" /> Mindless Fluffiness: February 2005 Archives

« January 2005 | Main | March 2005 »

February 21, 2005

The Session Initiation Protocol (SIP) and Spam

Spam, defined as the transmission of bulk unsolicited messages, has plagued Internet email. Unfortunately, spam is not limited to email. It can affect any system that enables user to user communications. The Session Initiation Protocol (SIP) defines a system for user to user multimedia communications. Therefore, it is susceptible to spam, just as email is. In this document, we analyze the problem of spam in SIP. We first identify the ways in which the problem is the same and the ways in which it is different from email. We then examine the various possible solutions that have been discussed for email and consider their applicability to SIP.

--------

Posted by Cullen Jennings at 02:48 PM | | Comments (0) | TrackBacks (0)

Certificate Management Service for The Session Initiation Protocol (SIP)

This draft defines a Credential Service that allows SIP User Agents to use a SIP package to discover the certificates of other users. This mechanism allows user agents that want to contact a given Address-of-Record (AOR) to retrieve that AOR's certificate by subscribing to the Credential Service. The Credential Service also allows users to store and retrieve their own certificates and private keys.

--------

Posted by Cullen Jennings at 02:37 PM | | Comments (0) | TrackBacks (0)

February 20, 2005

Payment for Services in Session Initiation Protocol (SIP)


Communication systems require that a person receiving a call be able able to charge the caller when they are from different administrative domains. This is necessary for making fair exchanges of service between two different communicating parties and is a major strategy for reducing the viability of SPAM. This draft proposes an approach for doing this in SIP. The approach relies on a third party to act as a payment service provider and is optimized for very simple, low value transactions. It does not provide the full range of services that are desirable in typical online trading systems.

--------

Posted by Cullen Jennings at 02:51 PM | | Comments (0) | TrackBacks (0)

Media Conference Server Control for XCON

Conference servers have many controls that change how the media is combined for the various conference participants. It is necessary to describe these controls to the clients connected to a centralized conference, so that the clients can render a user interface and allow the user to manipulate them.

--------

Posted by Cullen Jennings at 02:45 PM | | Comments (0) | TrackBacks (0)

The Message Session Relay Protocol

This document describes the Message Session Relay Protocol (MSRP), a protocol for transmitting a series of related instant messages in the context of a session. Message sessions are treated like any other media stream when setup via a rendezvous or session setup protocol such as the Session Initiation Protocol (SIP).

--------

Posted by Cullen Jennings at 02:42 PM | | Comments (0) | TrackBacks (0)

Santa Cruz

.

--------

Posted by Cullen Jennings at 08:58 AM | | Comments (0) | TrackBacks (0)

February 19, 2005

Example call flows using SIP security mechanisms


This document shows call flows demonstrating the use of SIPS, TLS, and S/MIME in SIP. This draft provides information that helps implementers build interoperable SIP software. It is purely informational. To help facilitate interoperability testing, it includes certificates used in the example call flows and a CA certificate to create certificates for testing.

--------

Posted by Cullen Jennings at 11:00 PM | | Comments (0) | TrackBacks (0)

Relay Extensions for the Message Sessions Relay Protocol (MSRP)

The SIMPLE Working Group uses two separate models for conveying instant messages. Pager-mode messages stand alone and are not part of a SIP (Session Initiation Protocol) session, whereas Session-mode messages are setup as part of a session using the SIP protocol. MSRP (Message Sessions Relay Protocol) is a protocol for near-real-time, peer-to-peer exchange of binary content without intermediaries, which is designed to be signaled using a separate rendezvous protocol such as SIP. This document introduces the notion of message relay intermediaries to MSRP and describes the extensions necessary to use them.

--------

Posted by Cullen Jennings at 02:43 PM | | Comments (0) | TrackBacks (0)

SIP Conventions for UAs with Outbound Only Connections

Often with SIP a request can only be routed over an existing connection or flow, such as when there is a firewall or network address translation (NAT) device in the network path. TLS is also affected when the user agent (UA) does not have a certificate suitable for mutual TLS authentication. This draft addresses how user agents and proxies need to behave to work in these environments.

