A Session Identifier for the Session Initiation Protocol (SIP)
draft-kaplan-insipid-session-id-04
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2014-08-14
|
04 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2014-07-25
|
04 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2014-07-25
|
04 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2014-06-27
|
04 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2014-06-27
|
04 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2014-06-26
|
04 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2014-06-26
|
04 | (System) | IANA Action state changed to In Progress from On Hold |
2014-06-23
|
04 | Amy Vezza | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2014-06-20
|
04 | (System) | RFC Editor state changed to EDIT |
2014-06-20
|
04 | (System) | Announcement was received by RFC Editor |
2014-06-19
|
04 | (System) | IANA Action state changed to On Hold |
2014-06-19
|
04 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent::Point Raised - writeup needed |
2014-06-19
|
04 | Amy Vezza | IESG has approved the document |
2014-06-19
|
04 | Amy Vezza | Closed "Approve" ballot |
2014-06-19
|
04 | Amy Vezza | Ballot approval text was generated |
2014-06-19
|
04 | Amy Vezza | Ballot writeup was changed |
2014-04-03
|
04 | Gunter Van de Velde | Closed request for Telechat review by OPSDIR with state 'No Response' |
2014-04-03
|
04 | Tero Kivinen | Closed request for Last Call review by SECDIR with state 'No Response' |
2014-04-02
|
04 | Dan Romascanu | Request for Telechat review by GENART Completed: Ready. Reviewer: Dan Romascanu. |
2014-03-27
|
04 | Cindy Morgan | IESG state changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation |
2014-03-27
|
04 | Ted Lemon | [Ballot Position Update] New position, No Objection, has been recorded for Ted Lemon |
2014-03-27
|
04 | Kathleen Moriarty | [Ballot comment] This is a non-blocking comment/suggestion: The security considerations section should include a sentence about the requirement to avoid any values that may raise … [Ballot comment] This is a non-blocking comment/suggestion: The security considerations section should include a sentence about the requirement to avoid any values that may raise privacy concerns in the SIP header. This is already listed earlier int he document, but may be helpful to repeat in this section. |
2014-03-27
|
04 | Kathleen Moriarty | [Ballot Position Update] New position, No Objection, has been recorded for Kathleen Moriarty |
2014-03-27
|
04 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2014-03-27
|
04 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2014-03-27
|
04 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2014-03-26
|
04 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2014-03-26
|
04 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2014-03-24
|
04 | Stephen Farrell | [Ballot Position Update] Position for Stephen Farrell has been changed to No Objection from Discuss |
2014-03-23
|
04 | Stephen Farrell | [Ballot discuss] Just one discuss point which is just to check if the WG did or didn't consider a thing... In the case of DomainKeys/DKIM, … [Ballot discuss] Just one discuss point which is just to check if the WG did or didn't consider a thing... In the case of DomainKeys/DKIM, the WG felt it very important that the legacy/non-standards-track RFC not be produced before the standards track RFC. The goal was to not have the non-standards track flavour become further entrenched while the standards track work was being done and also to disincent those with legacy implemenations from gaming the work on the standards track RFC. Did the WG consider such a tactic? If not, should they? |
2014-03-23
|
04 | Stephen Farrell | [Ballot comment] - Were the IESG discusses/comments on the insipid WG requirements document considered in this text? If not, why not? I suspect (without having … [Ballot comment] - Were the IESG discusses/comments on the insipid WG requirements document considered in this text? If not, why not? I suspect (without having looked back) that some of them might apply here and be ok to handle here as well. (I had a discuss on that that I'd like you to look at.) - Why are we only implicitly recommending implementations follow the standards track approach and not this? |
2014-03-23
|
04 | Stephen Farrell | [Ballot Position Update] New position, Discuss, has been recorded for Stephen Farrell |
2014-03-23
|
04 | Alissa Cooper | [Ballot Position Update] New position, Yes, has been recorded for Alissa Cooper |
2014-03-21
|
04 | Spencer Dawkins | [Ballot comment] Adrian's questions seem like excellent things to think about. |
2014-03-21
|
04 | Spencer Dawkins | [Ballot Position Update] New position, Yes, has been recorded for Spencer Dawkins |
2014-03-20
|
04 | Jean Mahoney | Request for Telechat review by GENART is assigned to Dan Romascanu |
2014-03-20
|
04 | Jean Mahoney | Request for Telechat review by GENART is assigned to Dan Romascanu |
2014-03-14
|
04 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Mahalingam Mani |
