Jiri Kuthan wrote:
At 17:34 19/10/2007, Christian Schlatter wrote:
I don't understand why username@domain is not
unique enough?
sometimes it is christian(a)domain.com, sometimes christian.schlatter(a)domain.com,
sometimes it is christian.schlatter@.domain.org or even worse you can take your
spouses'
name and from day D you begin to be christian.blair(a)domain.org, and your company
gets acquired and you become christian.blair(a)oracle.com. (Which clients without
DNS/SRV can try to reach as christian.blair(a)sip.oracle.com, and those who pay
extra respect to you using capital letters as Christian.Blair(a)sip.oracle.com)
The implication to sanity of data in usrloc, accounting and other tables is immense
if you don't bring those to a common denominator. Any change to any name becomes
a real pain. The point is names do changes, use of numbers is designed to make
relations between tables invariable.
Ok, this makes sense e.g. for foreign key relationships, but isn't this
more of a database specific thing? We are using our university's LDAP
based identity management system to manage SIP accounts, and openser
accesses this system directly through H.350. Our assumption is that the
SIP proxy shouldn't care about identity management at all, so it doesn't
care if it is christian.blair(a)domain.org or christian.blair(a)oracle.com.
You're raising a good point, but I think identity management should not
be done in the SIP proxy.
According to RFC 3261 section 19.1.4, SIP
usernames are case sensitive, so you actually shouldn't convert them to
upper/lower-case.
That's a protocol thing. An example implication is that you shall not forward SIP
request
to other domains whilst changing the URI.
However, if you are processing a request for your domain, you own the username and the
way
you process it is subject to your policy. You can use an LDAP alias to expand to
other URI, you can do call-forwarding by rewriting the URI to something completely
else, you can expand a speed-dial to a full URI, you can do anything you desire
with the username you own. I personally prefer to ignore case, but the key point
is you are allowed to and should set a coherent policy on how you deal with names.
I had to find out the hard way that asterisk is treating SIP usernames
case sensitive which lead to the decision that it is the safest to
handle SIP usernames case sensitive everywhere.
Your're right though that this is a matter of local policy.
/Christian
And
user/domain aliases is a different issue since it always involves some kind of alias
mapping lookup.
That's the separate things following the same scheme indeed. If you don't want
to
do a data migration story on any name change, use IDs, for example UUIDs.
-jiri
/Christian
See above inline for what happens when you do it
other ways. In any case
that's how unambiguous behaviour shall be achieved in a "water-proof" way.
So, I do not see any fundamental error here,
given the subject of the discussion.
looking up user data by his username as
opposed to by id is just very poor idea,
let's face it. (those familiar with unix may find too that usernames are used
as input/output user-interface thing, but the OS actually operates over numbers)
The funny part is that getting things right is apparently not a big deal in this
case, but getting it wrong can cause big headaches.
I am not sure though what of it is coding and what of it is configuration thing in
openser, I'm sure some will know.
-jiri
--
Jiri Kuthan
http://iptel.org/~jiri/
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users
--
Jiri Kuthan
http://iptel.org/~jiri/