Re: [Sip] I-D Inaction: draft-kaplan-sip-secure-call-id-00.txt

[Dale Worley <dworley at nortel.com>]

I'm not sure how much benefit comes from this idea.

On the one hand, it contains no mandate of the form "If the call-id is
of format xxxxx, then SBCs WILL NOT change it."  So there's SBC behavior
in particular that an outside agent can depend on, even if it knows that
all UAs in the system follow the I-D.  My guess is that SBCs will munge
the call-ids anyway, rather than trying to implement an algorithm to
determine compliance -- on a UAC-by-UAC basis!

The other side of this is that it makes life harder for anyone trying to
diagnose problems.  In sipX, we currently generate pseudo-random
call-ids.  Actually, the format is "s-XXXXXXXXXXX-NNN", where XXXXXXXX
is pseudo-random and NNN is a sequence number.  That way you can
mentally say "dialog 7" and "dialog 45", but still get uniqueness.  But
we've got a work item to append the host DNS name to the format so that
we can easily distinguish "dialog 45 from sipx1.example.com" and "dialog
45 from sipx2.example.com".

Dale