Skip to main content

Requirements from Session Initiation Protocol (SIP) Session Border Control (SBC) Deployments
draft-ietf-sipping-sbc-funcs-09

Revision differences

Document history

Date Rev. By Action
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Cullen Jennings
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Chris Newman
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Pasi Eronen
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for David Ward
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Jari Arkko
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Dan Romascanu
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Magnus Westerlund
2010-02-23
09 Cindy Morgan State Changes to RFC Ed Queue from Approved-announcement sent by Cindy Morgan
2010-02-22
09 (System) IANA Action state changed to No IC from In Progress
2010-02-22
09 (System) IANA Action state changed to In Progress
2010-02-22
09 Cindy Morgan IESG state changed to Approved-announcement sent
2010-02-22
09 Cindy Morgan IESG has approved the document
2010-02-22
09 Cindy Morgan Closed "Approve" ballot
2010-02-22
09 Robert Sparks [Ballot Position Update] New position, Yes, has been recorded by Robert Sparks
2010-02-18
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2010-02-18
09 (System) New version available: draft-ietf-sipping-sbc-funcs-09.txt
2010-01-25
09 Cullen Jennings Responsible AD has been changed to Robert Sparks from Cullen Jennings
2010-01-25
09 Cullen Jennings [Ballot Position Update] Position for Cullen Jennings has been changed to No Objection from Yes by Cullen Jennings
2010-01-22
09 Cullen Jennings [Ballot Position Update] Position for Cullen Jennings has been changed to Yes from No Objection by Cullen Jennings
2010-01-22
09 Cullen Jennings [Ballot Position Update] Position for Cullen Jennings has been changed to No Objection from Discuss by Cullen Jennings
2009-05-22
09 Cullen Jennings State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation::AD Followup by Cullen Jennings
2009-04-01
09 Cullen Jennings Responsible AD has been changed to Cullen Jennings from Jon Peterson
2009-01-18
09 David Ward [Ballot Position Update] Position for David Ward has been changed to No Objection from Discuss by David Ward
2009-01-05
08 (System) New version available: draft-ietf-sipping-sbc-funcs-08.txt
2008-10-30
09 Dan Romascanu [Ballot Position Update] Position for Dan Romascanu has been changed to No Objection from Discuss by Dan Romascanu
2008-10-23
09 Pasi Eronen [Ballot Position Update] Position for Pasi Eronen has been changed to No Objection from Undefined by Pasi Eronen
2008-10-23
09 Pasi Eronen [Ballot Position Update] Position for Pasi Eronen has been changed to Undefined from Discuss by Pasi Eronen
2008-10-22
07 (System) New version available: draft-ietf-sipping-sbc-funcs-07.txt
2008-06-23
09 Magnus Westerlund [Ballot Position Update] Position for Magnus Westerlund has been changed to No Objection from Discuss by Magnus Westerlund
2008-06-16
09 Jari Arkko [Ballot Position Update] Position for Jari Arkko has been changed to No Objection from Discuss by Jari Arkko
2008-06-16
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2008-06-16
06 (System) New version available: draft-ietf-sipping-sbc-funcs-06.txt
2008-04-11
09 (System) Removed from agenda for telechat - 2008-04-10
2008-04-10
09 Amy Vezza State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza
2008-04-10
09 Magnus Westerlund
[Ballot discuss]
I think the draft is not detailed enough of the architectural implications of modifying the media path so that the SBC or a …
[Ballot discuss]
I think the draft is not detailed enough of the architectural implications of modifying the media path so that the SBC or a SBC controlled device perform relaying of the media. As evident from the TURN discussion relaying packets are not that simple, and it usually requires specific support at the lower layer to carry IP and transport header information correctly between the incomming and outgoing part in relay. Resulting in that relay functions make commonly break functionality such as ECN, PMTUD (due to DF bit setting errors), QoS (Type of service).

I would like this to be better reflected in the text in the relevant sections. I think 1 or 2 paragraphs on this, not more. The main point is relays easily break IP and transport layer functionalities that rely on the correct handling of their fields: ECN, FlowID, Type of Service are all examples of such fields. More complicated are the Don't Fragment bit and how it interact with path MTU discovery and any sent ICMP packet too big messages. I think those are the main points to mention.
2008-04-10
09 Chris Newman [Ballot Position Update] Position for Chris Newman has been changed to No Objection from Discuss by Chris Newman
2008-04-10
09 Jari Arkko
[Ballot comment]
Section 3.2.1:

  Additionally, traffic management can be used to implement intercept
  capabilities where required to support audit or legal obligations.

