Re: [Stox] AD evaluation: draft-ietf-stox-groupchat-08

Ben Campbell <ben@nostrum.com> Mon, 09 February 2015 23:01 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: stox@ietfa.amsl.com
Delivered-To: stox@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CBF11A8A67 for <stox@ietfa.amsl.com>; Mon, 9 Feb 2015 15:01:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gd5z02y3G4Ki for <stox@ietfa.amsl.com>; Mon, 9 Feb 2015 15:01:33 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE6AF1A8A62 for <stox@ietf.org>; Mon, 9 Feb 2015 15:01:33 -0800 (PST)
Received: from [10.0.1.23] (cpe-173-172-146-58.tx.res.rr.com [173.172.146.58]) (authenticated bits=0) by nostrum.com (8.14.9/8.14.7) with ESMTP id t19N1RoR012357 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 9 Feb 2015 17:01:28 -0600 (CST) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-173-172-146-58.tx.res.rr.com [173.172.146.58] claimed to be [10.0.1.23]
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
From: Ben Campbell <ben@nostrum.com>
In-Reply-To: <FE21FF93-5980-442F-A9FE-EC5EA9FCFBDE@nostrum.com>
Date: Mon, 9 Feb 2015 17:01:27 -0600
X-Mao-Original-Outgoing-Id: 445215687.275651-c55bc4dbc69678c762fc020dc2bb3359
Content-Transfer-Encoding: quoted-printable
Message-Id: <ED13BDE2-1E78-41C9-92AD-1416E113418F@nostrum.com>
References: <71D99F08-87C8-4E4A-9DC3-2DC3C2991B1B@cooperw.in> <54CFACEA.1040304@andyet.net> <F93B50AE-EDB0-4111-8CC6-1724BB4CDC1E@nostrum.com> <54D55765.7050000@andyet.net> <FE21FF93-5980-442F-A9FE-EC5EA9FCFBDE@nostrum.com>
To: Peter Saint-Andre - &yet <peter@andyet.net>
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/stox/n6jBh_BJII3qURr7OhR_e1iBTf4>
Cc: stox@ietf.org, Alissa Cooper <alissa@cooperw.in>
Subject: Re: [Stox] AD evaluation: draft-ietf-stox-groupchat-08
X-BeenThere: stox@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP-TO-XMPP Working Group discussion list <stox.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stox>, <mailto:stox-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stox/>
List-Post: <mailto:stox@ietf.org>
List-Help: <mailto:stox-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stox>, <mailto:stox-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Feb 2015 23:01:37 -0000

(Alissa pointed out that I left the STOX list of of these--resending.)

One more thing: The SIP CSeq headers are incorrect in several places. CSeq is missing from most SIP messages, except in BYE requests.

(This is also true for stox-chat. I will send notes on that separately.)

