[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)
Hi Dean,
>>>>> I also don't think we need 10mins for
>>> draft-ietf-sip-saml-04. We can
>>>>> limit face time to drafts that have open issues to discuss
>>> that were
>>>>> not resolveable on the list.
>>
>> I also do not think we need to discuss the document during theFrom sip-bounces at ietf.org Thu Jul 17 10:05:24 2008
Return-Path: <sip-bounces at ietf.org>
X-Original-To: sip-web-archive at optimus.ietf.org
Delivered-To: ietfarch-sip-web-archive at core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 5C9BE3A6ABF;
Thu, 17 Jul 2008 10:05:24 -0700 (PDT)
X-Original-To: sip at core3.amsl.com
Delivered-To: sip at core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 1689A3A6B2F
for <sip at core3.amsl.com>; Thu, 17 Jul 2008 10:05:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.365
X-Spam-Level:
X-Spam-Status: No, score=-5.365 tagged_above=-999 required=5 tests=[AWL=1.234,
BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32])
by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id qzraWhlc0zsY for <sip at core3.amsl.com>;
Thu, 17 Jul 2008 10:05:22 -0700 (PDT)
Received: from demumfd001.nsn-inter.net (demumfd001.nsn-inter.net
[217.115.75.233])
by core3.amsl.com (Postfix) with ESMTP id C59DB3A689A
for <sip at ietf.org>; Thu, 17 Jul 2008 10:05:21 -0700 (PDT)
Received: from demuprx016.emea.nsn-intra.net ([10.150.129.55])
by demumfd001.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id
m6HH5iwZ011232
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
Thu, 17 Jul 2008 19:05:44 +0200
Received: from demuexc023.nsn-intra.net (webmail.nsn-intra.net [10.150.128.36])
by demuprx016.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP
id m6HH5im2003833; Thu, 17 Jul 2008 19:05:44 +0200
Received: from demuexc024.nsn-intra.net ([10.159.32.11]) by
demuexc023.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.3959);
Thu, 17 Jul 2008 19:05:44 +0200
Received: from FIESEXC007.nsn-intra.net ([10.159.0.15]) by
demuexc024.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.3959);
Thu, 17 Jul 2008 19:05:43 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Thu, 17 Jul 2008 20:05:41 +0300
Message-ID: <C41BFCED3C088E40A8510B57B165C1623E2168 at FIESEXC007.nsn-intra.net>
In-Reply-To: <2F128C71-050B-4025-BA1F-2C9C40FB9F77 at softarmor.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: saml on 72 agenda (Re: [Sip] Draft agenda, SIP at IETF 72)
Thread-Index: AcjoLJTs/zaQPPWUSJ2hV+5zclBE/QAANdxg
References: <E22BEE62-CA95-4FAC-839D-A4654950C404 at softarmor.com><B70B8EAC-2BC3-446D-AB56-522871BD5B28 at nostrum.com><66cd252f0807161626m298f6471g86f9e95d07e87771 at mail.gmail.com><F8B12F76-3AC1-4AAD-A702-BBC51650A6E3 at softarmor.com>
<548F439E-18A6-461B-B0CB-141F41E325F9 at nostrum.com>
<C41BFCED3C088E40A8510B57B165C1623E215C at FIESEXC007.nsn-intra.net>
<2F128C71-050B-4025-BA1F-2C9C40FB9F77 at softarmor.com>
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig at nsn.com>
To: "ext Dean Willis" <dean.willis at softarmor.com>
X-OriginalArrivalTime: 17 Jul 2008 17:05:43.0253 (UTC)
FILETIME=[58E46850:01C8E82F]
X-TM-AS-Product-Ver: SMEX-7.0.0.1584-5.5.1027-16036.007
X-TM-AS-Result: No--19.050900-8.000000-31
Cc: SIP IETF <sip at ietf.org>, Cullen Jennings <fluffy at cisco.com>
Subject: Re: [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)
X-BeenThere: sip at ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>,
<mailto:sip-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:sip at ietf.org>
List-Help: <mailto:sip-request at ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip>,
<mailto:sip-request at ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: sip-bounces at ietf.org
Errors-To: sip-bounces at ietf.org
Hi Dean,
>>>>> I also don't think we need 10mins for
>>> draft-ietf-sip-saml-04. We can
>>>>> limit face time to drafts that have open issues to discuss
>>> that were
>>>>> not resolveable on the list.
>>
>> I also do not think we need to discuss the document du
>> meeting.
>> There are open issues but they are mostly technical in nature and I
>> don't expect a lot of feedback on these issues during a face-to-face
>> discussion with a 10 min slot.
>>
>> My impression at previous SIP meetings was that there is not enough
>> time for some discussions related to the overall direction of the
>> work.
