Re: [Stox] review: stox-core-04
Peter Saint-Andre <stpeter@stpeter.im> Mon, 23 September 2013 23:54 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: stox@ietfa.amsl.com
Delivered-To: stox@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A405511E80FC for <stox@ietfa.amsl.com>; Mon, 23 Sep 2013 16:54:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.885
X-Spam-Level:
X-Spam-Status: No, score=-101.885 tagged_above=-999 required=5 tests=[AWL=-0.156, BAYES_00=-2.599, SARE_MLH_Stock1=0.87, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AOuzh5x9uMR5 for <stox@ietfa.amsl.com>; Mon, 23 Sep 2013 16:54:35 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 43B0911E80FB for <stox@ietf.org>; Mon, 23 Sep 2013 16:54:35 -0700 (PDT)
Received: from ergon.local (unknown [71.237.13.154]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 27F5B415F9; Mon, 23 Sep 2013 17:59:43 -0600 (MDT)
Message-ID: <5240D4BA.3090108@stpeter.im>
Date: Mon, 23 Sep 2013 17:54:34 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: Salvatore Loreto <salvatore.loreto@ericsson.com>
References: <523C17B9.2070408@ericsson.com>
In-Reply-To: <523C17B9.2070408@ericsson.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: stox@ietf.org
Subject: Re: [Stox] review: stox-core-04
X-BeenThere: stox@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP-TO-XMPP Working Group discussion list <stox.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stox>, <mailto:stox-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stox>
List-Post: <mailto:stox@ietf.org>
List-Help: <mailto:stox-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stox>, <mailto:stox-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2013 23:54:39 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9/20/13 3:39 AM, Salvatore Loreto wrote: > I have reviewed the core-04 draft, and I think that is almost ready > for the WGLC > > I have one general comment (btw I apologize in advance if this has > already been discussed and I have overlooked or forgot it) and it > is about the fact that draft does not talk at all about the inter > working when secure URIs are involved. I think that at least we > should say something about in the Security consideration. Good catch. After reading and re-reading Section 26.4.4 of RFC 3261, I have to admit that I'm not sure exactly how SIP entities are supposed to handle SIPS URIs. Even if we understand those requirements, I'm also not sure how they would apply to the XMPP side of the communications path. At the least, it seems we'd want to specify that if the To header or Request-URI is a SIPS URI, then the SIP-to-XMPP gateway needs to connect to the XMPP server over a TLS-protected stream. However, do we also need to stipulate that the XMPP server-to-client connection is TLS-protected? If so, how would the gateway associated with the XMPP server ensure that? (The gateway might be an external component of the XMPP server, without control over how the XMPP server communicates with XMPP clients.) Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSQNS6AAoJEOoGpJErxa2pueYQAJFMEL4C00F37XDdk9uvADsP 3MM9Si1gIYTmIdI4bW4HY8A5LfggByoT17SD/fYjDoescHfhxO4nb8EP/ElUq0lY uTeUBl9fi+PQUwQweZS4O/inQAucUTWjf6NAk3x4ETN6ct0dUwXgzj1avmu7oO9G t4STEtxtxSHMMjFUacCyHxTYp0b9fSCExUScsGHeM7RJtS4oUrxI8Rb8QNDH8bZV CFo52opkkYBkjZFfIjMGHLzrMNR66G0C9Cbvx+SIy1hhM2iCqWtS50+KMcWBzg7c Vog96pNL/li27U18ZAR5kXMT7hbNj/eV2Na6WXPw0ITJ1LtcR2TNbyvJ66U//b0g Ba5R6Dwk7QfBjW1MQ1W79VOZsRga9RYjEuxKtJ+acZeoL/kLSikEZn0o1N+FXtzt A0sR0Hovx6jyPDodkrP4R62uhdUdDWXIcLgVOiNTtS9Hbu+RPhDOmsvAA/OyFt23 u8nqBLocb57Mxwvk2b9FMGrBa5aQD2dsSiyfEXtMDlOYlxlBYa7vBoVyI8GPLIbm sTRPDjN0NvAmokzSWlcA8T2PwnXu06N3UOctw7eVZPoFIE6yk0t/kMNhofMxq/EV 4K+tnU1I3w/irDTYA8g3zRfCpbs+RlmGG9pgpN9iOFdas9AQe1jS1rZp3H8C/TGU DM4DbC4CrD0Itj2y0pBp =VUg1 -----END PGP SIGNATURE-----
- [Stox] review: stox-core-04 Salvatore Loreto
- [Stox] review: stox-im-03 Salvatore Loreto
- Re: [Stox] review: stox-im-03 Peter Saint-Andre
- Re: [Stox] review: stox-core-04 Peter Saint-Andre
- Re: [Stox] review: stox-im-03 Salvatore Loreto
- Re: [Stox] review: stox-im-03 Peter Saint-Andre