[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MMUSIC] Review of draft-saito-mmusic-sdp-ike

To: Richard Barnes <rbarnes at bbn.com>
Subject: Re: [MMUSIC] Review of draft-saito-mmusic-sdp-ike
From: Dean Willis <dean.willis at softarmor.com>
Date: Thu, 16 Aug 2007 10:32:38 -0500
Cc: SIPPING <sipping at ietf.org>, MMUSIC <mmusic at ietf.org>
In-reply-to: <46C0A032.5020901@bbn.com>
List-help: <mailto:mmusic-request@ietf.org?subject=help>
List-id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-post: <mailto:mmusic@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
References: <46C0A032.5020901@bbn.com>


On Aug 13, 2007, at 1:17 PM, Richard Barnes wrote:

Draft:  draft-saito-mmusic-sdp-ike-01
Reviewer: Richard Barnes
Review Date: 13 Aug 07
General Comments: ---------------------------------------------------------------------- -- 1. This document seems to be doing two things: (1) Using SDP carried in SIP to initiate an IKE session, and (2) Defining how SIP Identity can be used in lieu of IKE authentication.

I think you're looking at the side-effects, not the central theme. And I'm not sure the draft really brings the central them into clear focus.

The question to ask is "Why do people want to use SIP to establish an IPSEC SA"?

And the answer, I think, has to do with:

1) SIP's utility as a cross-nat rendezvous mechanism. We currently don't have any other good way for node A, which is behind a NAT, to find and establish communication with node B, which is also behind a NAT. Much of the complexity of SIP, including "ice", "outbound", and "gruu", is involved in solving this problem. This is a very difficult problem to solve, and many communications modalities suffer from it. Having solved it in SIP, we can expect to see attempts to use SIP to bootstrap a solution to all those communication modalities.

2) SIP's extension of the domain namespace to include "user parts", allowing more flexible addressing that includes subaddressing at a given host without burning more IP address space.

Of course, one might argue that we'd have a cleaner model if we replaced many of these SIP graft-ons with a transport protocol that handles them transparently and independently from the application. We've started talking about ways to do that in P2PSIP. But for now, SIP is the only hammer we have that appears to succeed in driving this kind of nail.

--
Dean

_______________________________________________
mmusic mailing list
mmusic at ietf.org
https://www1.ietf.org/mailman/listinfo/mmusic

Follow-Ups:
- Re: [MMUSIC] Review of draft-saito-mmusic-sdp-ike
  - From: Makoto SAITO

References:
- [MMUSIC] Review of draft-saito-mmusic-sdp-ike
  - From: Richard Barnes

Prev by Date: Re: [MMUSIC] Gen-ART Review of draft-ietf-mmusic-ice-17
Next by Date: Re: [MMUSIC] Review of draft-saito-mmusic-sdp-ike
Previous by thread: [MMUSIC] Re: [Sipping] Review of draft-saito-mmusic-sdp-ike
Next by thread: Re: [MMUSIC] Review of draft-saito-mmusic-sdp-ike
Index(es):
- Date
- Thread