I …
[Ballot comment]
Section 3.2.1:

  Additionally, traffic management can be used to implement intercept
  capabilities where required to support audit or legal obligations.

I am not aware of legal requirements to implement intercept functions
by network operators that are not parties in the communication or
setup of the communication for other reasons already. There are
requirements for intercepting Internet communications by ISPs, but
this interception is to be done at the level of they provide
service. For instance, if they merely act as a DSL provider they would
be able to store/inspect IP traffic. Similarly, an operator that
provides voice service might have a legal requirement to provide
interception capabilities. Traffic management as defined in your
document is one way of doing this. However, in this case the operator
would already have SIP proxies in their network that can act as B2BUAs
and perform traffic management. So the introduction of additional
devices to do this may not be justified.

Some discussion of the above nuances would be useful in the document.

Section 3.3.1:

  For example, user-
  agents on networks which implement SIP differently (for example 3GPP
  or SIP [1] network etc)

Is the issue really that they implement SIP differently, or that they
require differing sets of extensions? Perhaps this needs to be written
in a way similar to the previous sentence which said "SBCs fixing
capability mismatches enable communications between user-agents with
different capabilities or extensions." Or simply say "For example,
connecting to a 3GPP network via a plain SIP phone."

Section 3.4.1:

  SBCs' NAT traversal function is required in scenarios
  where the NAT is outside the SBC

I have a hard time imagining networks where this arrangement
exists. If my Linksys router had an SBC function and it fixed
the lack of NAT traversal support in my SIP client, that would
be one. But somehow I suspect that I would get an upgrade to
my client software sooner than an upgrade to the router.
2008-04-10
09 Jari Arkko
[Ballot discuss]
This is a very useful document, and after addressing/talking about the
below issues I will move to a Yes position.

Section 3.2.2:

This …
[Ballot discuss]
This is a very useful document, and after addressing/talking about the
below issues I will move to a Yes position.

Section 3.2.2:

This section should mention the fact that requiring media traffic to
go through a central point in the network is likely to cause a
significant additional burden in the amount of traffic that has
to travel a path to that point, creating possible bottlenecks in
the way. For instance, even if my home SIP proxies are somewhere
in the Internet, a call to someone else in the IETF/hotel/etc network
involves media going directly between the endpoints, not via some
party in the Internet.
2008-04-10
09 Lisa Dusseault [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault
2008-04-10
09 David Ward
[Ballot discuss]
I'd like to see a section added that SBCs have no current tie to routing topology and no requirements to automatically change BW …
[Ballot discuss]
I'd like to see a section added that SBCs have no current tie to routing topology and no requirements to automatically change BW reservations on TE tunnels. In general, a short section clarifying the (lack of) interaction w/ path selections, TE tunnel manipulation or BW capacities of the network.
2008-04-10
09 David Ward [Ballot Position Update] New position, Discuss, has been recorded by David Ward
2008-04-10
09 Tim Polk
[Ballot comment]
This is a rather nice document  I very much appreciate the clear and
consistent organization.

A few minor issues:

(1) Section 3.5, Access …
[Ballot comment]
This is a rather nice document  I very much appreciate the clear and
consistent organization.

A few minor issues:

(1) Section 3.5, Access Control

This section seems to have multiple definitions of "access control".

The opening sentence focuses on controlling "what kind of signaling and
media traffic their network carries" but the closing sentence of the
same paragraph talks about access control based on "link-layer
identifiers, IP addresses or SIP identities".

The implications of these two definitions are very different, imho.
As a result, the requirements and issues presented in 3.5 are somewhat
confusing.  The example only addresses one aspect of the problem, as
well.

I suggest revising 3.5 to more clearly explain why these two
definitions of access control are related, or breaking this into
two sections each devoted to one problem.

(2) Section 3.5 would also benefit from more detail regarding the
range of policies that need to be expressed and enforced by an SBC.
The references to policies and policy servers need detail.

editorial nits:

Section 3.1.3

s/identity of subscribers in beeing hidden/identity of subscribers is hidden/

Section 4

s/exiting/existing/
2008-04-10
09 Tim Polk [Ballot Position Update] New position, No Objection, has been recorded by Tim Polk
2008-04-10
09 Tim Polk
[Ballot comment]
This is a rather nice document  I very much appreciate the clear and
consistent organization.

A few minor issues:

(1) Section 3.5, Access …
[Ballot comment]
This is a rather nice document  I very much appreciate the clear and
consistent organization.

