headers
Dean Willis | 1 Feb 2008 06:59
Favicon

New ABNF RFC


Those of you submitting drafts that define syntax using ABNF should  
probably now be referencing RFC 5234 instead of whatever it was last  
week.

--
Dean

_______________________________________________
Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors <at> cs.columbia.edu for questions on current sip
Use sipping <at> ietf.org for new developments on the application of sip
Permalink | Reply | 1 comment |
headers
Cullen Jennings | 1 Feb 2008 07:51
Picon
Favicon
Gravatar

Re: New ABNF RFC


And a free beer for anyone who can figure out what of relevance  
changed from 4234 to this :-)

On Jan 31, 2008, at 9:59 PM, Dean Willis wrote:

>
> Those of you submitting drafts that define syntax using ABNF should
> probably now be referencing RFC 5234 instead of whatever it was last
> week.
>
> --
> Dean
>
> _______________________________________________
> Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors <at> cs.columbia.edu for questions on current sip
> Use sipping <at> ietf.org for new developments on the application of sip

_______________________________________________
Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors <at> cs.columbia.edu for questions on current sip
Use sipping <at> ietf.org for new developments on the application of sip
Permalink | Reply | 0 comments |
headers
Hans Erik van Elburg | 1 Feb 2008 10:54
Picon
Favicon

Re: Delivering request-URI and parameters to UAS via proxy

Paul Kyzivat wrote:
> From the point of view of the registrar this seems similar to IMS implicit registration, 
> except that the scale is much larger - there may be *very many* implicit registrations 
> generated by this one explicit registration.

For this reason the Wildcarded Public User Identity concept is introduced in IMS. This allows efficient
implicit registration of ranges of numbers or sets of sip uri's.

Best Regards,
/Hans Erik

-----Original Message-----
From: Paul Kyzivat [mailto:pkyzivat <at> cisco.com] 
Sent: Wednesday, January 30, 2008 4:12 PM
To: youssef.chadli <at> orange-ftgroup.com
Cc: sip <at> ietf.org; drage <at> alcatel-lucent.com
Subject: Re: [Sip] Delivering request-URI and parameters to UAS via proxy

youssef.chadli <at> orange-ftgroup.com wrote:
> I think there is a misunderstanding on these use cases:

Quite possible.

>  - The intermediate entity in the customer side does perform only one registration to the network.
>    The AoRs associated to the served terminals inside the client domain are registred automatically
>    by the home network, using implicit registration for example. In fact, it's not conceivable to
>    register individually all the users of a corporate network for example.

You seem to be describing one of the models covered by the SIPForum in their SIPConnect specification. Is
that what you mean?
(Continue reading)

Permalink | Reply | 2 comments |
headers
Internet-Drafts | 1 Feb 2008 21:45
Picon
Favicon

I-D Action:draft-ietf-sip-certs-05.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Session Initiation Protocol Working Group of the IETF.

	Title           : Certificate Management Service for The Session Initiation Protocol (SIP)
	Author(s)       : C. Jennings, et al.
	Filename        : draft-ietf-sip-certs-05.txt
	Pages           : 30
	Date            : 2008-02-01

This draft defines a Credential Service that allows Session
Initiation Protocol (SIP) User Agents (UAs) to use a SIP event 
package to discover the certificates of other users.  This mechanism 
allows user agents that want to contact a given Address-of-Record 
(AOR) to retrieve that AOR's certificate by subscribing to the
Credential Service, which returns an authenticated response 
containing that certificate.  The Credential Service also allows 
users to store and retrieve their own certificates and private keys.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-sip-certs-05.txt

To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request <at> ietf.org with the word unsubscribe in the body of 
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the 
username "anonymous" and a password of your e-mail address. After 
logging in, type "cd internet-drafts" and then
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dean Willis | 3 Feb 2008 17:38
Favicon

pub request for draft-ietf-sip-certs-05.txt


On Feb 1, 2008, at 2:45 PM, Internet-Drafts <at> ietf.org wrote:

> A New Internet-Draft is available from the on-line Internet-Drafts  
> directories.
> This draft is a work item of the Session Initiation Protocol  
> Working Group of the IETF.
>
>
> 	Title           : Certificate Management Service for The Session  
> Initiation Protocol (SIP)
> 	Author(s)       : C. Jennings, et al.
> 	Filename        : draft-ietf-sip-certs-05.txt
> 	Pages           : 30
> 	Date            : 2008-02-01
>

I've requested publication for this draft.