This work shows how existing SIP mechanisms can be used to allow the UA to register multiple times over different connections or flows and the proxies can use the instance-id in the contact header to identify that the multiple flows go to the same UA. It can then choose which flow to use to route requests to this UA.

--------

Posted by Cullen Jennings at 02:38 PM | | Comments (0) | TrackBacks (0)

February 18, 2005

SIP Computational Puzzles

One of the techniques used in SPAM prevention and various solutions for denial of service attacks is to force the SIP client requesting a service to perform a calculation that limits the rate and increases the cost of the request. This draft defines a way to allow a UAS to ask the UAC to compute a computationally expensive hash based function and present the result to the UAS. Although the computation is expensive for the UAC to compute, it is cheap for the UAS to verify. The solution also allows for proxies to compute and check the puzzle on behalf of the UAC or UAS.

--------

Posted by Cullen Jennings at 10:59 PM | | Comments (0) | TrackBacks (0)

February 16, 2005

The City

.

--------

Posted by Cullen Jennings at 09:21 AM | | Comments (0) | TrackBacks (0)

February 14, 2005

Guidelines for implementors using connection-oriented transports in the Session Initiation Protocol (SIP)


The growing SIP message size and the ensuing IP fragmentation, scalability and performance efficiencies gained by multiplexing SIP sessions over fewer reliable transport connections, efficient use of security certificates etc. are engendering widespread use of connection-oriented protocols for SIP transport. A variety of SIP transport related issues are currently being discussed in the IETF including connection reuse, persistent connections, outbound connection flows, SIP over SCTP, NAT traversal, and SIP/TCP race conditions. This document attempts to unify these techniques by describing practical guidelines for implementers and takes a broad stroke at defining SIP Connection Management. We hope to abstract the diverse connection techniques into a few generic connection characteristics, which then help define a few common connection models and use cases.

--------

Posted by Cullen Jennings at 02:53 PM | | Comments (0) | TrackBacks (0)

February 13, 2005

NAT Classification Test Results

IETF has several groups that are considering the impact of NATs on various protocols. Having a classification of the types of NATs that are being developed and deployed is useful in gauging the impact of various solutions. This draft records the results of classifying NATs.

This draft is not complete and has only a few test results but it is worth discussing all the testing we wish to do before all the test results are collected.

--------

Posted by Cullen Jennings at 10:48 PM | | Comments (0) | TrackBacks (0)

February 12, 2005

Conference State Change Protocol (CSCP)

Conference State Control Protocol (CSCP) is a means to modify the state in a conference service. It extends the Binary Floor Control Protocol and adds commands to get, set, add, and delete fields in the conference state.

--------

Posted by Cullen Jennings at 10:47 PM | | Comments (0) | TrackBacks (0)

SIP Offer/Answer with Multipart MIME

This document addresses the issues around using multipart with the SIP offer/answer framework. It specifies a way to make an offer with a multipart/alternative MIME body and for the answer to indicate which of the parts was selected for the answer. This is needed for general backwards compatibility to allow migration in situations such as moving from SDP to SDPng or moving from non end-to-end encrypted SDP to encrypted SDP.

--------

Posted by Cullen Jennings at 10:46 PM | | Comments (0) | TrackBacks (0)

Using DTLS as a Transport for SIP


This draft specifies how to use Datagram Transport Layer Security (DTLS) as a transport for SIP. DTLS is a new protocol for providing TLS security over a datagram protocol.

--------

Posted by Cullen Jennings at 10:44 PM | | Comments (0) | TrackBacks (0)

February 07, 2005

Orlando, Again

.

--------

Posted by Cullen Jennings at 11:36 AM | | Comments (0) | TrackBacks (0)