List Info

Thread: RFC4474 and E.164




RFC4474 and E.164
country flaguser name
United States		 2007-12-05 13:13:23 
Jon,

At the microphone I believe you were referring to section 11
of RFC4474.  The
first paragraph is relevant to today's discussion in SIP and
I highlighted a
specific sentence.  The highlighted sentence does not
consider session border
controllers which, on today's deployments, _are_ the
majority of cases
(majority of call minutes and the majority of phone calls):

   11.  Identity and the TEL URI Scheme

   Since many SIP applications provide a Voice over IP
(VoIP) service,
   telephone numbers are commonly used as identities in SIP
deployments.
   In the majority of cases, this is not problematic for the
identity
  
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^
   mechanism described in this document.  Telephone numbers
commonly
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   appear in the username portion of a SIP URI (e.g.,
   'sip:+17005551008chicago.example.com;user=phone').  That
username
   conforms to the syntax of the TEL URI scheme (RFC 3966
[13]).  For
   this sort of SIP address-of-record, chicago.example.com
is the
   appropriate signatory.

The rest of the section is available at:
http://
tools.ietf.org/html/rfc4474#section-11
but discusses only the TEL URI (which has no domain name).


We will need more text in Jason's document to discuss this
in more detail.

-d


_______________________________________________
Sip mailing list  https://ww
w1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementorscs.columbia.edu for questions on current
sip
Use sippingietf.org for new developments on the application of
sip
RE: RFC4474 and E.164
user name
 2007-12-07 10:06:03 
I'm certainly not going to claim that Section 11 of RFC4474,
or my older work in RFC3824, adequately describes the
situation with telephone numbers in SIP today. The sentence
you highlight below was intended to suggest that the
appearance of telephone numbers as the user part of a SIP
URI, rather than as a bare TEL URI with no host portion,
constitutes the "majority of cases". It was not
making a statement either way about whether or not SBCs are
involved in the majority of calls. The guidance given in
RFC4474 for signing such telephony-related SIP URIs for
Identity is obviously non-optimal when an intermediary such
as an SBC must modify content covered by the signature, but
of course, that is also true for all the rest of the
guidance in RFC4474.

My primary concern in the microphone discussion was to
separate out the difficulties of managing telephone numbers
in this context from (in my perspective) the unrelated and
excessive dilution of necessary security properties which
was proposed to accommodate SBCs.

Jon Peterson
NeuStar, Inc.

> -----Original Message-----
> From: Dan Wing [mailto:dwingcisco.com]
> Sent: Wednesday, December 05, 2007 11:13 AM
> To: sipietf.org; Peterson, Jon
> Cc: 'Jason Fischl'; jdrosencisco.com; 'Cullen
Jennings'
> Subject: RFC4474 and E.164 
> 
> 
> Jon,
> 
> At the microphone I believe you were referring to
section 11 
> of RFC4474.  The
> first paragraph is relevant to today's discussion in
SIP and 
> I highlighted a
> specific sentence.  The highlighted sentence does not 
> consider session border
> controllers which, on today's deployments, _are_ the
majority of cases
> (majority of call minutes and the majority of phone
calls):
> 
>    11.  Identity and the TEL URI Scheme
> 
>    Since many SIP applications provide a Voice over IP
(VoIP) service,
>    telephone numbers are commonly used as identities in
SIP 
> deployments.
>    In the majority of cases, this is not problematic
for the identity
>   
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^
>    mechanism described in this document.  Telephone
numbers commonly
>    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>    appear in the username portion of a SIP URI (e.g.,
>    'sip:+17005551008chicago.example.com;user=phone').  That username
>    conforms to the syntax of the TEL URI scheme (RFC
3966 [13]).  For
>    this sort of SIP address-of-record,
chicago.example.com is the
>    appropriate signatory.
> 
> The rest of the section is available at:
> http://
tools.ietf.org/html/rfc4474#section-11
> but discusses only the TEL URI (which has no domain
name).
> 
> 
> We will need more text in Jason's document to discuss
this in 
> more detail.
> 
> -d
> 


_______________________________________________
Sip mailing list  https://ww
w1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementorscs.columbia.edu for questions on current
sip
Use sippingietf.org for new developments on the application of
sip
[1-2]

about | contact  Other archives ( Real Estate discussion Medical topics )