Here's the writeup I submitted along with the pub request, should you  
be interested.

----------------

The SIP working group hereby requests publication of the document  
draft-ietf-sip-certs-05 as a Proposed Standard.

    (1.a)  Who is the Document Shepherd for this document?  Has the
           Document Shepherd personally reviewed this version of the
           document and, in particular, does he or she believe this
(Continue reading)

Permalink | Reply | 4 comments |
headers
Jerry Yin | 5 Feb 2008 22:23
Picon
Favicon

Comments on draft-ietf-sip-connect-reuse-08

Hi Rohan and all,
 
I can't find the discussing about the connection reuse when NAT/Firewall involved. Sorry if it is documented somewhere already. Here's my comments:
 
 

  1. SIP UA behind a NAT/Firewall using TCP: According to the current draft (08), the UA and proxy have to create bi-direction connections. It seems that it is impossible for the proxy (at the public side of the firewall) to make a new TCP connection to the phone for incoming requests without reusing the phone’s existing TCP connection with the proxy.
  2. SIP UA behind a NAT using TCP to register to the server: The only possible way a UA can receive incoming calls is to reuse the TCP connection that it has created to register with the proxy/registrar.
 

For the above two reasons, I think it would be better to treat the TCP/SCTP the same way as the TLS. It would make the design and implementation simple. The SIP routing behavior would be consistent when supporting the “connection reuse” draft.
 

As the TCP security concerns are discussed in the section 9.3 “Security Considerations for the TCP Transport”, the first 3 attacks can be prevented by Digest authentications. I can’t figure out what is the last case all about (Proxy enter an aliasing agreement with downstream proxy)?  If there are services between these two proxies, they will create connections, one or two, anyway. What are really the concerns here?
 
Regards,
Jerry
 

Never miss a thing. Make Yahoo your homepage. 
_______________________________________________
Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors <at> cs.columbia.edu for questions on current sip
Use sipping <at> ietf.org for new developments on the application of sip
Permalink | Reply | 3 comments |
headers
Vijay K. Gurbani | 5 Feb 2008 22:41
Favicon

Re: Comments on draft-ietf-sip-connect-reuse-08

Jerry Yin wrote:
> Hi Rohan and all,

Jerry: Thank you for your time reviewing the draft.

> I can't find the discussing about the connection reuse when NAT/Firewall 
> involved. Sorry if it is documented somewhere already. 

That particular behavior is documented in sip-outbound
(see Section 2 of connect-reuse for a reference to the discussion
delineating connect-reuse and sip-outbound.)  sip-outbound can be
accessed from: http://tools.ietf.org/html/draft-ietf-sip-outbound-11

> For the above two reasons, I think it would be better to treat the 
> TCP/SCTP the same way as the TLS. It would make the design and 
> implementation simple. The SIP routing behavior would be consistent when 
> supporting the “connection reuse” draft.
>  
> As the TCP security concerns are discussed in the section 9.3 “*Security 
> Considerations for the TCP Transport”, *the first 3 attacks can be 
> prevented by Digest authentications. I can’t figure out what is the last 
> case all about (Proxy enter an aliasing agreement with downstream 
> proxy)?  If there are services between these two proxies, they will 
> create connections, one or two, anyway. What are really the concerns here?

As it turns out, we are about to release -09 based on the WGLC review
in November.  Brett and I are trying to close an open issue between
us, and once that is done, -09 will be released later this week.
-09 provides more succinct reasons why TCP/SCTP cannot be reused and
it also shortens considerably Section 9.3 based on the WGLC review
feedback.

