[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sip] RE: Use of AIB in referredby

To: Mary Barnes <mbarnes@nortelnetworks.com>
Subject: RE: [Sip] RE: Use of AIB in referredby
From: Robert Sparks <rsparks@dynamicsoft.com>
Date: 18 Jun 2003 08:39:16 -0500
Cc: "'Peterson, Jon'" <jon.peterson@neustar.biz>, sip@ietf.org
In-reply-to: <870397D7C140C84DB081B88396458DAF5789D6@zrc2c000.us.nortel.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/sip>,<mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>,<mailto:sip-request@ietf.org?subject=unsubscribe>
References: <870397D7C140C84DB081B88396458DAF5789D6@zrc2c000.us.nortel.com>
Sender: sip-admin@ietf.org

It turns out that we already have an identifier that distinguishes
the AIB used for the refer token - it is called out explicitly by
the cid parameter to the Referred-By header field itself. 
A consumer won't be scanning all the AIBs in a message wondering
which one is the referred-by token.

So, I left it as 'aib' in referred-by-02.

RjS

On Fri, 2003-06-13 at 10:58, Mary Barnes wrote:
> My general preference is to be more explicit and towards that end I would
> think a different Content-Disposition disposition-type could be useful.
> That said, if AIB were as general as Robert suggested initially, then it
> could possibly be reused even for the Inserted headers (like History-Info),
> where I'm currently modeling the solution after AIB, but was planning on a
> new Content-Disposition disposition-type.  However, even I would agree that
> the Inserted Headers are more different than the original intent of AIB than
> the Referred-by use and again I do prefer to be more explicit.
> 
> Mary.
> 
> -----Original Message-----
> From: Peterson, Jon [mailto:jon.peterson@neustar.biz]
> Sent: Friday, June 13, 2003 2:17 AM
> To: 'Robert Sparks'; sip@ietf.org
> Subject: [Sip] RE: Use of AIB in referredby
> 
> 
> 
> I look at the AIB as the application of sipfrags to the problem described in
> RFC3261 23.4 - the tunneling of integrity and authentication properties
> within the MIME bodies of SIP messages. In the AIB, these properties are
> intended to provide identity, hence the name 'authenticated identity body'.
> I think that the usage in referredby is sufficiently close to that purpose,
> providing authenticated identity within a body, that I don't think we have a
> problem with reuse of the term.
> 
> The real question, I think, is whether or not there is any value in
> differentiating an AIB resulting from a REFER from any other AIB (such as a
> 'normal' one representing the sender of an INVITE) that might be in a
> request. Surely these need to be differentiated somehow - the signature on
> the AIB itself would be one indicator, as would the headers in the body, but
> Content-Disposition is another point at which the two could be
> distinguished. 
> 
> I don't have a strong intuition about whether or not the use of a different
> Content-Disposition would be valuable.
> 
> Jon Peterson
> NeuStar, Inc.
> 
> > -----Original Message-----
> > From: Robert Sparks [mailto:rsparks@dynamicsoft.com]
> > Sent: Monday, June 09, 2003 1:00 PM
> > To: sip@ietf.org
> > Cc: Jon Peterson
> > Subject: Use of AIB in referredby
> > 
> > 
> > Several weeks ago, Pekka made a suggestion that I would like to
> > follow up on now (sorry for the very long delay Pekka). His 
> > suggestion was to use a different Content-Disposition
> > disposition-type for referredby-tokens.
> > 
> > This draws attention to what the "aib" value means. 
> > 
> > Is it merely a synonym for "signed message/sipfrag"? If so, the
> > authid-body draft defines the value _and_ specifies one particular
> > use of a body with that disposition type (providing integrity and
> > authentication of sender for a single message). Other uses are valid,
> > so we should reuse it and not add noise to the IANA registry.
> > 
> > If, instead, "aib" means "signed message/sipfrag with these
> > particular security implications", then our referredby token
> > is _not_ an aib. It's something _like_ an aib, but with 
> > slightly different requirements, and artifacts in the protocol
> > (like the disposition-type) should probably reflect that. If this
> > is the case, referredby could register something like "RBIB"
> > (ReferredBy Identity Body), or, treading much more dangerous ground,
> > "TPIB" (Third Party Identity Body).
> > 
> > So, which of the above meanings for AIB is auth-id body establishing?
> > 
> > RjS
> > 
> > 
> _______________________________________________
> Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors@cs.columbia.edu for questions on current sip
> Use sipping@ietf.org for new developments on the application of sip
> _______________________________________________
> Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors@cs.columbia.edu for questions on current sip
> Use sipping@ietf.org for new developments on the application of sip


_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip

References:
- RE: [Sip] RE: Use of AIB in referredby
  - From: Mary Barnes

Prev by Date: [Sip] Referredby revision
Next by Date: [Sip] SLP
Previous by thread: RE: [Sip] RE: Use of AIB in referredby
Next by thread: [Sip] RE: Question on draft-ietf-sip-identity-01
Index(es):
- Date
- Thread