[SIPForum-techwg] Feedback on bootstrapping

DOLLY, MARTIN C, ATTLABS mdolly at att.com
Mon Sep 29 11:52:17 EDT 2008 

What Call? 

-----Original Message-----
From: techwg-bounces at sipforum.org [mailto:techwg-bounces at sipforum.org]
On Behalf Of Dutkiewicz, Marek
Sent: Monday, September 29, 2008 11:17 AM
To: Sumanth Channabasappa; Henning Schulzrinne
Cc: techwg at sipforum.org
Subject: Re: [SIPForum-techwg] Feedback on bootstrapping

What time is the call today, and is it open to all techwg members? 

Thanks
Marek

-----Original Message-----
From: techwg-bounces at sipforum.org [mailto:techwg-bounces at sipforum.org]
On Behalf Of Sumanth Channabasappa
Sent: Sunday, September 28, 2008 8:30 AM
To: Henning Schulzrinne
Cc: techwg at sipforum.org
Subject: Re: [SIPForum-techwg] Feedback on bootstrapping

Henning,

The config framework presents various options and guidelines based on
known deployments that employ different mechanisms. In this sense it
addresses the scenarios we know about, but does not provide specific
solutions. We can use these guidelines and formulate one or more
bootstrapping solutions for our purposes. For example, clients with UIs
can rely on user-entered domain and initial credentials. Clients without
UIs will need other mechanisms to obtain the domain name (e.g., DHCP)
and rely on say content indirection for initial bootstrapping. (If we
can agree, perhaps there can be one single mechanism, but this requires
feedback and discussions.)

Let's discuss on the call tomorrow.

- S

-----Original Message-----
From: Henning Schulzrinne [mailto:hgs at cs.columbia.edu] 
Sent: Sunday, September 28, 2008 8:51 AM
To: Sumanth Channabasappa
Cc: techwg at sipforum.org
Subject: Re: [SIPForum-techwg] Feedback on bootstrapping

I'm not sure I agree. While it may be possible to extract the common  
consumer case (get user name and password via a web sign up) out of  
the document, this seems far from easy.

I'd like to see a crisp description how the SIP digest fields, for  
example, are populated. This seems to be a source of continuing  
confusion. Section 5.3.1 is exceedingly vague in this regard.

Henning

On Sep 26, 2008, at 7:18 PM, Sumanth Channabasappa wrote:

> Folks,
>
> Martin and I discussed the action item regarding the support for
> bootstrapping within the SIP configuration framework
> (http://tools.ietf.org/html/draft-ietf-sipping-config-framework-15).
>
> Based on previous discussions, the understanding is that bootstrapping
> involves two aspects:
> A. How does the client figure out where it needs to go for initial
> configuration?
> B. How is it provided with identities and credentials for initial
> authentication and authorization, if required?
>
>
> The SIP configuration framework currently includes text to address the
> above, but stops short of mandating or recommending specific  
> solutions.
>
> Section 5.3.1 of the document provides various ways in which a client
> can be bootstrapped with identities and credentials: pre- 
> configuration,
> out-of-band, end-user-interface as well as using the framework. Within
> each of these options it provides some guidance, e.g., one can use X. 
> 509
> certificates for identifying the client requesting initial  
> configuration
> (without pre-configuration when a PKI is used) or an end-user can
> provide the necessary information. These methods can be used for  
> both A
> and B, above.
>
> Additionally, it also provides sample scenarios on a per-profile  
> basis.
> For example, the local-network profile in Section 5.1.4.1 allows for  
> the
> device to obtain a domain name via DHCP. This can be helpful in the  
> case
> of enterprise clients where the DHCP server can be influenced by the
> service provider. Once this is obtained, the resulting configuration  
> can
> provide all the other details.
>
> Martin and I agree that given the scope of the SIP configuration
> framework, this is sufficient guidance. Implementations are going to  
> use
> one or more of the proposed methods, and the framework will support  
> it.
> We validated this by discussing a few planned deployments (that we are
> aware of) and the framework meets the needs of the scenarios we came  
> up
> with.
>
> ---
>
> In addition to what Martin and I discussed, this group can potentially
> take the guidelines within the framework and create a subset of
> procedures for reasons such as interoperability. This would be
> independent of the action item we took.
>
> We can discuss both the summary, and other related work on Monday.
>
> Thanks!
> - S
>
>
>
>
>
>
> _______________________________________________
> techwg mailing list
> Send mail to: techwg at sipforum.org
> Unsubscribe or edit options at:
http://sipforum.org/mailman/listinfo/techwg


_______________________________________________
techwg mailing list
Send mail to: techwg at sipforum.org
Unsubscribe or edit options at:
http://sipforum.org/mailman/listinfo/techwg

_______________________________________________
techwg mailing list
Send mail to: techwg at sipforum.org
Unsubscribe or edit options at:
http://sipforum.org/mailman/listinfo/techwg

More information about the techwg mailing list