Thanks,

- vijay
--

-- 
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
2701 Lucent Lane, Rm. 9F-546, Lisle, Illinois 60532 (USA)
Email: vkg <at> {alcatel-lucent.com,bell-labs.com,acm.org}
WWW:   http://www.alcatel-lucent.com/bell-labs
_______________________________________________
Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors <at> cs.columbia.edu for questions on current sip
Use sipping <at> ietf.org for new developments on the application of sip
Permalink | Reply | 2 comments |
headers
David Roan | 6 Feb 2008 00:24
Picon

Remote Target on Established Dialog and Remote Target Refresh

Thanks to everyone who responded to my earlier query (Target Refresh Request and Contact Header thread).

I now have a similar query for establishing the Remote Target. Please forgive the length in advance and feel free to insert corrections/input as necessary.

From section 12.1 of RFC 3261, the following is stated:
Within this specification, only 2xx and 101-199 responses with a To tag, where the request was INVITE, will establish a dialog.

This seems to indicate that either a 2xx or 101-199 response (with a To tag) to the initial INVITE can establish a dialog (confirmed vs early dialog respectively), correct?

Then, from section 12.1.1 of RFC 3261, the following is added about the response that establishes the dialog:
When a UAS responds to a request with a response that establishes a dialog (such as a 2xx to INVITE), the UAS MUST copy all Record-Route header field values from the request into the response (including the URIs, URI parameters, and any Record-Route header field parameters, whether they are known or unknown to the UAS) and MUST maintain the order of those values. The UAS MUST add a Contact header field to the response.

This seems to indicate that the first 101-199 response sent from the UAS/received at the UAC (with a To Tag) must contain a Contact header (to set the Remote Target at the UAC), correct? So, if the Contact header is not received in this response, this would be considered a violation of the spec and an invalid response, correct? Also, according to the following section (12.1.2), this also sets up the dialog state (items like the route set, if not empty, and the Remote Target).

Section 12.2 of RFC 3261 goes into additional details of when the Remote Target can be changed (ie, Remote Target Refresh):  
Requests within a dialog MAY contain Record-Route and Contact header fields.  However, these requests do not cause the dialog's route set to be modified, although they may modify the remote target URI. Specifically, requests that are not target refresh requests do not modify the dialog's remote target URI, and requests that are target refresh requests do.  For dialogs that have been established with an INVITE, the only target refresh request defined is re-INVITE (see Section 14).  Other extensions may define different target refresh requests for dialogs established in other ways.
      Note that an ACK is NOT a target refresh request.
Target refresh requests only update the dialog's remote target URI, and not the route set formed from the Record-Route.  Updating the latter would introduce severe backwards compatibility problems with RFC 2543-compliant systems.

This seems to indicate that after the 101-199 response is received (that establishes the dialog), only the re-INVITE and its 2xx response and UPDATE (per RFC 3311) and its 2xx response can change the Remote Target. Therefore, if a subsequent provisional response to the INVITE (ie, 180 Ringing that followed a 183 Session Progress) is received, it is not allowed to update the Remote Target if it contains a Contact header, correct? What about an UPDATE received in the early dialog state? This would also allow the Remote Target to be updated, correct?

Thanks again,
David Roan
_______________________________________________
Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors <at> cs.columbia.edu for questions on current sip
Use sipping <at> ietf.org for new developments on the application of sip
Permalink | Reply | 9 comments |
headers
Paul Kyzivat | 6 Feb 2008 01:07
Picon
Favicon

Re: Remote Target on Established Dialog and Remote Target Refresh

David,

I think everything you have said is right. These are some very fuzzy areas.

Note that an *unreliable* provisional response can establish an early 
dialog. But because it is unreliable the UAS can't immediately know if 
the UAC is aware of the dialog.

It is somewhere between very tricky and impossible to change the target 
during an early dialog. If you haven't found it yet, you should take a 
look at the race-examples draft 
(draft-ietf-sipping-race-examples-04.txt) for more discussion of this 
sort of subtle point.

