Re: [Stox] review: stox-core-04

Peter Saint-Andre <stpeter@stpeter.im> Mon, 23 September 2013 23:54 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: stox@ietfa.amsl.com
Delivered-To: stox@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A405511E80FC for <stox@ietfa.amsl.com>; Mon, 23 Sep 2013 16:54:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.885
X-Spam-Level:
X-Spam-Status: No, score=-101.885 tagged_above=-999 required=5 tests=[AWL=-0.156, BAYES_00=-2.599, SARE_MLH_Stock1=0.87, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AOuzh5x9uMR5 for <stox@ietfa.amsl.com>; Mon, 23 Sep 2013 16:54:35 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 43B0911E80FB for <stox@ietf.org>; Mon, 23 Sep 2013 16:54:35 -0700 (PDT)
Received: from ergon.local (unknown [71.237.13.154]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 27F5B415F9; Mon, 23 Sep 2013 17:59:43 -0600 (MDT)
Message-ID: <5240D4BA.3090108@stpeter.im>
Date: Mon, 23 Sep 2013 17:54:34 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: Salvatore Loreto <salvatore.loreto@ericsson.com>
References: <523C17B9.2070408@ericsson.com>
In-Reply-To: <523C17B9.2070408@ericsson.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: stox@ietf.org
Subject: Re: [Stox] review: stox-core-04
X-BeenThere: stox@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP-TO-XMPP Working Group discussion list <stox.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stox>, <mailto:stox-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stox>
List-Post: <mailto:stox@ietf.org>
List-Help: <mailto:stox-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stox>, <mailto:stox-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2013 23:54:39 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/20/13 3:39 AM, Salvatore Loreto wrote:
> I have reviewed the core-04 draft, and I think that is almost ready
> for the WGLC
> 
> I have one general comment (btw I apologize in advance if this has
> already been discussed and I have overlooked or forgot it) and it
> is about the fact that draft does not talk at all about the inter 
> working when secure URIs are involved. I think that at least we
> should say something about in the Security consideration.

Good catch. After reading and re-reading Section 26.4.4 of RFC 3261, I
have to admit that I'm not sure exactly how SIP entities are supposed
to handle SIPS URIs. Even if we understand those requirements, I'm
also not sure how they would apply to the XMPP side of the
communications path. At the least, it seems we'd want to specify that
if the To header or Request-URI is a SIPS URI, then the SIP-to-XMPP
gateway needs to connect to the XMPP server over a TLS-protected
stream. However, do we also need to stipulate that the XMPP
server-to-client connection is TLS-protected? If so, how would the
gateway associated with the XMPP server ensure that? (The gateway
might be an external component of the XMPP server, without control
over how the XMPP server communicates with XMPP clients.)

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSQNS6AAoJEOoGpJErxa2pueYQAJFMEL4C00F37XDdk9uvADsP
3MM9Si1gIYTmIdI4bW4HY8A5LfggByoT17SD/fYjDoescHfhxO4nb8EP/ElUq0lY
uTeUBl9fi+PQUwQweZS4O/inQAucUTWjf6NAk3x4ETN6ct0dUwXgzj1avmu7oO9G
t4STEtxtxSHMMjFUacCyHxTYp0b9fSCExUScsGHeM7RJtS4oUrxI8Rb8QNDH8bZV
CFo52opkkYBkjZFfIjMGHLzrMNR66G0C9Cbvx+SIy1hhM2iCqWtS50+KMcWBzg7c
Vog96pNL/li27U18ZAR5kXMT7hbNj/eV2Na6WXPw0ITJ1LtcR2TNbyvJ66U//b0g
Ba5R6Dwk7QfBjW1MQ1W79VOZsRga9RYjEuxKtJ+acZeoL/kLSikEZn0o1N+FXtzt
A0sR0Hovx6jyPDodkrP4R62uhdUdDWXIcLgVOiNTtS9Hbu+RPhDOmsvAA/OyFt23
u8nqBLocb57Mxwvk2b9FMGrBa5aQD2dsSiyfEXtMDlOYlxlBYa7vBoVyI8GPLIbm
sTRPDjN0NvAmokzSWlcA8T2PwnXu06N3UOctw7eVZPoFIE6yk0t/kMNhofMxq/EV
4K+tnU1I3w/irDTYA8g3zRfCpbs+RlmGG9pgpN9iOFdas9AQe1jS1rZp3H8C/TGU
DM4DbC4CrD0Itj2y0pBp
=VUg1
-----END PGP SIGNATURE-----