Re: [splices] SIP INVOKE method

Paul Kyzivat <pkyzivat@cisco.com> Wed, 18 May 2011 12:58 UTC

Return-Path: <pkyzivat@cisco.com>
X-Original-To: splices@ietfa.amsl.com
Delivered-To: splices@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66151E06C7 for <splices@ietfa.amsl.com>; Wed, 18 May 2011 05:58:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.511
X-Spam-Level:
X-Spam-Status: No, score=-110.511 tagged_above=-999 required=5 tests=[AWL=0.088, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C-0+ddNb-35G for <splices@ietfa.amsl.com>; Wed, 18 May 2011 05:58:22 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id 59947E06AC for <splices@ietf.org>; Wed, 18 May 2011 05:58:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=pkyzivat@cisco.com; l=1535; q=dns/txt; s=iport; t=1305723502; x=1306933102; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=tUQmepYw/hknb8laZHg7f6Mh5y/0NtUhihU8xyGp6Nw=; b=Kv0pp/MFi6FAIhX8FtlBlpFcDiJtdevU7dxJlT25XK5/LFfbxwy9a6SB 1KrzjiorPNuVCAT4KCgW1Rg18IEWzMEZexuL9gFHqjdabn/8VbzOek8Ty irxf//+erbytvUfOCEcLNNv1SgZ0uIuJcZFo/LSRljQKITQ59TdXbPWBP Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AiABAH/B001Io8UT/2dsb2JhbACXTI5Md4hwoHieCYYZBJARhC+KYg
X-IronPort-AV: E=Sophos;i="4.65,231,1304294400"; d="scan'208";a="89218693"
Received: from bgl-core-4.cisco.com ([72.163.197.19]) by ams-iport-1.cisco.com with ESMTP; 18 May 2011 12:58:20 +0000
Received: from [161.44.174.124] (dhcp-161-44-174-124.cisco.com [161.44.174.124]) by bgl-core-4.cisco.com (8.14.3/8.14.3) with ESMTP id p4ICwI98024537; Wed, 18 May 2011 12:58:19 GMT
Message-ID: <4DD3C26A.9050705@cisco.com>
Date: Wed, 18 May 2011 08:58:18 -0400
From: Paul Kyzivat <pkyzivat@cisco.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10
MIME-Version: 1.0
To: "Shekh-Yusef, Rifaat (Rifaat)" <rifatyu@avaya.com>
References: <6369CB70BFD88942B9705AC1E639A33822CBDA8EBF@DC-US1MBEX4.global.avaya.com> <BANLkTinLjrS3DocT=_MbnDrHdoTLs7RuhQ@mail.gmail.com> <6369CB70BFD88942B9705AC1E639A33822CBDA9548@DC-US1MBEX4.global.avaya.com> <4DD2C7BF.1030000@cisco.com> <6369CB70BFD88942B9705AC1E639A33822CBE5C339@DC-US1MBEX4.global.avaya.com>
In-Reply-To: <6369CB70BFD88942B9705AC1E639A33822CBE5C339@DC-US1MBEX4.global.avaya.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "splices@ietf.org" <splices@ietf.org>
Subject: Re: [splices] SIP INVOKE method
X-BeenThere: splices@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Loosely-coupled SIP Devices \(splices\) working group discussion list" <splices.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/splices>, <mailto:splices-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/splices>
List-Post: <mailto:splices@ietf.org>
List-Help: <mailto:splices-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/splices>, <mailto:splices-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 May 2011 12:58:23 -0000

On 5/18/2011 7:29 AM, Shekh-Yusef, Rifaat (Rifaat) wrote:
> Hi Paul,
>
> I think that the main reason for using Headers for actions and parameters is to allow for proxy applications on the call path to recognize the requested action, as some UAs might encrypt the body part.

Hmm. That seems to me to be more reason to use a body part!

What possible reason would an intermediary have for snooping into these 
actions?

Note that this functionality is *very* sensitive - in the wrong hands 
this stuff can do great damage. I predict that there will be a lot of 
demand for very strong security considerations. Putting the action in a 
body and encrypting it might be a good approach.

	Thanks,
	Paul

> Regards,
>   Rifaat
>
>
>> -----Original Message-----
>> From: splices-bounces@ietf.org [mailto:splices-bounces@ietf.org] On Behalf Of
>> Paul Kyzivat
>> Sent: Tuesday, May 17, 2011 3:09 PM
>> To: splices@ietf.org
>> Subject: Re: [splices] SIP INVOKE method
>>
>>
>>
>> On 5/17/2011 2:20 PM, Shekh-Yusef, Rifaat (Rifaat) wrote:
>>
>>> Yes, and I have the following open question about these parameters:
>>> Should a separate header be defined for action parameters?
>>
>> I can be convinced otherwise (by a good justification), but I'm inclined
>> toward describing the action and any parameters in a body part.
>>
>> 	Thanks,
>> 	Paul
>> _______________________________________________
>> splices mailing list
>> splices@ietf.org
>> https://www.ietf.org/mailman/listinfo/splices
>