[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sip] Referred-By

To: sip@ietf.org
Subject: [Sip] Referred-By
From: Pekka Pessi <Pekka.Pessi@nokia.com>
Date: Wed, 19 Mar 2003 21:21:32 +0200
Cc: rsparks@dynamicsoft.com, jon.peterson@neustar.biz
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/sip>,<mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>,<mailto:sip-request@ietf.org?subject=unsubscribe>
Sender: sip-admin@ietf.org

	Hello all,

	I *think* I volunteered to review referredby, so here I go.

	My first interpretation was that the AIB body should contain
	copies of the (header) fields from REFER request. However, there
	is language in a note within section 4 that suggested otherwise. 
	The suggestion here is that the Referred-By token would be an
	AIB usable by referree.

	I think most of the open issues and confusing stuff in the spec
	is because of this. The draft tries to define how a referrer
	could construct a AIB that a referree could send and target
	could check almost like a AIB, but not quite. Obviously, this is
	pretty hard task.

	Does Referred-By token (RBT) warrant a disposition-type of its
	own?

	I feel that it does - otherwise it is bit hard to authenticate
	origin of REFER request with AIB. Also, referree may include its
	own AIB in the referred request. Validating ordinary AIB or RBT
	are different tasks, so I think it will only create confusion if
	they both use same disposition-type.

	Sooo. Here is my proposal:

	- define a disposition-type for RBT ("referred-by+aib")

	- determine which headers put in the token

	  Referred-By, Refer-To, Date, [Expires], [To]

	  because token is not an ordinary AIB, no Call-ID or CSeq is
	  needed.

	- determine how target validates token

	  - To in incoming request should match Refer-To in RBT
	  - From in incoming request should match To in RBT
	  - Referred-By URL in incoming request should match Referred-By
	    in RBT

	But back to open issue #1. How to determine that the real
	referree is sending the request to target? Include the identity
	in Referred-By header, so that the target could use it in From
	header and authenticate itself using an ordinary AIB? Include
	the From header used by referree in NOTIFY/429 body?

	BR,
					Pekka
_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip

Prev by Date: Re: [Sip] Of-hook and On-hook @ sip?
Next by Date: [Sip] [Fwd: RE: SIP WG bugzilla instance]
Previous by thread: [Sip] TLS post connection verification
Next by thread: [Sip] [Fwd: RE: SIP WG bugzilla instance]
Index(es):
- Date
- Thread