A Taxonomy of Session Initiation Protocol (SIP) Back-to-Back User Agents
draft-ietf-straw-b2bua-taxonomy-03

[Ballot comment]
form discuss, now cleared.

I can probably be convinced that I'm in the rough. This started out as a comment and ended up as a discuss so that we could dicuss it.

I am somewhat doubtful that the security considerations section is adequate. If you're going to survey them all you should be able to make some appropriate statement about the security considerations for back to back user agents of varying varieties. in particular a number of them eliminate the possibility of end-to-end security mechanisms being employed generally transparently...

otherwise no objections.

from dave crocker's review.

I'm pretty sympathetic with the assertion that the taxonomy should be a bit more accessible as well.



"For example, the abstract should be tweaked to make it more readable for non-experts.  The current text assumes very large amount of SIP background, such as by using an acronym soup.  Better to use fewer acronyms in abstract, unless they have extensive familiarity to /casual/ readers.

To the extent that this document can only reasonably be read by first having familiarity with specific RFCs, the requirements need to be stated early in the Introduction.  Equally, the terminology section should cite the documents from which it is importing terms.  And every acronym should be expanded the first time it is used and/or have a citation to its technical details."

[Ballot comment]
from dave crocker's review.

I'm pretty sympathetic with the assertion that the taxonomy should be a bit more accessible as well.



"For example, the abstract should be tweaked to make it more readable for non-experts.  The current text assumes very large amount of SIP background, such as by using an acronym soup.  Better to use fewer acronyms in abstract, unless they have extensive familiarity to /casual/ readers.

To the extent that this document can only reasonably be read by first having familiarity with specific RFCs, the requirements need to be stated early in the Introduction.  Equally, the terminology section should cite the documents from which it is importing terms.  And every acronym should be expanded the first time it is used and/or have a citation to its technical details."

[Ballot comment]
The one nice thing about reviewing documents late is that everybody else has already said what needs to be said. Less typing for me. :-)

[Ballot comment]
In 4.6 and 4.7, it would be helpful to expand the various CSCF acronyms, since it's not necessarily obvious to the reader what they stand for.

This is a really helpful document—thanks for writing it!

[Ballot comment]
I support Joel's DISCUSS and Barry's request to consider the Applications Directorate review.

In the Abstract

  There are numerous types of SIP Back-to-Back User Agents (B2BUAs),
  performing different roles in different ways.  For Example IP-PBXs,
  SBCs and Application Servers.  This document identifies several
  common B2BUA roles, in order to provide taxonomy other documents can
  use and reference.

I don't think you can fix the middle sentence ("For Example ...") because you're just listing names with no details, and adding details probably isn't appropriate in an Abstract - it's probably clearer to delete the sentence altogether. Isn't it also pointed toward system types, more than roles? And the document says it's focused on roles.

At a minimum, in 3.1.  Signaling-plane B2BUA Roles

  This implies it does not modify SDP bodies,
  although it may save them and/or operate on other MIME body types.

It would be helpful to say more about "may save them" (for instance, why would the B2BUA do that?).

In 3.1.2.  Signaling-only

  An example of such a B2BUA would be some forms of Application Servers
  and PBXs, such as a server which locally processes REFER requests and
  generates new INVITEs on behalf of the REFER's target.  Another
  example would be an [RFC3323] Privacy Service Proxy performing the
  'header' privacy function.

I really like the examples you provided here. It would be great if you could provide examples for the descriptions as well.

In 3.2.  Media-plane B2BUA Roles

  A Media-plane B2BUA is one that operates at both the SIP and media
  planes, not only on SIP messages but also SDP and potentially RTP/
  RTCP or other media.  Such a B2BUA may or may not replace the Contact
  URI, modify or remove all Via and Record-Route headers, modify the To
  and From header fields, etc.  No SIP header field is guaranteed to be
  copied from the received request on the UAS side to the generated
  request on the UAC side, and SDP will also be modified.

I'm confused about a taxonomy where categories are described by what they might or might not do ...

Is "and SDP will also be modified" typically true, always true, or something else?

In 3.2.1.  Media-relay (and in other places as well)

  A B2BUA which performs a media-relay role is one that terminates the
  media plane at the IP and UDP/TCP layers on its UAS and UAC sides,
  but neither modifies nor restricts which forms of UDP or TCP payload
  are carried within the UDP or TCP packets.  Such a role may only
  support UDP or only TCP or both, as well as other transport types or
  not.  Such a role may involve policing the IP packets to fit within a
  bandwidth limit, or converting from IPv4 to IPV6 or vice-versa.  This
  is typically similar to a NAT behavior, except a NAT operating in
  both directions on both the source and destination information; it is
  often found as the default behavior in SBCs.

naming TCP, UDP, or both repeatedly might be clearer if you replaced references with a more general "transport".

In 4.  Mapping SIP Device Types to B2BUA Roles, as you point out, these are marketing category terms without strict definitions. Given that I could build a device and call it by any of these names, how helpful is this section (and its subsections)?