A few minor issues:

(1) Section 3.5, Access Control

This section seems to have multiple definitions of "access control".

The opening sentence focuses on controlling "what kind of signaling and
media traffic their network carries" but the closing sentence of the
same paragraph talks about access control based on "link-layer
identifiers, IP addresses or SIP identities".

The implications of these two definitions are very different, imho.
As a result, the requirements and issues presented in 3.5 are somewhat
confusing.  The example only addresses one aspect of the problem, as
well.

I suggest revising 3.5 to more clearly explain why these two
definitions of access control are related, or breaking this into
two sections each devoted to one problem.


editorial nits:

Section 3.1.3

s/identity of subscribers in beeing hidden/identity of subscribers is hidden/

Section 4

s/exiting/existing/
2008-04-10
09 Tim Polk
[Ballot comment]
This is a rather nice document  I very much appreciate the clear and
consistent organization.

A few minor issues:

(1) Section 3.5, Access …
[Ballot comment]
This is a rather nice document  I very much appreciate the clear and
consistent organization.

A few minor issues:

(1) Section 3.5, Access Control

This section seems to have multiple definitions of "access control".

The opening sentence focuses on controlling "what kind of signaling and
media traffic their network carries" but the closing sentence of the
same paragraph talks about access control based on "link-layer
identifiers, IP addresses or SIP identities".

The implications of these two definitions are very different, imho.
As a result, the requirements and issues presented in 3.5 are somewhat
confusing.  The example only addresses one aspect of the problem, as
well.

I suggest revising 3.5 to more clearly explain why these two
definitions of access control are related, or breaking this into
two sections each devoted to one problem.


editorial nits:

Section 3.1.3

s/identity of subscribers in beeing hidden/identity of subscribers is hidden/
Section 4

s/exiting/existing/
2008-04-10
09 Tim Polk
[Ballot comment]
This is a rather nice document  I very much appreciate the clear and
consistent organization.

A few minor issues:

(1) Section 3.5, Access …
[Ballot comment]
This is a rather nice document  I very much appreciate the clear and
consistent organization.

A few minor issues:

(1) Section 3.5, Access Control

This section seems to have multiple definitions of "access control".

The opening sentence focuses on controlling "what kind of signaling and
media traffic their network carries" but the closing sentence of the
same paragraph talks about access control based on "link-layer
identifiers, IP addresses or SIP identities".

The implications of these two definitions are very different, imho.
As a result, the requirements and issues presented in 3.5 are somewhat
confusing.  The example only addresses one aspect of the problem, as
well.

I suggest revising 3.5 to more clearly explain why these two
definitions of access control are related, or breaking this into
two sections each devoted to one problem.
2008-04-10
09 Dan Romascanu
[Ballot discuss]
This is an useful document. I am missing however information related to operational impact of deploying SBCs and I also found some statemenents …
[Ballot discuss]
This is an useful document. I am missing however information related to operational impact of deploying SBCs and I also found some statemenents related t omanagement functions that require clarification.

1. The document is largely based on operators requirements and these are often mentioned in the text. However no mention is made about the operational impact of deploying SBC. Intuitively one can think about 'boxes' at each network edge that needs one or several SBC functions - is this indeed the model? is this a concern? how are these 'boxes' configured and managed? who has the admin authority to perform management operations on them in situations like the Access Scenario w/ SBCs described in figure 3?

2. Section 2 mentions 'c) network management (traffic monitoring, management, and QoS)' as one of the three principal categories of functions performed by SBCs. However the document has little mention of these functions excepting traffic monitoring which makes me believe that this may need to be de-emphasized.

3. Section 3.2.1 - the following statement I believe is not fully correct:

  Some operators do not want to manage the traffic, but only to monitor
  it for collecting statistics and making sure that they are able to
  meet any business service level agreements with their subscribers
  and/or partners.  The protocol techniques needed for monitoring media
  traffic are the same as for managing media traffic.

Monitoring media can be performed through a number of techniques, part of them have little or nothing to do with those used to manage media traffic.
2008-04-10
09 Dan Romascanu [Ballot Position Update] New position, Discuss, has been recorded by Dan Romascanu
2008-04-10
09 Jari Arkko
[Ballot discuss]
This is a very useful document, and after addressing/talking about the
below issues I will move to a Yes position.

Section 3.2.1:

  …
[Ballot discuss]
This is a very useful document, and after addressing/talking about the
below issues I will move to a Yes position.

Section 3.2.1:

  Additionally, traffic management can be used to implement intercept
  capabilities where required to support audit or legal obligations.

