IETF 64 SIP Work Group Session I

Tuesday, November 08, 2005, 1pm - 3pm

Eric Burger, not so Humble Scribe


Agenda was bashed

=================

James Polk: Doesn't need to talk about Location Conveyance


New charter was reviewed

Charter deliverables were reviewed

==================================


Jonathan: Who Wants to promote SIP to Draft Standard?

Jon: Who Can promote SIP to Draft Standard?

Normative Dependency Rules make this unrealistic in our lifetimes.

Dean: This came in at end of IESG deliberation.

Neither Dean nor Rohan nor Jon asked for it. Jon doesn't remember it

coming up.


Jon recaps what it means to be Draft Standard. All Normative

Dependencies have to be at same level. All normative dependencies in

HTTP have to be at Draft Standard level.


Allison: newtrk may obsolete Draft Standard, any.  Idea for Charter

Deliverable is to figure out WHAT are the Critical Supporting

Specifications.


JDR: That would be OK, but going to Draft is not.


Rohan: take discussion to list



Milestone Discussion, Status Update

===================================

Allison: MIB in Expert Review. Remember folks: it takes a long time to

get a MIB review, thus need fast turn around when you get the comments.


MIB doctors say to remove method identifiers.  Method identifiers put in

at request of MIB doctors :(



Response Identity Draft

=======================

Not much feedback - need more feedback if this is important



SIP Certs Draft

===============

7 people plan on implementing it; Rohan will pick two reviewers



draft-elwell-sip-connected-identity-00

======================================

Discussion:

Rohan - changing To/From headers has lots of problems.  Should use new

headers (the proposal in the draft).  Problems with new headers is

philosophical, but no engineering problems.

Cullen - Likes changing To/From, over new header, because there are lots

of headers describing identity.  That makes clients harder ("which

identity do I present to the user?")

JDR - Will changing To/From on the fly break your proxy?  Room has a

minor problem.

RjS - SIPit reality is products break when one changes the whitespace in

a display name.

JDR - So what?  Not our problem to patch around broken implementations.

Jon - Hard to determine when to use this idea of identity versus

"normal" identity mechanisms

RjS - In a vacuum, would allow modifying To/From, as that keeps it a

single place to look for identity information.  If we go down path of

making To/From sane, then we have to figure out how to do backwards

compatibility.

Juri - Likes changing To/From; don't care about 2543 clients.  2543

itself is broken in terms of identity; somewhat fixed in 3261.

Dave O. - If we don't break backward-compatibility now, when will we?

Looks like a good time to make break.  We can sell it if this is an

important feature.  Thinks this one is a good one.

Jon - Original identity draft took step of saying that To/From should be

the identities.  Like modifying From header request in network; doesn't

like modifying To header requests.

Cullen - worth looking into looking at putting in to 200 response

mechanism.

JDR - like identity service working in the To field; symmetric, saves a

round-trip, etc.

Hisham - Wouldn't this change identity header hash?  Rohan - yes; you

recomputed it


Rohan: Proposal to go forward with Connected-Party, to change 3261 to

change From header in mid-dialog requests, leaving identity headers

intact.


Consensus on this proposal: allow changes to From headers (Pretty close;

very rough)


JDR: This is going to be an extension, not a blind change.


Cullen: need a draft to describe how this will work


Consensus on investigating To/From approach.



SIP-SAML Draft

==============

JDR: Document doesn't describe how to use SAML with SIP.  Document that

is supposed to describe how to use SAML with SIP, but the document says,

there are lots of ways of using SAML with SIP.

Jon: Yes, it is underspecified today.


Dean: no consensus on making this a work group item



Answer and Alert Modes

======================

Cullen: two attacks: Whoopie Cushion attack and Bug My Office attack


Consensus is that this is important work.


RjS: Draft is a "train wreck" from a developer's point of view.

JDR: Use SAML; only allow it to work if you hold the Operator artifact.


Decision: Rip out Alert-Mode (use Alert-Info), use Caller Prefs.  Do

lose baby monitor use case.



Trust Path Discovery

====================

Discussion: probably will be a combination of push at the high level /

service provider and query by the end-user

Scale is a big problem, e.g., one large ISP cannot physically compute

3-degree map for its own IM subscribers; there are simply too many.


Not a SIP issue, so we will be kept informed on list.



SPIT / SAML

===========

draft-schwartz-sipping-spit-saml-00

Discussion:

Hgs: Identity: what is useful how easy to get aliases for bad guys for

blacklists

-> looking for more / better meta information to help recipient chose to

accept / block call

Cullen: good start for lots of interesting work

Jon: draft makes this look like Domain problem; end users should have

control, too



Remote Call Control

===================

Editor arrested for DWI - Drafting While Intoxicated :)

Needs work, but is this worth doing?

JDR: this is CTI.  Is that OK in SIP?  JDR doesn't think so

Room consensus: in room of 200, 20 say yes, 2 say no.