To add bodies or not? - PowerPoint PPT Presentation

About This Presentation
Title:

To add bodies or not?

Description:

Requires Addition of bodies by biloxi.com. ... an option-tag in a REGISTER to indicate it supports body repacking. ... Works with proposal to add/repack bodies ... – PowerPoint PPT presentation

Number of Views:32
Avg rating:3.0/5.0
Slides: 11
Provided by: ietf
Learn more at: https://www.ietf.org
Category:
Tags: add | bodies

less

Transcript and Presenter's Notes

Title: To add bodies or not?


1
To add bodies or not?that is the question
  • Rohan Mahy
  • rohan_at_cisco.com

2
Typical Applications
  • Logging
  • Bandwidth / Media / Codec Policy
  • Cooperative NAT and Firewall Traversal
  • Request History
  • Location Conveyance

3
Explicit Policy Fetch
atlanta.com
biloxi.com
Alice
Bob
  • Works great when policies dont depend on who you
    call, or dynamic properties like load.
  • Obviates the need to mucking with typical INVITE
    flow much of the time. Still need another
    solution.

4
Full Redirect Model
atlanta.com
biloxi.com
Alice
Bob
  • Minimal session policy possible
  • Doesnt work at all through middleboxes
  • Doesnt work with the GRUU mechanism

5
Triangle Redirect Model
atlanta.com
biloxi.com
Alice
Bob
  • Most preferred model when allowed by policy
  • Incompatible with policy requirements of many
    organizations

6
Trapezoid Redirect Model
atlanta.com
biloxi.com
Alice
Bob
  • Adds lots of extra RTTs
  • Unclear what Alice is consenting to and how she
    can authorize the inclusion of arbitrary opaque
    data if this implies her consent
  • Reveals information potentially private between
    Bob and biloxi.com

7
Foreign Piggyback Model
atlanta.com
biloxi.com
Alice
Bob
  • Meets both Alices and Bobs consent requirement
    without leaking Bobs data to Alice
  • Fewer RTTs
  • Requires Addition of bodies by biloxi.com.
    Backward compatible using repack option-tag
    (more on this later)
  • Security is better. Authorization by Alice is
    simple
  • Can also address AORContact correlation problem

8
Full Piggyback Model
atlanta.com
biloxi.com
Alice
Bob
  • Doesnt permit Alice to consent to
    modifications/insertions made by atlanta.com

9
Adding Bodies SafelySecure and Backwards
Compatible
  • biloxi.com may only add a body to a request when
    retargeting to a UAS registered in the biloxi.com
    domain (for example Bob). Never responses.
  • Any additions are always marked as added-by
    biloxi.com. Biloxi either signs its additions
    with S/MIME or forwards them directly over TLS
    to Bob
  • Bob includes an option-tag in a REGISTER to
    indicate it supports body repacking.
  • Q Is this secure? See the ContactAOR
    correlation problem

10
Contact Correlation Problem
  • How does Alice know that ltsipline2_at_17.18.32.4gt
    (a contact) corresponds to ltsipbob_at_biloxi.comgt
    (an AOR)?
  • Not really a problem in a triangle topology.
    Slightly problematic in a trapezoid if either
    user is roaming. (Alice is using what appears to
    be a hotel lobby wireless network with a
    mandatory SIP proxy. No way to automatically
    judge trust of this proxy)
  • Obvious solution is request history. Proxies that
    retarget, provided signed cookie trail to the
    eventual Contact.
  • Works with proposal to add/repack bodies
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "To add bodies or not? " is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!