I am not aware of legal requirements to implement intercept functions
by network operators that are not parties in the communication or
setup of the communication for other reasons already. There are
requirements for intercepting Internet communications by ISPs, but
this interception is to be done at the level of they provide
service. For instance, if they merely act as a DSL provider they would
be able to store/inspect IP traffic. Similarly, an operator that
provides voice service might have a legal requirement to provide
interception capabilities. Traffic management as defined in your
document is one way of doing this. However, in this case the operator
would already have SIP proxies in their network that can act as B2BUAs
and perform traffic management. So the introduction of additional
devices to do this may not be justified.

Some discussion of the above nuances would be useful in the document.

Section 3.2.2:

This section should mention the fact that requiring media traffic to
go through a central point in the network is likely to cause a
significant additional burden in the amount of traffic that has
to travel a path to that point, creating possible bottlenecks in
the way. For instance, even if my home SIP proxies are somewhere
in the Internet, a call to someone else in the IETF/hotel/etc network
involves media going directly between the endpoints, not via some
party in the Internet.
2008-04-10
09 Jari Arkko
[Ballot comment]
Section 3.3.1:

  For example, user-
  agents on networks which implement SIP differently (for example 3GPP
  or SIP [1] network etc) …
[Ballot comment]
Section 3.3.1:

  For example, user-
  agents on networks which implement SIP differently (for example 3GPP
  or SIP [1] network etc)

Is the issue really that they implement SIP differently, or that they
require differing sets of extensions? Perhaps this needs to be written
in a way similar to the previous sentence which said "SBCs fixing
capability mismatches enable communications between user-agents with
different capabilities or extensions." Or simply say "For example,
connecting to a 3GPP network via a plain SIP phone."

Section 3.4.1:

  SBCs' NAT traversal function is required in scenarios
  where the NAT is outside the SBC

I have a hard time imagining networks where this arrangement
exists. If my Linksys router had an SBC function and it fixed
the lack of NAT traversal support in my SIP client, that would
be one. But somehow I suspect that I would get an upgrade to
my client software sooner than an upgrade to the router.
2008-04-10
09 Jari Arkko
[Ballot discuss]
Section 3.2.1:

  Additionally, traffic management can be used to implement intercept
  capabilities where required to support audit or legal obligations.

I …
[Ballot discuss]
Section 3.2.1:

  Additionally, traffic management can be used to implement intercept
  capabilities where required to support audit or legal obligations.

I am not aware of legal requirements to implement intercept functions
by network operators that are not parties in the communication or
setup of the communication for other reasons already. There are
requirements for intercepting Internet communications by ISPs, but
this interception is to be done at the level of they provide
service. For instance, if they merely act as a DSL provider they would
be able to store/inspect IP traffic. Similarly, an operator that
provides voice service might have a legal requirement to provide
interception capabilities. Traffic management as defined in your
document is one way of doing this. However, in this case the operator
would already have SIP proxies in their network that can act as B2BUAs
and perform traffic management. So the introduction of additional
devices to do this may not be justified.

Some discussion of the above nuances would be useful in the document.

Section 3.2.2:

This section should mention the fact that requiring media traffic to
go through a central point in the network is likely to cause a
significant additional burden in the amount of traffic that has
to travel a path to that point, creating possible bottlenecks in
the way. For instance, even if my home SIP proxies are somewhere
in the Internet, a call to someone else in the IETF/hotel/etc network
involves media going directly between the endpoints, not via some
party in the Internet.
2008-04-10
09 Jari Arkko [Ballot Position Update] New position, Discuss, has been recorded by Jari Arkko
2008-04-09
09 Cullen Jennings
[Ballot discuss]
I think there is one distinction this draft misses and that is there are SBC that are operating with the users permission and …
[Ballot discuss]
I think there is one distinction this draft misses and that is there are SBC that are operating with the users permission and ones that are not - the draft hints at this in the use cases and then does not really use it later on when looking at what things break and what things are likely acceptable. For example, if an SBC at the edge of an enterprise does topology hiding, it is in the same administrative domain, can share the users credentials, and the user chooses to route though it. In this way it can be very much authorized by the UA. Similarly, if a service provider has some broken gateways and deploys an SBC in front of them for protocol repair reasons, the SBC can be configured to more or less be the gateways and it is authorized.

Taking this into account, in section 3.1.2 paragraph 2, says topology hiding does not work for Identity. This is not really true for authorized SBCs and a common place to do Identity is in the border elements. I think it would be fairer to say that for unauthorized SBCs, topology hiding done in the ways described in this draft, is indistinguishable from a MITM attack.