2014-03-14
|
04 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Mahalingam Mani |
2014-03-13
|
04 | Adrian Farrel | [Ballot comment] It seems to me to be slightly simplistic to say that because the Session ID has no sensitive information in it, it will … [Ballot comment] It seems to me to be slightly simplistic to say that because the Session ID has no sensitive information in it, it will not reveal any information related to any SIP device or domain identity. That is, of course, examined in isolation it will not reveal anything, but it becomes a piece of metadata that can be examined at several points in the network to discover information about the session. Indeed, it seems that the purpose of the Session ID is exactly to provide correlation that would not otherwise be possible (or might only be possible if the B2BUAs sisn't mess with the Call IDs). This does not speak against the use of a Session ID, but does suggest that its use might not be quite as harmless as this document suggests. --- There is a wrinkle with 4.5.1... Imagine there are two B2BUAs along the path both of which change the Call-ID. Suppose also that the original request does not contain a Session ID. The first B2BUA does not add a Session ID (it is a "MAY" and anyway it is a legacy implementation). The second B2BUA adds a Session ID using the received Call-ID, but this is not original one. Question: why does the text require that the Session ID inserted by a B2BUA be derived from the received Call-ID? It doesn't seem to make any difference (it is, after all, using the B2BUA's secret) and the received Call-ID is no different to the B2BUA's substituted Call-ID. --- There is, of course, a very small chance that two Session IDs will be identical. This could happen at one point of generation or across two such points. Should you include advice to a Session ID generator to catch such cases? Should you give a warning to users of the Session ID that this might happen? Unlikely though it is, it will happen in the field the first time the function is enabled :-) |
2014-03-13
|
04 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel |
2014-03-11
|
04 | (System) | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2014-03-10
|
04 | Richard Barnes | Ballot has been issued |
2014-03-10
|
04 | Richard Barnes | [Ballot Position Update] New position, Yes, has been recorded for Richard Barnes |
2014-03-10
|
04 | Richard Barnes | Created "Approve" ballot |
2014-03-10
|
04 | Richard Barnes | Placed on agenda for telechat - 2014-03-27 |
2014-03-10
|
04 | Richard Barnes | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead::AD Followup |
2014-03-10
|
04 | Richard Barnes | Ballot writeup was changed |
2014-03-10
|
04 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2014-03-10
|
04 | Hadriel Kaplan | IANA Review state changed to Version Changed - Review Needed from IANA - Not OK |
2014-03-10
|
04 | Hadriel Kaplan | New version available: draft-kaplan-insipid-session-id-04.txt |
2014-02-17
|
03 | Gonzalo Camarillo | Shepherding AD changed to Richard Barnes |
2014-02-13
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Zach Shelby |
2014-02-13
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Zach Shelby |
2014-02-13
|
03 | Tero Kivinen | Closed request for Last Call review by SECDIR with state 'No Response' |
2013-10-30
|
03 | Gonzalo Camarillo | State changed to Waiting for AD Go-Ahead::Revised I-D Needed from Waiting for Writeup |
2013-09-30
|
(System) | Posted related IPR disclosure: Tekelec, Inc. (Now a wholly owned subsidiary of Oracle Corporation)'s Statement about IPR related to draft-jones-ipmc-session-id-03, draft-ietf-insipid-session-id-02, and draft-kaplan-insipid-session-id-03 | |
2013-09-17
|
03 | Pearl Liang | IANA Review state changed to IANA - Not OK from IANA OK - Actions Needed |
2013-09-13
|
(System) | Posted related IPR disclosure: Telefonaktiebolaget LM Ericsson (publ)'s Statement about IPR related to draft-kaplan-insipid-session-id-03 | |
2013-08-30
|
03 | (System) | State changed to Waiting for Writeup from In Last Call |
2013-08-21
|
03 | Dan Romascanu | Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Dan Romascanu. |
2013-08-13
|
03 | (System) | IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed |
2013-08-13
|
03 | Pearl Liang | IESG/Authors: IANA has reviewed draft-kaplan-insipid-session-id-03. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon as … IESG/Authors: IANA has reviewed draft-kaplan-insipid-session-id-03. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon as possible. We received the following comments/questions from the IANA's reviewer: Upon approval of this document, IANA understands that there is a single action which it is required to complete. In the Header Fields subregistry of the Session Initiation Protocol (SIP) Parameters registry located at: http://www.iana.org/assignments/sip-parameters/sip-parameters.xhtml a single, new header field is to be registered as follows: Header Name: session-id Compact: Reference: [ RFC-to-be ] NOTE: Currently RFC5727 defines the Informational Headers through expert review. This draft document is Informational according to the tracker. We will initiate a request and send this to the designated expert for review. IANA understands that this is the only action required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. |