/Ben

> On Feb 6, 2015, at 11:11 PM, Ben Campbell <ben@nostrum.com> wrote:
> 
> 
>> On Feb 6, 2015, at 6:08 PM, Peter Saint-Andre - &yet <peter@andyet.net> wrote:
>> 
>> Ben, thanks again for your careful reviews. If you don't mind I'll address these as IETF LC feedback, unless Alissa would like me to push out a revised version incorporating the relevant fixes.
>> 
> 
> Certainly, that works for me.
> 
> Thanks!
> 
> Ben.
> 
>> On 2/6/15 4:34 PM, Ben Campbell wrote:
>>> (No hats)
>>> 
>>> Hi Peter and Alissa,
>>> 
>>> I just reviewed version groupchat-09, and it looks good. I just noticed a few nits:
>>> 
>>> Section 4: The bulleted text for example.org and chat.example.org don't seem to quite match the figure. The figure calls both the focus and switch chat.example.org (which may not be what you want.  Example.org is a SIP proxy.
>>> 
>>> 5.1: The indented paragraph about MSRP URLs could be interpreted to mean that the explicit port is only required for a literal address. In fact, it's always required.
>>> 
>>> /Ben
>>> 
>>> 
>>>> On Feb 2, 2015, at 10:59 AM, Peter Saint-Andre - &yet <peter@andyet.net> wrote:
>>>> 
>>>> On 1/31/15 5:10 PM, Alissa Cooper wrote:
>>>>> I have reviewed this draft in preparation for IETF LC. I have a couple of comments/questions that I’d like to discuss before issuing the LC. I’ve also included some editorial nits that should be addressed together with any LC comments.
>>>>> 
>>>>> = Section 5 =
>>>>> All of the flow labels as used in the text and the examples need to be checked against the labels in the diagram. I found a bunch of inconsistencies where the labels used in the text are not describing the right flows in the diagram (e.g., Example 20, all the labels in Section 5.8). This is sort of editorial but given that the spec is basically defined by the diagrams and examples, I think it needs to be fixed before IETF LC. It confused me quite a bit.
>>>> 
>>>> Yes, we changed them all around based on Ben Campbell's review and I recall making the modifications late at night, so it doesn't surprise me greatly that there are errors. Will review again.
>>>> 
>>>>> In fact, I would suggest checking every label in the document to make sure it corresponds to the appropriate diagramed flow.
>>>> 
>>>> +1
>>>> 
>>>>> = Section 5.1 =
>>>>> "As specified in [RFC7247], the mapping of XMPP syntax elements to SIP
>>>>>  and [RFC4566] syntax elements is as shown in the following table.”
>>>>> 
>>>>> This doesn’t seem quite right since RFC 7247 doesn’t actually provide the mapping of from->From and to->To — that’s what the table right here is doing. I would suggest that the text here follow the same pattern used in the -im draft, namely:
>>>>> 
>>>>> "The mapping of XMPP syntax to SIP syntax [MUST] be as shown in the following table.
>>>>> 
>>>>> Table 1: Message syntax mapping from XMPP to SIP/SDP
>>>>> 
>>>>>      +-----------------------------+-----------------------------+
>>>>>      |  XMPP Element or Attribute  |  SIP Header or SDP Contents |
>>>>>      +-----------------------------+-----------------------------+
>>>>>      |  from                       |  From                       |
>>>>>      |  to (without the /nick)     |  To                         |
>>>>>      +-----------------------------+——————————————+
>>>>> 
>>>>> As shown in the foregoing example and described in [RFC7247], the
>>>>>      XMPP-to-SIP gateway [MUST] map the bare JID
>>>>>      ("localpart@domainpart") of the XMPP sender to the SIP From
>>>>>      header and include the resourcepart of the full JID as the GRUU
>>>>>      portion [RFC5627] of the SIP URI.”
>>>>> 
>>>>> Note that I’ve replaced the SHOULDs with MUSTs as explained in my comments on the -im draft.
>>>> 
>>>> Great, thanks.
>>>> 
>>>>> = Section 5.4 =
>>>>> OLD
>>>>> The following table shows the syntax mapping from the RFC 4575
>>>>>  payload to the XMPP participant list.
>>>>> 
>>>>> NEW
>>>>> The syntax mappings from the RFC 4575
>>>>>  payload to the XMPP participant list MUST be as shown in the following table.
>>>>> 
>>>>> OLD
>>>>> The mapping of SIP and [RFC4575] payload syntax elements to XMPP
>>>>>  syntax elements is as shown in the following table.
>>>>> 
>>>>> NEW
>>>>> The mapping of SIP and [RFC4575] payload syntax elements to XMPP
>>>>>  syntax elements MUST be as shown in the following table.