	Thanks,
	Paul

David Roan wrote:
> Thanks to everyone who responded to my earlier query (Target Refresh 
> Request and Contact Header thread).
> 
> I now have a similar query for establishing the Remote Target. Please 
> forgive the length in advance and feel free to insert corrections/input 
> as necessary.
> 
>  From section 12.1 of RFC 3261, the following is stated:
> Within this specification, only 2xx and 101-199 responses with a To tag, 
> where the request was INVITE, will establish a dialog.
> 
> This seems to indicate that either a 2xx or 101-199 response (with a To 
> tag) to the initial INVITE can establish a dialog (confirmed vs early 
> dialog respectively), correct?
> 
> Then, from section 12.1.1 of RFC 3261, the following is added about the 
> response that establishes the dialog:
> When a UAS responds to a request with a response that establishes a 
> dialog (such as a 2xx to INVITE), the UAS MUST copy all Record-Route 
> header field values from the request into the response (including the 
> URIs, URI parameters, and any Record-Route header field parameters, 
> whether they are known or unknown to the UAS) and MUST maintain the 
> order of those values. The UAS MUST add a Contact header field to the 
> response.
> 
> This seems to indicate that the first 101-199 response sent from the 
> UAS/received at the UAC (with a To Tag) must contain a Contact header 
> (to set the Remote Target at the UAC), correct? So, if the Contact 
> header is not received in this response, this would be considered a 
> violation of the spec and an invalid response, correct? Also, according 
> to the following section (12.1.2), this also sets up the dialog state 
> (items like the route set, if not empty, and the Remote Target).
> 
> Section 12.2 of RFC 3261 goes into additional details of when the Remote 
> Target can be changed (ie, Remote Target Refresh):  
> Requests within a dialog MAY contain Record-Route and Contact header 
> fields.  However, these requests do not cause the dialog's route set to 
> be modified, although they may modify the remote target URI. 
> Specifically, requests that are not target refresh requests do not 
> modify the dialog's remote target URI, and requests that are target 
> refresh requests do.  For dialogs that have been established with an 
> INVITE, the only target refresh request defined is re-INVITE (see 
> Section 14).  Other extensions may define different target refresh 
> requests for dialogs established in other ways.
>       Note that an ACK is NOT a target refresh request.
> Target refresh requests only update the dialog's remote target URI, and 
> not the route set formed from the Record-Route.  Updating the latter 
> would introduce severe backwards compatibility problems with RFC 
> 2543-compliant systems.
> 
> This seems to indicate that after the 101-199 response is received (that 
> establishes the dialog), only the re-INVITE and its 2xx response and 
> UPDATE (per RFC 3311) and its 2xx response can change the Remote Target. 
> Therefore, if a subsequent provisional response to the INVITE (ie, 180 
> Ringing that followed a 183 Session Progress) is received, it is not 
> allowed to update the Remote Target if it contains a Contact header, 
> correct? What about an UPDATE received in the early dialog state? This 
> would also allow the Remote Target to be updated, correct?
> 
> Thanks again,
> David Roan
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors <at> cs.columbia.edu for questions on current sip
> Use sipping <at> ietf.org for new developments on the application of sip
_______________________________________________
Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors <at> cs.columbia.edu for questions on current sip
Use sipping <at> ietf.org for new developments on the application of sip
Permalink | Reply | 7 comments |
headers
David Roan | 6 Feb 2008 03:27
Picon

Re: Remote Target on Established Dialog and Remote Target Refresh

Hi Paul,
 
Thanks for the response.
 
So, if the provisional responses are sent reliably, the provisional response would have an acking mechanism similar to the 2xx to ensure the dialog is established (ie, the chance of lost messaging is greatly diminished by the resending of Provisional Responses and the PRACK request), correct?
 
I checked RFC 3262 wrt this and found the following:
If a provisional response is received for an initial request, and that response contains a Require header field containing the option tag 100rel, the response is to be sent reliably.  If the response is a 100 (Trying) (as opposed to 101 to 199), this option tag MUST be ignored, and the procedures below MUST NOT be used.
The provisional response MUST establish a dialog if one is not yet created.
 