[Ballot comment]
UPDATED:
An Applications Directorate review was just posted, and I'm sorry that it's so late (it was not the reviewer's fault, but a processing problem).  There's nothing in the review that I would mark as blocking, but the review makes a lot of reasonable suggestions:
http://www.ietf.org/mail-archive/web/apps-discuss/current/msg09960.html

Before the document is final, please have a look at the review and address the suggestions that you think are good ones.

----------------------------------------------
My original comments:

There's an oddity in the shepherd writeup that I'd like to clear up, but it's not at the level of a blocking DISCUSS:

  Q: Why is this the proper type of RFC?
  A: It’s published for the general information of the Internet community,
      and does not represent an Internet community consensus or recommendation.

Other bits of the shepherd writeup do talk about working group consensus, so I presume that this is just a bad answer... but I want to be clear about the status of this document, which is a product of a working group and is asking to be published in the IETF Stream: This *is* intended to be an IETF consensus document, yes?

Another very small point: the text in the Acknowledgments section is part of ancient boilerplate, and doesn't belong here any more.

[Ballot comment]

Your terminology section is not a terminology section, it "just" listing acronyms. This is weak for a taxonomy document ;-)
I was expecting:

      Back-to-Back User Agent [RFC3261] : A back-to-back user agent (B2BUA) is a
        logical entity that receives a request and processes it as a
        user agent server (UAS).  In order to determine how the request
        should be answered, it acts as a user agent client (UAC) and
        generates requests.  Unlike a proxy server, it maintains dialog
        state and must participate in all requests sent on the dialogs
        it has established.  Since it is a concatenation of a UAC and
        UAS, no explicit definitions are needed for its behavior.

      User Agent Client (UAC), [RFC3261]: A user agent client is a logical entity
        that creates a new request, and then uses the client
        transaction state machinery to send it.  The role of UAC lasts
        only for the duration of that transaction.  In other words, if
        a piece of software initiates a request, it acts as a UAC for
        the duration of that transaction.  If it receives a request
        later, it assumes the role of a user agent server for the
        processing of that transaction.

      User Agent Server (UAS) [RFC3261]: A user agent server is a logical entity
        that generates a response to a SIP request.  The response
        accepts, rejects, or redirects the request.  This role lasts
        only for the duration of that transaction.  In other words, if
        a piece of software responds to a request, it acts as a UAS for
        the duration of that transaction.  If it generates a request
        later, it assumes the role of a user agent client for the
        processing of that transaction.

Alternatively,

    The User Agent Client (UAC) and User Agent Server (UAS) are defined in [RFC3261].
    The User Agent Server (UAS) is redefined compared to [RFC3261] definition:

      Back-to-Back User Agent: a SIP Back-to-Back User Agent, which is the logical
      combination of a User Agent Server (UAS) and User Agent Client (UAC).


Later I see

  Furthermore, this document defines 'B2BUA' following the definition
  provided in [RFC3261], which is the logical concatenation of a UAS
  and UAC. 

That confuses me, specifically because I would have expecting this in the terminology section, and it does it "follow" the definition in RFC3261: the spirit maybe.
I don't mind the repeat here, but the terminology section must be clear
Close to a DISCUSS. Please engage in the discussion (if you don't plan on fixing this)

Editorial:
- Expand a few acronyms with their respective first occurrence: SBC, PBX


Thanks for this document. It will be useful.

[Ballot comment]

- Section 5: I support Joel's dicusss - some of the very clear
security and privacy implications of the different roles should
be called out here. (And they're not all bad implications.) So
I hope he's not convinced he's in the rough.

- Section 3: a table just listing the type names with or without
a one-line description and a pointer to the section where
they're defined migth be useful for the reader.

- 3.1: Why would a b2bua like this save SDP bodies? Wouldn't
that have some privacy implications?

- 3.2.1: A reference for "NAT behaviour" might be a good
addition.

- 4.6 & 4.7: lots of unexpanded acronyms, which seems like a bad
plan for a taxonomy document (even if they're IMS terms:-)

[Ballot discuss]
I can probably be convinced that I'm in the rough. This started out as a comment and ended up as a discuss so that we could dicuss it.

I am somewhat doubtful that the security considerations section is adequate. If you're going to survey them all you should be able to make some appropriate statement about the security considerations for back to back user agents of varying varieties. in particular a number of them eliminate the possibility of end-to-end security mechanisms being employed generally transparently...

otherwise no objections.

[Ballot comment]
Overall, thanks for a nicely written document.  It seems like a helpful guide to understanding some real devices, and why they do what they do.

C1. At the top level of Section 3.1, you say that a "Signaling-plane B2BUA" doesn't modify SDP bodies.  But then Section 3.1.3 describes an "SDP-modifying signaling-only B2BUA".  It would be helpful to be more specific at the top level (3.1) as to what sort of SDP modification these things *don't* do, then in 3.1.3 as to what sort of modifications they *do*.  It seems like the line is something like, "These B2BUAs don't do anything that changes the path that media takes (in particular, they don't insert themselves on the media path), but they may make SDP changes that affect what is sent on the media plane."

