Re: [Stox] Comments on stox-chat-09
Peter Saint-Andre - &yet <peter@andyet.net> Thu, 12 February 2015 03:35 UTC
Return-Path: <peter@andyet.net>
X-Original-To: stox@ietfa.amsl.com
Delivered-To: stox@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E1861A1EEC for <stox@ietfa.amsl.com>; Wed, 11 Feb 2015 19:35:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tY1wgPAiVJWu for <stox@ietfa.amsl.com>; Wed, 11 Feb 2015 19:35:36 -0800 (PST)
Received: from mail-ig0-f174.google.com (mail-ig0-f174.google.com [209.85.213.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9951D1A1BED for <stox@ietf.org>; Wed, 11 Feb 2015 19:35:36 -0800 (PST)
Received: by mail-ig0-f174.google.com with SMTP id b16so1251467igk.1 for <stox@ietf.org>; Wed, 11 Feb 2015 19:35:36 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=hatISataf0LqVhbhBcxlLqzy8bNNYBicqExx7HH0wWA=; b=fuQuYkQyFcxpCTh9eMwNapGikGjrY3F8jtWLMb0ofwGgKKurTVC48o96b/tmew7mDb dC9fMtdTbU2px4/nMdQMM9tIeNvu1ambxoPTkzk1A/gB9UW68mtKXVijO/IPzNK8MNI7 3Fy5fWowC45l0AD6q9icLCMvCXXWAY+Y7tSV5Nke3jcSWqp9PsA04rD1rqppbD0ZYXhy UhzCefQTH2m9r0Edvugv1hBtnggmjGZOSxNFMw8vAKNeLxq8AiQFWMDfijMTaXrrzmeJ eQlN5rw9f8CimsMPrB9o8sjzwuxy+u4vjXFIOH3mFph/8H00E2IECWUEh823R7dGetSy 16aw==
X-Gm-Message-State: ALoCoQkSWrhMD8ke0BIZTegzSd0LwR1g84dMOOeiPOVyll4agBWBSJ9xk77ABw/Jvou525LKwaAu
X-Received: by 10.50.39.112 with SMTP id o16mr1522395igk.0.1423712136049; Wed, 11 Feb 2015 19:35:36 -0800 (PST)
Received: from aither.local (c-73-34-202-214.hsd1.co.comcast.net. [73.34.202.214]) by mx.google.com with ESMTPSA id a125sm1679363ioa.40.2015.02.11.19.35.34 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 Feb 2015 19:35:35 -0800 (PST)
Message-ID: <54DC1F86.6020709@andyet.net>
Date: Wed, 11 Feb 2015 20:35:34 -0700
From: Peter Saint-Andre - &yet <peter@andyet.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Ben Campbell <ben@nostrum.com>, Alissa Cooper <alissa@cooperw.in>
References: <10EF4B6B-A78E-4714-8E0F-84B985456266@nostrum.com>
In-Reply-To: <10EF4B6B-A78E-4714-8E0F-84B985456266@nostrum.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/stox/uaAiVZod5GiCmhj4JYUrWXGYECg>
Cc: stox@ietf.org
Subject: Re: [Stox] Comments on stox-chat-09
X-BeenThere: stox@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP-TO-XMPP Working Group discussion list <stox.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stox>, <mailto:stox-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stox/>
List-Post: <mailto:stox@ietf.org>
List-Help: <mailto:stox-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stox>, <mailto:stox-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Feb 2015 03:35:41 -0000
On 2/9/15 3:59 PM, Ben Campbell wrote: > (Resending to include STOX list) (No hats yet) > > Hi Peter and Alissa, > > I've looked over draft-ietf-stox-chat-09. It looks mostly good, but > there are still a few issues. > > Thanks! > > /Ben > > ---------------------------- > > MSRP Failure-Report headers: > > The examples assume the MSRP Failure-Report header field is set to > no. It's missing from the first SEND, but explicitly set to no in the > rest. The responses to SEND requests are left off throughout. This is > allowed, but non-default behavior for MSRP. If the intent is to set > Failure-Report: no, it would be good to say a few words about it. If > the intent is to leave that to the implementation, then I would > expect the examples to follow the defaults. As I see it: Because the XMPP message receipts specification (XEP-0184) does not support failure reports, there is no mapping for the MSRP Failure-Report header field and gateways SHOULD set that header field to "no". > SIP Response From/To: > > The SIP responses swap the From and To from the associated requests. > This is not correct, To and From of a SIP response matches the To and > From of the original request. (More to the point, the To and From in > a response do not change to indicate the direction of the response > message.) I note that the groupchat draft had this issue at one > point, but it's been fixed. Noted. Will fix. > Session Termination > > I would like to see a little more prominent discussion about when the > XMPP side might terminate a session. It's mentioned in the > "Composing" section, but that seems to bury an important concept. I > note both primary examples show the SIP side terminating the > session--it would be nice to see one of those examples let the XMPP > side do it. (Is the "gone" composing state the only way this would > happen?) There is no concept of an explicit messaging session in RFC 6121: the conversation just trails off. The "gone" state is the only way to indicate that the session is over, but that's not defined in RFC 6121. > SIP CSeq: > > CSeq is missing from most SIP requests, except oddly for BYE > requests. Are you saying that CSeq is typically not included in SIP requests (even in dialogs) per the specs, or that we have mistakenly left them off here? I think the latter, but I want to make sure. > (And note that the CSeq of a BYE, sent by the peer that > initiated the INVITE, would never be "1") True. > Security Considerations, last sentence: > > The text non-normatively "suggests" the use of RFC3862 for end-to-end > protection. That seems to want to have it both ways (non-normative > and recommended) . I suggest either making that normative, or > reducing the strength to say RFC3862 could be used for this purpose. > (I realize we do this all the time with "ought to", but it seems like > we need a sharper line for something like e2e crypto.) See previous reply about the -im document. Peter -- Peter Saint-Andre https://andyet.com/
- [Stox] Comments on stox-chat-09 Ben Campbell
- Re: [Stox] Comments on stox-chat-09 Peter Saint-Andre - &yet
- Re: [Stox] Comments on stox-chat-09 Ben Campbell
- Re: [Stox] Comments on stox-chat-09 Peter Saint-Andre - &yet
- Re: [Stox] Comments on stox-chat-09 Ben Campbell