[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Comment on DERIVE and B2BUAs

To: Dale.Worley at comcast.net, sip at ietf.org
Subject: Re: [Sip] Comment on DERIVE and B2BUAs
From: "Elwell, John" <john.elwell at siemens.com>
Date: Wed, 29 Oct 2008 06:37:12 +0000
Delivered-to: ietfarch-sip-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
In-reply-to: <200810290236.m9T2aagI55951354 at shell01.TheWorld.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <618e24240810250809j664bf47ay2745cc9fbf7b0565 at mail.gmail.com> <0D5F89FAC29E2C41B98A6A762007F5D001382923 at GBNTHT12009MSX.gb002.siemens.net> <200810290236.m9T2aagI55951354 at shell01.TheWorld.com>
Sender: sip-bounces at ietf.org
Thread-index: Ack5b4CMoGpREQqSRZy69pks0CAVlQAIJO9w
Thread-topic: [Sip] Comment on DERIVE and B2BUAs

 

> -----Original Message-----
> From: sip-bounces at ietf.org [mailto:sip-bounces at ietf.org] On 
> Behalf Of Dale.Worley at comcast.net
> Sent: 29 October 2008 02:37
> To: sip at ietf.org
> Subject: Re: [Sip] Comment on DERIVE and B2BUAs
> 
> 
>    From: "Elwell, John" <john.elwell at siemens.com>
> 
>    An interesting draft addressing a known problem space. Dan Wing has
>    already pointed out similarities with draft-wing-sip-e164-rrc (now
>    expired). I fear the present draft will not work in the presence of
>    B2BUAs along the path of the INVITE request, since these tend to
>    change things like call-ID, to-tag and from-tag. Since B2BUAs, and
>    SBCs in particular, are the main reasons why RFC 4474 will not
>    work, any solution has to be able to work through these devices.
> 
> However...  If we change the sequence of operations a bit, so that the
> UAS sends a 183 with a Contact carrying a specific header parameter
> carrying a crypto-random value, and we get B2BUAs to pass it through
> (attaching it to the Contact they use in the 183 they emit on the
> other side), then if the UAS does a non-filtered dialog event
> SUBSCRIBE, it can check the returned NOTIFY to see if it carries the
> Contact header parameter that it created.  That's a reasonably good
> test that the UAC of the INVITE can be reached via the From value that
> the UAS received.
[JRE] Unless a B2BUA fails to play according to the rules and
acknowledges the SUBSCRIBE without carrying out the same test on the
next hop. That is why we really need a cryptographic solution, so that
we can see for sure which domain is asserting that the identity is
correct.

John
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] Comment on DERIVE and B2BUAs
  - From: Adam Roach

References:
- [Sip] submission of a new I-D: "Dialog Event foR Identity VErification"
  - From: Victor Pascual Ávila
- [Sip] Comment on DERIVE and B2BUAs
  - From: Elwell, John
- Re: [Sip] Comment on DERIVE and B2BUAs
  - From: Dale . Worley

Prev by Date: Re: [Sip] Comment on DERIVE and B2BUAs
Next by Date: Re: [Sip] Comment on DERIVE and B2BUAs
Previous by thread: Re: [Sip] Comment on DERIVE and B2BUAs
Next by thread: Re: [Sip] Comment on DERIVE and B2BUAs
Index(es):
- Date
- Thread