>> Many
>> of the detailed discussions on drafts, where often only 5 folks know
>> the subject well enough or care about it enough to join the
>> discussion, are not really well-spent time given the larger
>number of
>> folks in the meeting room.
>
>
>So here are the questions:
>
>1) Are we getting anywhere, as a WG, with SAML?
I am not sure I fully understand the question.
>
>2) Is there some other process we should be using that would
>be more effective, such as a) a design team leading to
>AD-sponsored individual or experimental draft, b) a dedicated
>working group on identity issues such as I have proposed?
One of the reasons for us being slow with the document was the
dependency on SIP Identity and all the discussions around it during the
past year or so. SIP SAML is dependent on SIP identity, at least it was
up to the current version of the specification.
Initially, I was hoping that these discussions would come to a
conclusion rather soon. As it turns out this wasn't the case.
I am currently leaning towards avoiding the dependency with SIP Identity
(by using an independent header) and to ignore the discussions that
happen in SIP identity (SBC issues, E.164 numbers, etc.).
>3) Does the work NEED to be done at all in the IETF?
Is the question focusing on "should this be done at all" or is the
question "is the IETF the right place for it"?
> Is there
>a constituency of implementation, or are we engaging in a
>purely academic exercise?
There are implementations. Unfortunately from different versions of the
draft -- and the draft has changed over time.
Academic exercise: With the current state of deployment almost all SIP
security mechanisms are to some degree academic rather than enjoying
widespread deployment.
When starting the work I obviously had a different picture of the next
steps of the SIP deployment in mind. I was hoping for a more end-to-end
usage of SIP for things other than voice. The document builds, with
regard to the functionality, on SIP Identity. If nobody wants SIP
Identity then I doubt that they are extremly interested in the advanced
version of SIP Identity.
>Perhaps academic publication would
>be a more appropriate direction if we lack a constituency.
This document is not more or less academic than the rest of the
documents in the SIP working group. I could list many things -- but I
better try to avoid that. Have already upset the GEOPRIV working group
today.
If you are, however, asking whether the status of the document is
correct (currently PS) and whether it should probably experimental then
I am not so sure.
Ciao
Hannes
>
>--
>Dean
>
>
>
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip
ring the
>> meeting.
>> There are open issues but they are mostly technical in nature and I
>> don't expect a lot of feedback on these issues during a face-to-face
>> discussion with a 10 min slot.
>>
>> My impression at previous SIP meetings was that there is not enough
>> time for some discussions related to the overall direction of the
>> work.
>> Many
>> of the detailed discussions on drafts, where often only 5 folks know
>> the subject well enough or care about it enough to join the
>> discussion, are not really well-spent time given the larger
>number of
>> folks in the meeting room.
>
>
>So here are the questions:
>
>1) Are we getting anywhere, as a WG, with SAML?
I am not sure I fully understand the question.
>
>2) Is there some other process we should be using that would
>be more effective, such as a) a design team leading to
>AD-sponsored individual or experimental draft, b) a dedicated
>working group on identity issues such as I have proposed?
One of the reasons for us being slow with the document was the
dependency on SIP Identity and all the discussions around it during the
past year or so. SIP SAML is dependent on SIP identity, at least it was
up to the current version of the specification.
Initially, I was hoping that these discussions would come to a
conclusion rather soon. As it turns out this wasn't the case.
I am currently leaning towards avoiding the dependency with SIP Identity
(by using an independent header) and to ignore the discussions that
happen in SIP identity (SBC issues, E.164 numbers, etc.).
>3) Does the work NEED to be done at all in the IETF?
Is the question focusing on "should this be done at all" or is the
question "is the IETF the right place for it"?
> Is there
>a constituency of implementation, or are we engaging in a
>purely academic exercise?
There are implementations. Unfortunately from different versions of the
draft -- and the draft has changed over time.
Academic exercise: With the current state of deployment almost all SIP
security mechanisms are to some degree academic rather than enjoying
widespread deployment.
When starting the work I obviously had a different picture of the next
steps of the SIP deployment in mind. I was hoping for a more end-to-end
usage of SIP for things other than voice. The document builds, with
regard to the functionality, on SIP Identity. If nobody wants SIP
Identity then I doubt that they are extremly interested in the advanced
version of SIP Identity.
>Perhaps academic publication would
>be a more appropriate direction if we lack a constituency.
This document is not more or less academic than the rest of the
documents in the SIP working group. I could list many things -- but I
better try to avoid that. Have already upset the GEOPRIV working group
today.
If you are, however, asking whether the status of the document is
correct (currently PS) and whether it should probably experimental then
I am not so sure.
Ciao
Hannes
>
>--
>Dean
>
>
>
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip