Re: [VIPR] PVP entropy
Marc Petit-Huguenin <petithug@acm.org> Tue, 18 October 2011 15:49 UTC
Return-Path: <petithug@acm.org>
X-Original-To: vipr@ietfa.amsl.com
Delivered-To: vipr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id 7EE4521F8B88 for <vipr@ietfa.amsl.com>;
Tue, 18 Oct 2011 08:49:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.099
X-Spam-Level:
X-Spam-Status: No, score=-102.099 tagged_above=-999 required=5 tests=[AWL=0.501,
BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9zS3GNxJ45gc for
<vipr@ietfa.amsl.com>; Tue, 18 Oct 2011 08:49:38 -0700 (PDT)
Received: from implementers.org (implementers.org
[IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with
ESMTP id 7FD6021F8B77 for <vipr@ietf.org>;
Tue, 18 Oct 2011 08:49:38 -0700 (PDT)
Received: from [IPv6:2001:470:1f05:616:213:d4ff:fe04:3e08] (shalmaneser.org
[IPv6:2001:470:1f05:616:213:d4ff:fe04:3e08]) (using TLSv1 with cipher
AES256-SHA (256/256 bits)) (Client CN "petithug", Issuer "implementers.org"
(verified OK)) by implementers.org (Postfix) with ESMTPS id 623EB204AD for
<vipr@ietf.org>; Tue, 18 Oct 2011 15:41:44 +0000 (UTC)
Message-ID: <4E9DA00C.90704@acm.org>
Date: Tue, 18 Oct 2011 08:49:32 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
rv:1.9.2.23) Gecko/20111010 Iceowl/1.0b2 Icedove/3.1.15
MIME-Version: 1.0
To: vipr@ietf.org
References: <4E63E52D.3020101@acm.org>
In-Reply-To: <4E63E52D.3020101@acm.org>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [VIPR] PVP entropy
X-BeenThere: vipr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Verification Involving PSTN Reachability working group <vipr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vipr>,
<mailto:vipr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vipr>
List-Post: <mailto:vipr@ietf.org>
List-Help: <mailto:vipr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vipr>,
<mailto:vipr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Oct 2011 15:49:39 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The discussion on the subject of PVP entropy on the last conference call did not reach consensus. The -pvp draft already contains a placeholder for discussing entropy (section 10.1), so we need to do something about this. The various proposals were: 1. We do not need to manage entropy because we do not want to have the user making multiple PSTN calls before receiving a SIP route. 2. We need to manage entropy, but it is best managed completely in the PVP server. 3. We need to manage entropy, but it is best managed in both client and server by using something like a cookie. My proposal is 3, as detailed below. I think that 1 would exclude too many participants in VIPR, so I oppose it. On 09/04/2011 01:53 PM, Marc Petit-Huguenin wrote: > Section 10.1 of the -pvp draft is an empty section that is supposed to describe > how to aggregate entropy. The idea is that the fact that one validation > succeeds could not be enough for a remote VIPR server to give back routes and > ticket for this destination. For example a site could decide that 3 different > calls validated with method "b" are needed to let a SIP call reach the endpoint. > > This proposal describes a mechanism for PVP to implement this. The idea is that > when a PVP validation succeeds, the PVP server will return a ticket[1] but may > not return the list of routes if the entropy threshold is not reached. The > ticket will contain an opaque value set by the PVP server that contain the level > of entropy that this caller has reached. The PVP client stores the ticket but > does not notify the call agent as there is no routes available. The next time > the PVP client has a successful validation with the same destination, it sends > the saved ticket in addition to the domain. The PVP server then evaluates the > ticket, increases the entropy value stored and send back a new ticket back. If > the threshold has been reached, then the PVP server sends back the routes at the > same time, routes that the PVP client can now send with the ticket to the call > agent. > > When renewing the routes/ticket, the PVP client also sends the existing ticket, > so the PVP server can decide to lower the threshold based on the entropy > collected the previous time and the date of the ticket. > > This can be combined with my proposal for method priority. If multiple methods > are available for a destination but the first that succeeds does not return the > routes then the PVP client can use the next available methods in the list to try > to increase the entropy and receive them. > > A PVP server may even use different thresholds, depending on the domains to > validate. This become then an extension to the white/black list, where a > blacklist is implemented as a default threshold of X and a infinite threshold > for the domains blacklisted, and where a whitelist is implemented as a default > infinite threshold and a threshold of X for the domains whitelisted. > > > [1] Or a certificate if my other proposal is accepted. > - -- Marc Petit-Huguenin Personal email: marc@petit-huguenin.org Professional email: petithug@acm.org Blog: http://blog.marc.petit-huguenin.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk6doAoACgkQ9RoMZyVa61eFWQCgpPz2uKruKPkQlG0X9vMrppm8 ZMwAoKZ3VL1T7UtCEoHrrIKujEmxs4Ek =mVG9 -----END PGP SIGNATURE-----
- [VIPR] PVP entropy Marc Petit-Huguenin
- Re: [VIPR] PVP entropy Marc Petit-Huguenin