Section 3.7.1 - statement about legal intercept. Can someone please point me at the laws that oblige all operators to provide legal intercept? I do not believe this is true. Furthermore, I do not believe that doing the media encryption function is the only way to do legal intercept. I point out some networks to CALEA without B2BUA with media encryption functions. Glad to discuss the details if people want however I'm not sure we need to agreed on that to be able put in what is the key thing for this draft which is  to say that some operators do use SBC to do legal intercept. I would not want to imply something about if laws require this or imply this is the only way to do it.

I think some thought is needed on revisiting these requirements. There should probably be an information reference to draft-ietf-sip-ua-privacy-01 which does talk about all of these.

Req-1: a B2BUA dealing with via or route headers is very acceptable - this would not break Identity or other end to end security. I'm confused on the case where you think topology sensitive information would be included in a To or From which would be more problematic to change for an authorized SBC. I just don't think I am understanding what this requirement is trying to get at.

Req-2: Some people are using TURN to hide topology or related media relays. There is also the session depended policy work that is a WG chartered item that is targeted at exactly this problem.  Agree that middle boxes modifying SBC without consent is a problem.

Req-3: I'm not sure what sort of mismatches we are talking about here. Claiming that modifying any SIP messages violates the end to end principle is not really true. Proxies and other SIP elements are required to modify message - a bit more nuanced view is needed here. Many types of interoperation can be done while still ensuring end to end integrity. For example, an SBC could interoperate a device that used REFER on one side with a device that did not on the other side. Some types of modification would break Identity. However, the SIP headers that are covered by this are far less likely to require to be modified for mismatching reasons by and unauthorized SBC.

I don't think Req 1 and 3 are crisp enough to be able to evaluate if there is no existing solutions today. I'm also not sure if we are only considering things that are RFC or things that are work in progress.

I don't think this draft has show that subset of the functions will remain non standardized (or even are today). A B2BUA is from an interpretability point of view specified by the specification of a UA. The operation protocol repair are things that could (and probably should) be done by authorized, not unauthorized, SBCs. The sip and sipping WG are putting considerable effort into standardizing the ability to enforce a specific codec.
2008-04-09
09 Cullen Jennings
[Ballot discuss]
I think there is one distinction this draft misses and that is there are SBC that are operating with the users permission and …
[Ballot discuss]
I think there is one distinction this draft misses and that is there are SBC that are operating with the users permission and ones that are not - the draft hints at this in the use cases and then does not really use it later on when looking at what things break and what things are likely acceptable. For example, if an SBC at the edge of an enterprise does topology hiding, it is in the same administrative domain, can share the users credentials, and the user chooses to route though it. In this way it can be very much authorized by the UA. Similarly, if a service provider has some broken gateways and deploys an SBC in front of them for protocol repair reasons, the SBC can be configured to more or less be the gateways and it is authorized.

Taking this into account, in section 3.1.2 paragraph 2, says topology hiding does not work for Identity. This is not really true for authorized SBCs and a common place to do Identity is in the border elements. I think it would be fairer to say that for unauthorized SBCs, topology hiding done in the ways described in this draft, is indistinguishable from a MITM attack.

Section 3.7.1 - statement about legal intercept. Can someone please point me at the laws that oblige all operators to provide legal intercept? I do not believe this is true. Furthermore, I do not believe that doing the media encryption function is the only way to do legal intercept. I point out some networks to CALEA without B2BUA with media encryption functions. Glad to discuss the details if people want however I'm not sure we need to agreed on that to be able put in what is the key thing for this draft which is  to say that some operators do use SBC to do legal intercept. I would not want to imply something about if laws require this or imply this is the only way to do it.

I think some thought is needed on revisiting these requirements. There should probably be an information reference to draft-ietf-sip-ua-privacy-01 which does talk about all of these.

Req-1: a B2BUA dealing with via or route headers is very acceptable - this would not break Identity or other end to end security. I'm confused on the case where you think topology sensitive information would be included in a To or From which would be more problematic to change for an authorized SBC. I just don't think I am understanding what this requirement is trying to get at.

Req-2: Some people are using TURN to hide topology or related media relays. There is also the session depended policy work that is a WG chartered item that is targeted at exactly this problem.  Agree that middle boxes modifying SBC without consent is a problem.

