1 / 7

Exploders

Explore security considerations when utilizing URI parameters vs. header fields in the context of exploders and outgoing message tracking. Guidelines for mandatory authentication/authorization and mechanisms for agreeing to receive requests. Understanding the importance of sender and target permissions.

dannyk
Download Presentation

Exploders

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Exploders Gonzalo.Camarillo@ericsson.com

  2. Outline • Security Considerations • URI Parameter vs. Header Field • Documentation

  3. Security Considerations • Mandatory authentication/authorization • Tracking senders: • outgoing messages carry the identity of the original sender or, • the exploder logs the explosions it performs • Destination need to agree (out of band) to receive requests from the exploder beforehand

  4. Mechanism for UASs to Agree to Receive Requests • Sender cannot use the exploder’s facilities to reach more than one target per request until the targets have given the exploder permission for the sender. • Exploder rejects requests that reference targets that have not granted permission. • Sender requests exploder to ask each target if it is willing to accept requests sent by the exploder on behalf of the sender, with a separate request for each individual target.

  5. URI Parameter vs. Header Field • The list logically belongs to the Request-URI • Proxies may remove URI parameters • Proxies handling the exploder’s domain need to know that they should not remove the list parameter • Header fields are always delivered to the UAS

  6. Documents • SIPPING • draft-camarillo-sipping-exploders-03.txt • draft-camarillo-sipping-uri-list-02.txt • draft-garcia-sipping-message-exploder-00.txt • draft-camarillo-sipping-multiple-refer-01.txt • draft-camarillo-sipping-adhoc-conferencing-00.txt • SIMPLE • draft-camarillo-sipping-adhoc-simple-00.txt

  7. Realization Using Event Package • Sender subscribes to explode-svc-permission event on exploder, referencing target in request • Exploder subscribes to explode-permission event on each target, including sender ID. • For duration of subscription, exploder assumes it has permission to send requests from sender to target.

More Related