C2. The jump from CSeq-only modification (3.1.1) to modification of all headers (3.1.2) seems a little stark.  It might be worth noting that there are lots of gradations in the "Signaling-only" bucket -- some have only a few intrusive behaviors, some edit headers heavily, often dependent on configuration -- but because there are not clear categories, we group them together into this bucket.

C3. In Section 3.2.2, s/mux/multiplex/g

C4. The top level of Section 3 says that a conference server is not a B2BUA, but then Section 3.2.3 lists "conference servers" among the things that are "Media-termination B2BUAs".  Based on Section 4.5, it seems like what you mean here is that *some* conference servers terminate media.  "This is the role performed, for example, by transcoders and some conference servers."

[Ballot comment]
There's an oddity in the shepherd writeup that I'd like to clear up, but it's not at the level of a blocking DISCUSS:

  Q: Why is this the proper type of RFC?
  A: It’s published for the general information of the Internet community,
      and does not represent an Internet community consensus or recommendation.

Other bits of the shepherd writeup do talk about working group consensus, so I presume that this is just a bad answer... but I want to be clear about the status of this document, which is a product of a working group and is asking to be published in the IETF Stream: This *is* intended to be an IETF consensus document, yes?

Another very small point: the text in the Acknowledgments section is part of ancient boilerplate, and doesn't belong here any more.

IESG/Authors/WG Chairs:

IANA has reviewed draft-ietf-straw-b2bua-taxonomy-02, which is currently
in Last Call, and has the following comments:

We understand that, upon approval of this document, there are no IANA
Actions that need completion.

If this assessment is not accurate, please respond as soon as possible.

The following Last Call announcement was sent out:

From: The IESG
To: IETF-Announce
CC:
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (A Taxonomy of Session Initiation Protocol (SIP) Back-to-Back User Agents) to Informational RFC


The IESG has received a request from the Sip Traversal Required for
Applications to Work WG (straw) to consider the following document:
- 'A Taxonomy of Session Initiation Protocol (SIP) Back-to-Back User
  Agents'
  as Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2013-07-01. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  In many SIP deployments, SIP entities exist in the SIP signaling path
  between the originating UAC and final terminating UAS, which go
  beyond the definition of a Proxy, performing functions not defined in
  standards-track RFCs.  The only term for such devices provided in
  [RFC3261] is for a Back-to-Back User Agent (B2BUA), which is defined
  as the logical concatenation of a User Agent Server (UAS) and User
  Agent Client (UAC).

  There are numerous types of SIP Back-to-Back User Agents (B2BUAs),
  performing different roles in different ways.  For Example IP-PBXs,
  SBCs and Application Servers.  This document identifies several
  common B2BUA roles, in order to provide taxonomy other documents can
  use and reference.




The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-straw-b2bua-taxonomy/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-straw-b2bua-taxonomy/ballot/


No IPR declarations have been submitted directly on this I-D.

draft-ietf-straw-b2bua-taxonomy-02 proto writeup


(1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)?


Informational


Why is this the proper type of RFC?


It’s published for the general information of the Internet community, and does not represent an Internet community consensus or recommendation.


Is this type of RFC indicated in the title page header?


Yes


(2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections:
Technical Summary:
Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction.


In many SIP deployments, SIP entities exist in the SIP signaling path between the originating UAC and final terminating UAS, which go beyond the definition of a Proxy, performing functions not defined in standards-track RFCs.  The only term for such devices provided in RFC3261 is for a Back-to-Back User Agent (B2BUA), which is defined as the logical concatenation of a User Agent Server (UAS) and User Agent Client (UAC).

There are numerous types of SIP Back-to-Back User Agents (B2BUAs), performing different roles in different ways.  For Example IP-PBXs, SBCs and Application Servers.  This document provides a taxonomy of several common B2BUA roles, so that other documents can use and reference.


Working Group Summary:
Was there anything in WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough?


The WG path of this document was reasonably short and efficient. Several technical comments were made during reviews and all were resolved with consensus.
There is consensus in the STRAW WG to publish this document.


Document Quality:
Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted?


The document identifies several common B2BUA roles in existing implementations developed by different vendors. It is expected that with the approval of this document other documents will use and reference the taxonomy described therein.


Personnel:
Who is the Document Shepherd?


Christer Holmberg (christer.holmberg@ericsson.com -- STRAW WG co-chair)


Who is the Responsible Area Director?


Gonzalo Camarillo (Gonzalo.Camarillo@ericsson.com -- RAI AD)


(3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG.


The document is ready for publication


(4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed?


No


(5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place.


No


(6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here.


No concerns


(7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why?


Yes


(8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures.


No


(9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it?


The WG as a whole understand and agree with it


(10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.)


No


(11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough.


No issues found


(12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews.


Not Applicable


(13) Have all references within this document been identified as either normative or informative?


All references within this ‘Informational’ document have been identified as informative. Most of the referenced documents are ‘Standards-Track’ RFCs, being two ‘Informational’ RFCs and one a non-IETF standard (3GPP TS 23.228).


(14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion?


No


(15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure.


No


(16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary.


No


(17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226).


This document makes no request or reference to IANA


(18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries.


This document makes no request to IANA


(19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc.


This document does not use formal language such as XML code, BNF rules or MIB definitions.