History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: XECS-1517
Type: New Feature New Feature
Status: Open Open
Priority: Major Major
Assignee: Unassigned
Reporter: Martin Steinmann
Votes: 0
Watchers: 1
Available Workflow Actions

Resolve
Request Information
Operations

If you were logged in you would be able to see more operations.
sipXecs

Subscription requests from external clients need to be handled by the RLS

Created: 2008-06-14 09:59   Updated: Friday 13:54
Component/s: sipXrls
Affects Version/s: 3.11
Fix Version/s: 4.2

Original Estimate: Unknown Remaining Estimate: Unknown Time Spent: Unknown
Issue Links:
Related
 
This issue related to:
XECS-1606 No authorization for dialog event sub... Major Patch Pending


 Description  « Hide
Problem: When an external client (i.e. a client from a different domain that is not registered with the sipXecs proxy) sends a subscribe for line state or other event packages to a SIP URL on our system (i.e. subscribe to 1234@our-domain.com), then that subscription request is sent to the internal phone that registered under that contact. The RLS server is not involved.

Such requests need to be handled by the RLS on behalf of the UA, because:
   - We want to be able to implement policy so that we can allow / deny such requests
   - We need scalability where such requests are handled centrally
   - This needs to also work with phones that can only handle one subscription at a time

Therefore, the proxy needs to intercept and route all such subscription requests to the RLS. The RLS then either already has a subscription for that contact and uses it to service the request, or creates a new subscription to the contact on the fly.
   

 All   Comments   Work Log   Change History      Sort Order:
[ Permlink | « Hide ]
Scott Lawrence - 2008-06-14 21:01
There is a policy question here:

Should this be allowed at all?

[ Permlink | « Hide ]
Dale R. Worley - 2008-06-16 11:00
In order to enforce permission, we need to be able to configure the phones to only allow such subscriptions from the RLS.

[ Permlink | « Hide ]
Martin Steinmann - 2008-06-16 19:41
With all the subscription transactions going throuvgh the RLS a possible policy is to deny them all. However, in general this is a highly desirable capability first enabled by SIP

Phone's are typically on local (non-routable) IP addresses. Therefore, wouldn't a request from an EXTERNAL client have to be made using the domain name and therefore that request would always be routed to the RLS? Dealing with the security aspects of internal subscription requests, therefore, would be a different issue and would most likely require support in the phone.

[ Permlink | « Hide ]
Paul Mossman - 2008-11-14 13:54
I'm also skeptical about implementing this. The privacy issue will be solved with XECS-1606. For scalability one can instead use a Resource List offered from sipXrls. Polycoms can now handle more than one subscription at a time, but even so by using a Resource List via sipXrls one would not incur an extra subscription to the phone.


Powered by a free Atlassian JIRA non-profit license for Sip Foundry. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.10-#260) - Bug/feature request - Contact Administrators