Req-3: I'm not sure what sort of mismatches we are talking about here. Claiming that modifying any SIP messages violates the end to end principle is not really true. Proxies and other SIP elements are required to modify message - a bit more nuanced view is needed here. Many types of interoperation can be done while still ensuring end to end integrity. For example, an SBC could interoperate a device that used REFER on one side with a device that did not on the other side. Some types of modification would break Identity. However, the SIP headers that are covered by this are far less likely to require to be modified for mismatching reasons by and unauthorized SBC.

I don't think Req 1 and 3 are crisp enough to be able to evaluate if there is no existing solutions today. I'm also not sure if we are only considering things that are RFC or things that are work in progress.

I don't think this draft has show that subset of the functions will remain non standardized (or even are today). A B2BUA is from an interpretability point of view specified by the specification of a UA. The operation protocol repair are things that could (and probably should) be done by authorized, not unauthorized, SBCs. The sip and sipping WG are putting considerable effort into standardizing the ability to enforce a specific codec.
2008-04-09
09 Cullen Jennings [Ballot Position Update] New position, Discuss, has been recorded by Cullen Jennings
2008-04-09
09 Cullen Jennings [Ballot comment]
Section 3.3.1 - might want a reference for history and diversion

Section 3.3.2 - first sentence is hard for me to understand
2008-04-09
09 Ross Callon [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon
2008-04-09
09 Ron Bonica [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica
2008-04-09
09 Pasi Eronen
[Ballot comment]
Suggestions for editorial improvements/clarifications:

Section 2.1: I read the first paragraph while looking at Figure 2, and
was very confused. Does this section …
[Ballot comment]
Suggestions for editorial improvements/clarifications:

Section 2.1: I read the first paragraph while looking at Figure 2, and
was very confused. Does this section describe two different cases, one
without SBC and one with SBC? If so, having two figures as well would
help. If not, figure and text should use consistent names for the
network elements (e.g., which of these is the "originating gateway"
etc.).

Section 2.1, Figure 2: explain acronym SSB

Section 4, s/exiting/existing/
2008-04-09
09 Pasi Eronen
[Ballot discuss]
Depending on what kind of inspection or processing they do, inserting
media relays can prevent "non-media" uses of media path (such as media …
[Ballot discuss]
Depending on what kind of inspection or processing they do, inserting
media relays can prevent "non-media" uses of media path (such as media
path key agreement, STUN). Sometimes breaking them is intentional, but
not always (if e.g. media relay is only for SLA monitoring, or hiding
IP addresses, breaking DTLS-SRTP isn't necessarily intentional.).  I'd
suggest adding a couple of sentences to 3.3.2, and describing in
Section 5 (3rd paragraph) that while SBCs always break e2e security
mechanisms for SIP messages, some types of SBCs don't necessarily
break e2e media path security mechanisms.

Section 3.6: should mention that attempting to repair SDP obviously
has architectural issues, and breaks things.

Section 3.6: repairing header fields can have architectural issues,
too, if some current or future SIP mechanism uses those header fields
in some cryptographic computation (e.g., hash or signature), and the
canonicalization method did not anticipate some particular type of
"repair" being made by SBC. I'd suggest adding couple of sentences
about this.
2008-04-09
09 Pasi Eronen [Ballot Position Update] New position, Discuss, has been recorded by Pasi Eronen
2008-04-09
09 Magnus Westerlund
[Ballot discuss]
I think the draft is not detailed enough of the architectural implications of modifying the media path so that the SBC or a …
[Ballot discuss]
I think the draft is not detailed enough of the architectural implications of modifying the media path so that the SBC or a SBC controlled device perform relaying of the media. As evident from the TURN discussion relaying packets are not that simple, and it usually requires specific support at the lower layer to carry IP and transport header information correctly between the incomming and outgoing part in relay. Resulting in that relay functions make commonly break functionality such as ECN, PMTUD (due to DF bit setting errors), QoS (Type of service).

I would like this to be better reflected in the text in the relevant sections.
2008-04-09
09 Magnus Westerlund [Ballot Position Update] New position, Discuss, has been recorded by Magnus Westerlund
2008-04-08
09 Chris Newman
[Ballot discuss]
This is a discussion disuss, although it might result in a document
revision or RFC editor note if the authors and/or IESG agree …
[Ballot discuss]
This is a discussion disuss, although it might result in a document
revision or RFC editor note if the authors and/or IESG agree with my
suggestions.

I'm very supportive of publishing this sort of document and am likely
to vote yes after discussion.  I'd like customers of IETF standards to
have maximal security and privacy and that's only possible if we build
architectures that fit the real-world requirements, so documenting
the requirements as realized in deployed software is a benefit to the
standards community.