>>>>> 
>>>>> = Section 5.5 =
>>>>> OLD
>>>>> The mapping of XMPP syntax elements to MSRP syntax elements is as
>>>>>  shown in the following table.
>>>>> 
>>>>> NEW
>>>>> The mapping of XMPP syntax elements to MSRP syntax elements MUST be as
>>>>>  shown in the following table.
>>>> 
>>>> WFM.
>>>> 
>>>>> = Section 6 =
>>>>> As in Section 5, something is awry with the labels of the protocol flows in this section, both in the diagram and the examples that follow. I believe the first flow in the diagram, SIP INVITE from the SIP user to the SIP proxy, should be F35, not F33.
>>>>> 
>>>>> Then in 6.1 the SUBSCRIBE flow is listed in Example 29 as F40, but it should be F38 as in the diagram. From there, the flow numbers listed in the examples are all off by 1 or 2.
>>>> 
>>>> Yes, we'll check all of these.
>>>> 
>>>>> = Section 6.3 =
>>>>> OLD
>>>>> The mapping of MSRP syntax elements to XMPP syntax elements is as
>>>>>  shown in the following table.
>>>>> 
>>>>> NEW
>>>>> The mapping of MSRP syntax elements to XMPP syntax elements MUST be as
>>>>>  shown in the following table.
>>>> 
>>>> Yes.
>>>> 
>>>>> = Section 6.3.1 =
>>>>> Why does the SIP-to-XMPP gateway send an MSRP 200 OK back to the sender before seeing that the groupchat message has been reflected back? Doesn’t this give the sender the wrong impression in the event that a transport error causes the groupchat message to fail to reach the XMPP MUC?
>>>>> 
>>>>> "In MSRP this reflected message is unnecessary."
>>>>> 
>>>>> What does it mean for it to be “unnecessary”?
>>>> 
>>>> Perhaps that was a poor choice of words. In MSRP, the switch doesn't reflect the message because it is explicitly acknowledged (200 OK). In XMPP, the MUC room doesn't explicitly acknowledge receipt of groupchat messages.
>>>> 
>>>> I think it would be better for the switch + gateway to not generate the MSRP 200 OK until it receives the reflected message back from the MUC room. That is, move F45 after F47 and remove F48 & F49.
>>>> 
>>>>> Why does the MSRP gateway send it (F48 in the diagram)?
>>>> 
>>>> I suggest we remove F48 and F49.
>>>> 
>>>>> = Section 7 =
>>>>> "Implementations are strongly encouraged to apply the
>>>>>  rules for preparation and comparison of nicknames specified in
>>>>>  [I-D.ietf-precis-nickname].”
>>>>> 
>>>>> draft-ietf-precis-nickname is listed as a normative reference. Should its use be a normative requirement?
>>>> 
>>>> Probably.
>>>> 
>>>> If we can ever finish the PRECIS work...
>>>> 
>>>>> "Therefore, for display purposes SIP implementations
>>>>>  ought to use the <display-text/> element if the XCON 'nickname'
>>>>>  attribute is not present, and XMPP implementations ought to use the
>>>>>  resourcepart of the occupant JID if the <nick/> element is not
>>>>>  present.”
>>>>> 
>>>>> Should these be normative requirements?
>>>> 
>>>> I don't think that display name mappings are critical for interoperability.
>>>> 
>>>>> = Section 9 =
>>>>> 
>>>>> I don’t think it’s sufficient to refer to the security considerations of the underlying specifications.
>>>>> 
>>>>> This section omits discussion about whether the gateways needed for groupchat are expected to support the security requirements of the protocols they are gatewaying. The other two drafts address this point and it needs to be addressed here as well.
>>>> 
>>>> Good catch.
>>>> 
>>>>> Same goes for end-to-end security protections — some discussion is needed.
>>>> 
>>>> To my knowledge, end-to-end security protections do not exist for multiparty text chat in MSRP or XMPP MUC. It's a hard problem (even harder than the 1:1 cases for IM and chat).
>>>> 
>>>>> Also, many of the groupchat features that are left unspecified in this draft could be considered to be application security features: room administration, moderation, semi-anonymous rooms/anonymous participation, kicking and banning, etc. It seems at least worth mentioning that implementations supporting the feature set specified here cannot afford users with those features as they may be accustomed.
>>>> 
>>>> Yes, we'll note that.
>>>> 
>>>> Thanks again,
>>>> 
>>>> Peter
>>>> 
>>>> --
>>>> Peter Saint-Andre
>>>> https://andyet.com/
>>>> 
>>>> _______________________________________________
>>>> stox mailing list
>>>> stox@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/stox
>