Andrew
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Deepanshu Gautam
- Re: [siprec] FW: I-DAction:draft-hutton-siprec-se… Hutton, Andrew