2013-08-08
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dan Romascanu |
2013-08-08
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dan Romascanu |
2013-08-08
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Glen Zorn |
2013-08-08
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Glen Zorn |
2013-08-02
|
03 | Cindy Morgan | IANA Review state changed to IANA - Review Needed |
2013-08-02
|
03 | Cindy Morgan | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce Reply-To: ietf@ietf.org Sender: Subject: Last Call: (A Session Identifier for the Session … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce Reply-To: ietf@ietf.org Sender: Subject: Last Call: (A Session Identifier for the Session Initiation Protocol (SIP)) to Informational RFC The IESG has received a request from an individual submitter to consider the following document: - 'A Session Identifier for the Session Initiation Protocol (SIP)' as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-08-30. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Note that this IETF last call is not intended to form IETF consensus on the content of this document. Consequently, the IESG is only looking for comments on the value of publishing this document as-is, not for comments on the content of the document. Abstract This RFC, which contains the text of an individual Internet Draft that was submitted originally to the DISPATCH Working Group, is being published now as an Informational document to provide a reference for later RFCs. The mechanism defined in this document has been widely deployed, and is being followed in a backward- compatible fashion for a new Standards Track RFC in the INSIPID Working Group. The original Abstract follows. There is a need for having a globally unique session identifier for the same SIP session, which can be consistently maintained across Proxies, B2BUAs and other SIP middle-boxes, for the purpose of Troubleshooting. This draft proposes a new SIP header to carry such a value: Session-ID. The file can be obtained via http://datatracker.ietf.org/doc/draft-kaplan-insipid-session-id/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-kaplan-insipid-session-id/ballot/ No IPR declarations have been submitted directly on this I-D. |
2013-08-02
|
03 | Cindy Morgan | State changed to In Last Call from Last Call Requested |
2013-08-02
|
03 | Cindy Morgan | Changed document writeup |
2013-08-02
|
03 | Cindy Morgan | PROTO questionnaire for: draft-kaplan-insipid-session-id-03 To be Published as: Informational Prepared by: Gonzalo Salgueiro (gsalguei@cisco.com) on 1 August 2013 (1) What type of … PROTO questionnaire for: draft-kaplan-insipid-session-id-03 To be Published as: Informational Prepared by: Gonzalo Salgueiro (gsalguei@cisco.com) on 1 August 2013 (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? This document is requested to be published as Informational. This RFC type is indicated on the title page. The directive from the AD is to use Informational. The original intent was to use Historic. The requirement is to convey that this is not the solution going forward. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary: There is a need for having a globally unique session identifier for the same SIP session, which can be consistently maintained across Proxies, B2BUAs and other SIP middle-boxes, for the purpose of Troubleshooting. This draft originally proposed a new SIP header (Session-ID) to carry such a value, which is now being defined by the INSIPID WG. Working Group Summary: Was the document considered in any WG, and if so, why was it not adopted as a work item there? Was there controversy about particular points that caused the WG to not adopt the document? This RFC, which contains the text of an individual Internet-Draft that was submitted originally to the DISPATCH Working Group, is being published now as an Informational document to provide a reference for the work currently being defined in the INSIPID WG. The INSIPID WG Session-ID solution replaces the 'legacy' solution presented in draft-ietf-insipid-session-id-03 and intends to ensure interoperability and backwards compatibility with such legacy Session-ID entities. Document Quality: Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted? The legacy Session-ID solution described in this document is very widely deployed, especially by Service Providers providing 3GPP IMS. The ubiquity of this legacy solution and the requirement that the current INSIPID WG work be backwards compatible with it is the primary driver for its publications as an Informational RFC that can be referenced by the current INSIPID WG documents. This document does not meet the requirements defined in https://datatracker.ietf.org/doc/draft-ietf-insipid-session-id-reqts/ Personnel: Who is the Document Shepherd? Who is the Responsible Area Director? Gonzalo Salgueiro (INSIPID WG co-chair) is the Document Shepherd. Gonzalo Camarillo is the Responsible AD. