[sr-dev] TLS: Sip-Routers adds a Record-Route with "sip" scheme rather than "sips"

Iñaki Baz Castillo ibc at aliax.net
Tue Jul 5 19:04:42 CEST 2011 

2011/7/5 Jan Janak <jan at ryngle.com>:
> So what is the difference then? How is a Route header with sips scheme
> different from a Route header with the transport=tls parameter? Is the
> proxy server supposed to treat Route headers with sips differently
> than Route headers with sip;transport=tls?

No, the only difference is that transport=tls is deprecated and
""""maybe"""" some devices don't understand ;transport=tls.


> But my original question was related to the Route/Record-Route header.
> There the proxy records the particular transport mechanism that was
> used when the dialog was being established. So if the INVITE was
> received over TLS, it would contain ;transport=tls in the Route
> header.
>
> You mentioned that the Route header should rather contain sips scheme
> if the scheme of the Request-URI was sips. And I don't understand why.
> Maybe you're right, but I don't see what difference that would make at
> the moment.

Within a hop, sip:IP;transport=tls and sips:IP;transport=tcp seems to
mean exactly the same. It just occurs that sips is preferred by RFC's
and "tls" seems to be deprecated.



>> But anyway, in other thread in sip-implementors I got the conclussion
>> that RFC 3261 deprecates sips schema with transport=tls, but says
>> nothing about sip schema with transport=tls (in fact, "tls" is still a
>> valid transport according to the BNF grammar). So, I don't say that
>> current sip-router behavior is wrong, but I think it would be more
>> "ellegant" if it would use sips URI and ;transport=tcp.
>
> Elegant is a subjective and it hardly justifies such change, we need
> more hard evidence supporting such change.

Yes, I'm not suggesting to change it, just wanted to open a discussion
about it :)


>> NOTE: In fact, some existing clients (as the widely extended PJSIP)
>> would fail if the Record-Route contains sips+transport=tcp as I've
>> reported today:
>>  http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/2011-July/013102.html
>>
>> This is because PJSIP does not understand at all the meaning of a sips
>> schema (ugly in a so widely deployed SIP stack).
>
> One can hardly blame them, I don't understand sips either ;-).

I agree. sips schema is a pain. There is a RFC (5630) trying to
clarify it (as 3261 says nothing clear) and still here are a lot of
doubts about it.

Maybe it's just better to continue with sip and transport=tls in
Record-Route, but another approach could be sips and transport=tls (it
would satisfy devices expecting sips and devices expecting tls
transport).


Cheers.


-- 
Iñaki Baz Castillo
<ibc at aliax.net>

More information about the sr-dev mailing list