[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)

To: "ext Dean Willis" <dean.willis at softarmor.com>
Subject: Re: [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig at nsn.com>
Date: Thu, 17 Jul 2008 21:50:47 +0300
Cc: SIP IETF <sip at ietf.org>, Cullen Jennings <fluffy at cisco.com>
Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
In-reply-to: <F3D84622-B3FF-4F60-BBCA-8F2668D939E7@softarmor.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <E22BEE62-CA95-4FAC-839D-A4654950C404@softarmor.com><B70B8EAC-2BC3-446D-AB56-522871BD5B28@nostrum.com><66cd252f0807161626m298f6471g86f9e95d07e87771@mail.gmail.com><F8B12F76-3AC1-4AAD-A702-BBC51650A6E3@softarmor.com> <548F439E-18A6-461B-B0CB-141F41E325F9@nostrum.com> <C41BFCED3C088E40A8510B57B165C1623E215C@FIESEXC007.nsn-intra.net> <2F128C71-050B-4025-BA1F-2C9C40FB9F77@softarmor.com> <C41BFCED3C088E40A8510B57B165C1623E2168@FIESEXC007.nsn-intra.net> <F3D84622-B3FF-4F60-BBCA-8F2668D939E7@softarmor.com>
Sender: sip-bounces at ietf.org
Thread-index: AcjoOsi9IJhX6QctTHS5KcK/3IGsVAAAq8Hg
Thread-topic: saml on 72 agenda (Re: [Sip] Draft agenda, SIP at IETF 72)

Hi Dean,
 
>On Jul 17, 2008, at 12:05 PM, Tschofenig, Hannes (NSN - 
>FI/Espoo) wrote:
>>>
>>> So here are the questions:
>>>
>>> 1) Are we getting anywhere, as a WG, with SAML?
>>
>> I am not sure I fully understand the question.
>
>Is the SIP WG successfully moving the document along, or is it 
>stuck in perpetual hold zone? Note that we've slipped the 
>charter milestone for this draft several times. This is not 
>the hallmark of good management.


That's indeed true. 

If I ignore the ongoing SIP Identity discussions then I could finish the
document next week. 


>
>>>
>>> 2) Is there some other process we should be using that 
>would be more 
>>> effective, such as a) a design team leading to AD-sponsored 
>>> individual or experimental draft, b) a dedicated working group on 
>>> identity issues such as I have proposed?
>>
>> One of the reasons for us being slow with the document was the 
>> dependency on SIP Identity and all the discussions around it during 
>> the past year or so. SIP SAML is dependent on SIP identity, at least 
>> it was up to the current version of the specification.
>>
>> Initially, I was hoping that these discussions would come to a 
>> conclusion rather soon. As it turns out this wasn't the case.
>>
>> I am currently leaning towards avoiding the dependency with SIP 
>> Identity (by using an independent header) and to ignore the 
>> discussions that happen in SIP identity (SBC issues, E.164 numbers, 
>> etc.).
>>
>
>Please tell me this doesn't mean you're inventing yet another 
>identity mechanism for SAML . . .


We are re-using the same way how SIP Identity signs the header fields. 
As such, if the raised issues with SBCs & co are real then the problems
would be the same. 


>
>
>>> 3) Does the work NEED to be done at all in the IETF?
>>
>> Is the question focusing on "should this be done at all" or is the 
>> question "is the IETF the right place for it"?
>>
>
>The latter. Is the IETF the right place for this work?

What other organization would you propose? 


>
>>> Is there
>>> a constituency of implementation, or are we engaging in a purely 
>>> academic exercise?
>>
>> There are implementations. Unfortunately from different versions of 
>> the draft -- and the draft has changed over time.
>
>Commercial or widely-deployed free implementations? Or lab 
>implementations?


Lab implementations

>>
>> Academic exercise: With the current state of deployment 
>almost all SIP 
>> security mechanisms are to some degree academic rather than enjoying 
>> widespread deployment.
>
>True. There is some pressure to stop putting effort into 
>security mechanisms that are not being deployed.

I can understand that. 

>> When starting the work I obviously had a different picture 
>of the next 
>> steps of the SIP deployment in mind. I was hoping for a more end-to- 
>> end usage of SIP for things other than voice. The document builds, 
>> with regard to the functionality, on SIP Identity. If nobody 
>wants SIP 
>> Identity then I doubt that they are extremly interested in the 
>> advanced version of SIP Identity.
>
>That's a fair statement.
>
>
>>> Perhaps academic publication would
>>> be a more appropriate direction if we lack a constituency.
>>
>> This document is not more or less academic than the rest of the 
>> documents in the SIP working group. I could list many things 
>-- but I 
>> better try to avoid that. Have already upset the GEOPRIV 
>working group 
>> today.
>>
>> If you are, however, asking whether the status of the document is 
>> correct (currently PS) and whether it should probably experimental 
>> then I am not so sure.
>
>Well, the bar to publication as experimental is somewhat lower 
>than PS. And if we don't expect near-term large-scale 
>deployment, experimental may be exactly the right track to be 
>on, as it's also a lot easier to change later once the 
>implementation experience teaches us what we did wrong.
>
Maybe that's not a bad idea. 

Ciao
Hannes

>--
>Dean
>
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- [Sip] saml proposal
  - From: Dean Willis

References:
- [Sip] Draft agenda, SIP at IETF 72
  - From: Dean Willis
- Re: [Sip] Draft agenda, SIP at IETF 72
  - From: Robert Sparks
- Re: [Sip] Draft agenda, SIP at IETF 72
  - From: Hisham Khartabil
- Re: [Sip] Draft agenda, SIP at IETF 72
  - From: Dean Willis
- Re: [Sip] Draft agenda, SIP at IETF 72
  - From: Robert Sparks
- Re: [Sip] Draft agenda, SIP at IETF 72
  - From: Tschofenig, Hannes (NSN - FI/Espoo)
- [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)
  - From: Dean Willis
- Re: [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)
  - From: Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)
  - From: Dean Willis

Prev by Date: Re: [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)
Next by Date: [Sip] saml proposal
Previous by thread: Re: [Sip] saml on 72 agenda (Re: Draft agenda, SIP at IETF 72)
Next by thread: [Sip] saml proposal
Index(es):
- Date
- Thread