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. No review was performed on this document by the document shepherd. There is no desire to review the technical accuracy of the contents of this document. The intent is to merely publish the legacy Session-ID in its current form so that it can be referenced by the new INSIPID Session-ID work that is replacing it, but needs to be backwards compatible with it. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? N/A (See previous question). (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the interested community has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. There are no specific concerns or issues on the basis that this is being published only to permanently document a legacy solution. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. Yes. (8) Has an IPR disclosure been filed that references this document? If so, summarize any discussion and conclusion regarding the IPR disclosures. No IPR disclosures are filed against this draft or on its predecessors under different names. It is possible that disclosures filed against https://datatracker.ietf.org/doc/draft-ietf-insipid-session-id-reqts/ or https://datatracker.ietf.org/doc/draft-kaplan-insipid-session-id/ could also apply to this document, but no declaration has been made to that effect. (9) How solid is the consensus of the interested community behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the interested community as a whole understand and agree with it? This document is not a milestone or a part of the INSIPID WG work stream. Rather, it is being published with the sole intent of having a permanent document that documents the widely deployed legacy Session-ID solution that can be referenced by the current Session-ID solution being developed in the INSIPID WG. There is strong WG consensus to publish this document in its current form so that it can be referenced by current INSIPID WG documents. (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No. (11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. The document passes idnits 2.12.17. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. N/A (13) Have all references within this document been identified as either normative or informative? Yes. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? No. All the normative references are for RFCs. None are downward references. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. No. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the interested community considers it unnecessary. No RFC will be updated with the publication of this document. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). The document registers a new header field name. The instructions for performing this are clear. No other IANA registrations are required. Note that the intent is that https://datatracker.ietf.org/doc/draft-kaplan-insipid-session-id/ will either modify or replace this registration when it is published, as that document uses the same header field (in an appropriately extended fashion). (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. N/A (19) Describe reviews and automated checks performed by to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. None. |
2013-08-02
|
03 | Gonzalo Camarillo | Last call was requested |
2013-08-02
|
03 | Gonzalo Camarillo | Ballot approval text was generated |
2013-08-02
|
03 | Gonzalo Camarillo | Ballot writeup was generated |
2013-08-02
|
03 | Gonzalo Camarillo | State changed to Last Call Requested from Publication Requested |
2013-08-02
|
03 | Gonzalo Camarillo | Last call announcement was changed |
2013-08-02
|
03 | Gonzalo Camarillo | Last call announcement was generated |
2013-08-02
|
03 | Gonzalo Camarillo | Changed consensus to No from Unknown |
2013-08-02
|
03 | Gonzalo Camarillo | Document shepherd changed to Gonzalo Salgueiro |
2013-08-02
|
03 | Gonzalo Camarillo | Assigned to Real-time Applications and Infrastructure Area |
2013-08-02
|
03 | Gonzalo Camarillo | State Change Notice email list changed to hadriel.kaplan@oracle.com, draft-kaplan-insipid-session-id@tools.ietf.org, insipid-chairs@tools.ietf.org |
2013-08-02
|
03 | Gonzalo Camarillo | Intended Status changed to Informational |
2013-08-02
|
03 | Gonzalo Camarillo | IESG process started in state Publication Requested |
2013-08-02
|
03 | (System) | Earlier history may be found in the Comment Log for draft-kaplan-dispatch-session-id |
2013-08-02
|
03 | Gonzalo Camarillo | Stream changed to IETF from None |
2013-08-02
|
03 | Hadriel Kaplan | New version available: draft-kaplan-insipid-session-id-03.txt |
2013-08-01
|
02 | Hadriel Kaplan | New version available: draft-kaplan-insipid-session-id-02.txt |
2013-07-30
|
01 | Hadriel Kaplan | New version available: draft-kaplan-insipid-session-id-01.txt |
2013-07-14
|
00 | Hadriel Kaplan | New version available: draft-kaplan-insipid-session-id-00.txt |