This does not really indicate a dialog state, but this would still be an early dialog, right? Or, would it be confirmed since, like the 2xx, there is an ACK mechanism to ensure it is received?
 
Thanks again for the insight and the pointer to the race condition draft,
David Roan

On Feb 5, 2008 6:07 PM, Paul Kyzivat <pkyzivat <at> cisco.com> wrote:
David,

I think everything you have said is right. These are some very fuzzy areas.

Note that an *unreliable* provisional response can establish an early
dialog. But because it is unreliable the UAS can't immediately know if
the UAC is aware of the dialog.

It is somewhere between very tricky and impossible to change the target
during an early dialog. If you haven't found it yet, you should take a
look at the race-examples draft
(draft-ietf-sipping-race-examples-04.txt) for more discussion of this
sort of subtle point.

       Thanks,
       Paul

David Roan wrote:
> Thanks to everyone who responded to my earlier query (Target Refresh
> Request and Contact Header thread).
>
> I now have a similar query for establishing the Remote Target. Please
> forgive the length in advance and feel free to insert corrections/input
> as necessary.
>
>  From section 12.1 of RFC 3261, the following is stated:
> Within this specification, only 2xx and 101-199 responses with a To tag,
> where the request was INVITE, will establish a dialog.
>
> This seems to indicate that either a 2xx or 101-199 response (with a To
> tag) to the initial INVITE can establish a dialog (confirmed vs early
> dialog respectively), correct?
>
> Then, from section 12.1.1 of RFC 3261, the following is added about the
> response that establishes the dialog:
> When a UAS responds to a request with a response that establishes a
> dialog (such as a 2xx to INVITE), the UAS MUST copy all Record-Route
> header field values from the request into the response (including the
> URIs, URI parameters, and any Record-Route header field parameters,
> whether they are known or unknown to the UAS) and MUST maintain the
> order of those values. The UAS MUST add a Contact header field to the
> response.
>
> This seems to indicate that the first 101-199 response sent from the
> UAS/received at the UAC (with a To Tag) must contain a Contact header
> (to set the Remote Target at the UAC), correct? So, if the Contact
> header is not received in this response, this would be considered a
> violation of the spec and an invalid response, correct? Also, according
> to the following section (12.1.2), this also sets up the dialog state
> (items like the route set, if not empty, and the Remote Target).
>
> Section 12.2 of RFC 3261 goes into additional details of when the Remote
> Target can be changed (ie, Remote Target Refresh):
> Requests within a dialog MAY contain Record-Route and Contact header
> fields.  However, these requests do not cause the dialog's route set to
> be modified, although they may modify the remote target URI.
> Specifically, requests that are not target refresh requests do not
> modify the dialog's remote target URI, and requests that are target
> refresh requests do.  For dialogs that have been established with an
> INVITE, the only target refresh request defined is re-INVITE (see
> Section 14).  Other extensions may define different target refresh
> requests for dialogs established in other ways.
>       Note that an ACK is NOT a target refresh request.
> Target refresh requests only update the dialog's remote target URI, and
> not the route set formed from the Record-Route.  Updating the latter
> would introduce severe backwards compatibility problems with RFC
> 2543-compliant systems.
>
> This seems to indicate that after the 101-199 response is received (that
> establishes the dialog), only the re-INVITE and its 2xx response and
> UPDATE (per RFC 3311) and its 2xx response can change the Remote Target.
> Therefore, if a subsequent provisional response to the INVITE (ie, 180
> Ringing that followed a 183 Session Progress) is received, it is not
> allowed to update the Remote Target if it contains a Contact header,
> correct? What about an UPDATE received in the early dialog state? This
> would also allow the Remote Target to be updated, correct?
>
> Thanks again,
> David Roan
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors <at> cs.columbia.edu for questions on current sip
> Use sipping <at> ietf.org for new developments on the application of sip

_______________________________________________
Sip mailing list  http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors <at> cs.columbia.edu for questions on current sip
Use sipping <at> ietf.org for new developments on the application of sip
Permalink | Reply | 6 comments |

Gmane