25 Jan
2013
25 Jan
'13
8:51 a.m.
Hello,
I expected from the previous email that the conversation makes no sense,
because it is somehow a clear misunderstanding. In the initial topic of
updating some headers you come up with the idea that (quoted):
"So that's for example a very good scenario where it pays off to have an
SBC in your system"
It was not my case in the past 12 years, really, not for such thing, no
matter how you want to put it, not even as possible scenario, not at all
as a very good one.
And if you suggest that is 'the solution' for fraud preventions, then I
am SIP blind, not short sighted. Terminology like saves a*ses, plain FUD
or short sighted does not have anything to do with technical arguments,
its for throwing in a no-arguments discussion. I guess sems guys are
happy coding already...
You divert easily to different use cases of kamailio, which don't have
anything to do anymore with "a SBC for updating headers" or "SBC as
b2bua". Suddenly is also about gateways between protocols and breaking
out, what SBC have to do with these specific elements? Can't there be
fraud between two pure IP RTC providers?!?! I know also a sbc can run on
separate box with linux, that can provide ssh tunneling if needed, or
other value added features such as a web server, which can be a must in
a specific operator business plan.
But I said that I refer to proper SIP SBC as the function, not to a
specific application/system as a whole which can do something else, ivr,
voicemail, etc... or what so ever system that does port forwarding. Now,
you come to say that one can interpolate or do derivatives to the
application and could get a space shuttle, but it is no more a SBC.
I am really more than happy sems gets what you need and how you wanted,
is a cool application, I never said something else. You can ask for
license fee refund if you got kamailio for a sbc function and is not :-)
Besides SIP blindness, I am getting also speechless - "any b2bua-like
element in general is bad because it limits innovation as a whole is
just wrong" - maybe one can explain me how an UA can use any
functionality that is not supported in the b2bua, when is in a session
with the 1/2 of the b2bua.
No sense for more, back to testing 4.0.0...
Cheers,
Daniel
On 1/25/13 12:54 PM, Andreas Granig wrote:
Hi,
On 01/24/2013 11:52 PM, Daniel-Constantin Mierla wrote:
Your reasoning goes like this: A proxy allows to pass through any kind
of method and any kind of headers and bodies, and is therefore open
and good. An sbc blocks unknown methods and headers and bodies and
messes with the messages, and is therefore bad.
This is simply not true. Just because the default kamailio config
allows this openness doesn't mean that's how all kamailio configs are
deployed. It's straight forward to limit message types and to filter
messages, and in fact lots of people do this. Now does this make
kamailio suddenly bad? At the same time, it's easy to let an sbc pass
through unknown message types and not filter the messages, and thus in
no way limit the end-to-end communication. Is it then still bad?
In the end, it's the use case that matters. If you're bashing
telco-style operators because they're providing PSTN break-outs and
bear the risk of getting victims of fraud and therefore are protecting
this line of signalling, then this seems a bit short-sighted.
Fully agree. But compared to email, you've different networks in RTC,
like SIP, XMPP, SS7, ISDN etc. As long as it stays all-IP and nobody
holds up his hands to collect money for such transits or terminations,
it's all good, and you as an operator don't have to care about someone
abusing your service (it's an annoyance which you better stop at some
point, but it doesn't cost you thousands of dollars per
hour/day/whatever). However, these business models charging for such
communications won't go away any time soon, and I as an end-user
actually appreciate to be able to call also mobile numbers, even
though the feature set is limited to what we had for the last 100
years. The whole world is going through a transition period from
circuit switched networks to packet switched networks, and during this
period, you as an operator better protect your assets as long as you
get charged for it from up-stream.
But again, this is just ONE use case of an sbc, and it doesn't mean
your end-to-end communication gets stripped down to the bare basics by
definiton.
Methods for secure end-to-end communication do exist, it's a matter of
providing endpoints which properly implement them and let the users
know if the operators tinkered with their communication channel.
This is not specific to sbcs though, as you can engage in a dialog
with kamailio as well (like dialog/uac for example). It's a matter of
how far you want to push your proxy to do certain tasks. And for some
tasks, a b2bua element is better suited than a proxy by design. This
doesn't mean you can't do things both ways.
As an operator, it comes down to knowing your scenarios and choosing
the right tools for the right job. Saying that an sbc or any
b2bua-like element in general is bad because it limits innovation as a
whole is just wrong.
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio World Conference, April 16-17, 2013, Berlin
- http://conference.kamailio.com -
Since you
claim that your cool stuff gets broken, I'd appreciate you
to come forward with an example, otherwise it's plain FUD.
I think you could really come up with a better demand in this
discussion, otherwise is clear misunderstanding of the topic and makes
no sense for further debate.
Anyhow, for the peace of your soul, alice and bob have a shared password
and want to exchange a private token/data carried with each request in a
custom header xyz. The body of this header is set as base64 of the value
resulted from encryption of the token with a specific encryption
algorithm known only by alice and bob, using the shared password, own
via branch parameter value, contact uri, call id and from tag. Let me
know how a sbc/b2bua will make that work. I let you disclose it to sems
guys so they can be happy fixing this extension to work through sems
sbc. Or maybe the FUD is coming from the other direction ... Future
RTC platforms from real IP companies will (and already do)
provide web APIs, where you can build fancy applications using
HTML5/JS on top. There is even no need for SIP at all to do so, as
long as you stay in your walled garden, so there is also no need for a
SIP proxy. Just saying.
If you speak about the webrtc, it will have a role on online
interactions. But I don't see replacing the telephony system. Nobody
will stay with the browser open to be reachable (even less open to
several providers). So walled gardens rtc will be as an addition feature
to existing walled gardens.
However, if you care about interoperability, you'll also in the future
use SIP or XMPP.
At some point (I hope) it will end up in a email-servers-like grid. And
I won't care about what is the protocol behind that much... From a
functional perspective, it makes perfect sense to split call
legs in certain scenarios with a b2bua (which is essentially what sbcs
are), because it allows to actively engage in established dialogs,
which in turn is what you want or need for server-side voice
applications. And this is why proxies and sbcs (or b2buas, or however
you want to call them) can perfectly work together in a SIP system.
Do you mean, me, as user paying for the RTC service (so we practically
talk here about location service, because all is IP), I want the
provider to actively engage in my 3d naked hologram call with my doctor?
For? Putting pills advertising banners in the middle? At the end, I haven't heard that telephony
operators are major players
in RTC innovation, but maybe they didn't deployed enough SBCs ... and
the baby brother ALGs ...
The big telco operators have a much different agenda than small and
innovating startups. Just because the big telcos use sbcs doesn't mean
that sbcs prevent innovation. It's their mind and business plan which
does, you can't blame it on technology.
Andreas
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users