However, I think this document falls a bit short on the recommendations
for future work in the IETF.  It basically admits that some uses of
SDPs will never go away.  If that's the case, shouldn't we have a
mechanism to authenticate and secure SBCs as we do for HTTP proxies?
Why shouldn't such a mechanism be standardized (with appropriate
caveats)?  Can we also get trace headers inserted into the SDP so
we know when the SBC has made a modification?  Middleboxes may be a
necessary evil, but they are less evil when their presence is
documented and so it does less harm to problem diagnosis.  Should
we have best practices for SBCs as we now do for NATs?  If the best
we can do for some users is hop-by-hop transport security through a
known and authenticated SBC, that's a lot better than no security.

I also recommend referencing the BEHAVE specifications for NAT
traversal purposes.  Can't the SBC just use the timeout specified
there?  Are smaller timeouts necessary to deal with non-BEHAVE compliant
NATs that shut down sessions too soon?  Is this an interim measure
until NATs are fixed to comply with BEHAVE or are the BEHAVE keepalive
timeouts unrealistic?
2008-04-08
09 Chris Newman [Ballot Position Update] New position, Discuss, has been recorded by Chris Newman
2008-04-08
09 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert
2008-04-07
09 Russ Housley
[Ballot comment]
Section 3.4.2 says:
  >
  > There is also a problem related to the method how SBCs choose the
  > value …
[Ballot comment]
Section 3.4.2 says:
  >
  > There is also a problem related to the method how SBCs choose the
  > value for the validity of a registration period.  This value should
  > be as high as possible, but it still needs to be low enough to
  > maintain the NAT binding.  Typically SBCs do not have any
  > deterministic method for choosing a suitable value.  However, SBCs
  > can just use a sub-optimal, relatively small value which usually
  > works.
  >
  This text begs for an additional sentence.  Please provide an example
  of "a sub-optimal, relatively small value which usually works".

  Section 3.1.3: s/beeing/being/
2008-04-07
09 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley
2008-04-03
09 Jon Peterson State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Jon Peterson
2008-04-03
09 Jon Peterson Placed on agenda for telechat - 2008-04-10 by Jon Peterson
2008-04-03
09 Jon Peterson [Ballot Position Update] New position, Yes, has been recorded for Jon Peterson
2008-04-03
09 Jon Peterson Ballot has been issued by Jon Peterson
2008-04-03
09 Jon Peterson Created "Approve" ballot
2008-03-25
05 (System) New version available: draft-ietf-sipping-sbc-funcs-05.txt
2008-01-16
09 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2008-01-10
09 Samuel Weiler Request for Last Call review by SECDIR Completed. Reviewer: Tero Kivinen.
2008-01-08
09 Amanda Baber IANA Last Call comments:

As described in the IANA Considerations section, we understand this document
to have NO IANA Actions.
2008-01-03
09 Samuel Weiler Request for Last Call review by SECDIR is assigned to Tero Kivinen
2008-01-03
09 Samuel Weiler Request for Last Call review by SECDIR is assigned to Tero Kivinen
2008-01-02
09 Amy Vezza Last call sent
2008-01-02
09 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2008-01-02
09 Jon Peterson Last Call was requested by Jon Peterson
2008-01-02
09 Jon Peterson State Changes to Last Call Requested from AD Evaluation::AD Followup by Jon Peterson
2008-01-02
09 (System) Ballot writeup text was added
2008-01-02
09 (System) Last call text was added
2008-01-02
09 (System) Ballot approval text was added
2007-12-21
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2007-12-21
04 (System) New version available: draft-ietf-sipping-sbc-funcs-04.txt
2007-09-13
09 Jon Peterson State Changes to AD Evaluation::Revised ID Needed from AD Evaluation by Jon Peterson
2007-06-14
09 Jon Peterson State Changes to AD Evaluation from Publication Requested by Jon Peterson
2007-04-20
09 Dinara Suleymanova
PROTO Write-up

(1.a) Who is the Document Shepherd for this document? Has the
Document Shepherd personally reviewed this version of the
document and, in particular, …
PROTO Write-up

(1.a) Who is the Document Shepherd for this document? Has the
Document Shepherd personally reviewed this version of the
document and, in particular, does he or she believe this
version is ready for forwarding to the IESG for publication?

Mary Barnes is the document shepherd. She has reviewed this version of
the document
and believes it is ready.

(1.b) Has the document had adequate review both from key WG members
and from key non-WG members? Does the Document Shepherd have
any concerns about the depth or breadth of the reviews that
have been performed?

