Hi,
the problem of doing many things in one SIP operation (i.e., in a SIP
request) is that it is difficult to report errors if something goes wrong.
If you want to create an ad-hoc conference with rules that are different
from the default ad-hoc conference, you can always use a different way
to create the conference (i.e., without using URI lists; using a
conference control protocol). URI lists are an optimization for the more
typical use cases where session establishment should be very fast.
Cheers,
Gonzalo
Linyi Tian wrote:
Hi, Gonzalo
But my question is when and how the rules are provided? For conferencing with
pre-defined group the rules are typically specified by group owner (user). How
about ad hoc conference?
I think currently in PoC ad hoc session, the rules are only local policy for
PoC Server, but not provided by initiator, right? If there is a mean for
initiator to manipulate rules after session is created, it seems there is a
risk after conf is created but rules are not ready. Some attendees may do
something bad which is out of control during that period. This is not expected
by the initiator.
BR,
Linyi
-----Original Message-----
From: Gonzalo Camarillo [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 17, 2007 3:54 PM
To: Linyi Tian
Cc: [email protected]
Subject: Re: [Sip] Comments and questions
todraft-ietf-sip-uri-list-conferencing-01.txt
Hi Linyi,
(1) On section "5. Conference Server Procedures"
Many conference servers have restriction to maximum number of attendees
for conference. If the users of 'recipient-list' exceeds the limitation,
what status code should be returned?
I would return a 403 (Too many recipients).
---------------------------------------
7. Security Considerations
This document discusses setup of SIP conferences using a
request-contained URI-list. Both conferencing and URI-lists services
have specific security requirements which will be summarized here.
Conferences generally have authorization rules about who can or cannot
join a conference, what type of media can or cannot be used, etc. This
information is used by the focus to admit or deny participation in a
conference. It is RECOMMENDED that these types of authorization rules
be used to provide security for a SIP conference.
----------------------------------------
(2) When and how the authorization rules are specified and applied to
the conference? Before the conference creation seems not possible since
Conf-URI is not assigned. If specified after the conference creation, it
seems there is a risk after conf is created but rules are not ready.
Some attendees may do something bad which is out of control during that
period.
They are applied at conference creation. The server receives the
request, creates the conference with its rules, and only adds the
participants in the list if those rules allow it to do it. This is
already implemented in the OMA PoC (Push-to-talk over Cellular) service.
Thanks for your comments,
Gonzalo
_______________________________________________
Sip mailing list https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
