inline On Tue, 2002-12-03 at 19:16, Arunachalam Venkatraman wrote: > After I saw Robert's posting on branch for a stateless proxy, I thought this > related question may also be relevant at this time since it remained > un-answered the first time I posted it. > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Arunachalam > Venkatraman > Sent: Friday, August 23, 2002 11:00 AM > To: Sip-Implementors > Subject: [Sip-implementors] To Tag idempotence for stateless UAS > > > In 8.2.7 of RFC3261, it is stated that > >>> > To header tags MUST be generated for responses in a stateless > manner - in a manner that will generate the same tag for the > same request consistently. For information on tag construction > see Section 19.3. > > <<<< > > > This would suggest that the Tag be generated in a deterministic manner based > on request parameters. > However, in 19.3, it is stated that the tag "MUST be globally unique and > cryptographically random with at least 32 bits of randomness" > > These requirements appear to be at odds with each other.
These are complementary, not contradictory requirements. The tag belongs to the message. When the tag is generated, it must satisfy the uniqueness and unguessability requirement above. When the message is retransmitted, the tag must remain the same. There is no conflict here, just a restriction on the algorithm a stateless element uses to generate the tag to ensure the consistency (since it by definition isn't keeping state) Cryptographically random does not mean "output of a random number generator". It means "reasonably indistinguishable from the output of a random number generator" if you aren't aware of all the inputs to the generation. > > The need to make the Tag idempotent in a response is obvious. Otherwise, > retransmission of a request will elicit a different response from that sent > previously. If both the resposes are received by the UAS with different > tags, the request will appear to have forked. > > The issue is that if the tag is generated randomly and not in a > deterministic manner, the tag cannot be idempotent for the request. Again, the generation can be (if fact, must be) deterministic, and still appear to be an unguessable sequence to a third party observer. > > What gives? > > Venkat > > _______________________________________________ > Sip-implementors mailing list > [EMAIL PROTECTED] > http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors > > _______________________________________________ > Sip-implementors mailing list > [EMAIL PROTECTED] > http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