Yes. Three members (Francois Audet, Spencer Dawkins and Michael
Procter) of the WG
have reviewed this document in detail. There are no concerns over the
depth or
breadth of the reviews.

(1.c) Does the Document Shepherd have concerns that the document
needs more review from a particular or broader perspective,
e.g., security, operational complexity, someone familiar with
AAA, internationalization or XML?
No.

(1.d) Does the Document Shepherd have any specific concerns or
issues with this document that the Responsible Area Director
and/or the IESG should be aware of? For example, perhaps he
or she is uncomfortable with certain parts of the document, or
has concerns whether there really is a need for it. In any
event, if the WG has discussed those issues and has indicated
that it still wishes to advance the document, detail those
concerns here. Has an IPR disclosure related to this document
been filed? If so, please include a reference to the
disclosure and summarize the WG discussion and conclusion on
this issue.

There are no specific concerns or issues. There is no IPR disclosure.

(1.e) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with
others being silent, or does the WG as a whole understand and
agree with it?

There is WG consensus behind this document and no one has
expressed concerns about its progression.

(1.f) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in
separate email messages to the Responsible Area Director. (It
should be in a separate email because this questionnaire is
entered into the ID Tracker.)

No.

(1.g) Has the Document Shepherd personally verified that the
document satisfies all ID nits? (See
http://www.ietf.org/ID-Checklist.html and
http://tools.ietf.org/tools/idnits/). Boilerplate checks are
not enough; this check needs to be thorough. Has the document
met all formal review criteria it needs to, such as the MIB
Doctor, media type and URI type reviews?

Yes. The draft has been validated for nits using idnits 2.04.07.

(1.h) Has the document split its references into normative and
informative? Are there normative references to documents that
are not ready for advancement or are otherwise in an unclear
state? If such normative references exist, what is the
strategy for their completion? Are there normative references
that are downward references, as described in [RFC3967]? If
so, list these downward references to support the Area
Director in the Last Call procedure for them [RFC3967].

Yes, the document references are split. There are no downward
references.

(1.i) Has the Document Shepherd verified that the document IANA
consideration section exists and is consistent with the body
of the document? If the document specifies protocol
extensions, are reservations requested in appropriate IANA
registries? Are the IANA registries clearly identified? If
the document creates a new registry, does it define the
proposed initial contents of the registry and an allocation
procedure for future registrations? Does it suggest a
reasonable name for the new registry? See [RFC2434]. If the
document describes an Expert Review process has Shepherd
conferred with the Responsible Area Director so that the IESG
can appoint the needed Expert during the IESG Evaluation?

Yes, there is an appropriate IANA section reflecting that this document
has no IANA considerations.

(1.j) Has the Document Shepherd verified that sections of the
document that are written in a formal language, such as XML
code, BNF rules, MIB definitions, etc., validate correctly in
an automated checker?

There are no sections written in a formal language requiring validation.


(1.k) The IESG approval announcement includes a Document
Announcement Write-Up. Please provide such a Document
Announcement Write-Up? Recent examples can be found in the
"Action" announcements for approved documents. The approval
announcement contains the following sections:

Technical Summary
This documents describes functions implemented in Session
Initiation Protocol (SIP) intermediaries known as Session
Border Controllers (SBCs). The goal of this document is to
describe the commonly provided functions of SBCs. A
special
focus is given to those practices that are viewed to be in
conflict with SIP architectural principles. This document
also explores the underlying requirements of network
operators
that have led to the use of these functions and practices
in
order to identify protocol requirements and determine
whether
those requirements are satisfied by existing specifications
or additional standards work is required.

Working Group Summary
The SIPPING WG supports the development and advancement of
this document.

Document Quality
This document defines no new protocol elements.
The document was thoroughly reviewed within the SIPPING WG.

Francois Audet, Spencer Dawkins and Michael Procter
provided
detailed reviews during and post WGLC.

Personnel
Mary Barnes is the WG chair shepherd. Jon Peterson is the
responsible Area director.
2007-04-20
09 Dinara Suleymanova Draft Added by Dinara Suleymanova in state Publication Requested
2007-04-18
03 (System) New version available: draft-ietf-sipping-sbc-funcs-03.txt
2007-04-13
02 (System) New version available: draft-ietf-sipping-sbc-funcs-02.txt
2007-02-21
01 (System) New version available: draft-ietf-sipping-sbc-funcs-01.txt
2006-11-27
00 (System) New version available: draft-ietf-sipping-sbc-funcs-00.txt