Editors note ice tcp is required for tcp based media

Info icon This preview shows pages 126–128. Sign up to view the full content.

View Full Document Right Arrow Icon
Editor's note: ICE TCP is required for TCP based media (e.g. MSRP) but is not yet supported in TS 23.228 [3] and TS 24.229 [8]. These specifications need to be updated. Editor's note: How the client is authenticated and authorized by the TURN server is ffs. One possibility is to use the SIP Digest credentials and the normal TURN authentication procedure. However, this would require an additional interface between the TURN server and the HSS. Another possibility is to use GBA but this would perhaps be unnecessarily complex considering that the only attack we need to protect against is DoS. W.3.2Reference model Figure W.1 presents the reference model for IMS access when the IMS client uses the firewall traversal mechanism outlined in this section. In case the remote endpoint does not support ICE, the P-CSCF may instruct the IMS-ALG to insert the IMS Access Gateway in the media path and terminate ICE. The procedure is described in TS 24.229 [8] and continues to function in the same way, i.e. the IMS-ALG and IMS-AGW are not impacted by the firewall traversal solution. Note that the media may take several routes depending on which ICE candidates that succeed first. Media will only be relayed through the TURN server if all ICE candidates with higher priority fail. Also note that the STUN server is included in Figure W.1 for sake of completeness. There is no impact on this function. Figure W.1: Reference model for IMS access when firewall traversal is performed using SIP over TCP/TLS and ICE W.3.3Required functions of the UE For firewall traversal of IMS control plane, the IMS client shall implement the following functionality: - support SIP over TLS/TCP on the non-standard port 443 (HTTPS); - support the SIP Digest authentication method according to Annex N; 3GPP 3GPP TS 33.203 V12.67.0 (2014-0609) 126 Release 12
Image of page 126

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
- support the CRLF keep-alive technique defined in RFC 5626 [32] together with the negotiation mechanism defined in RFC 6223 [64]; - support the HTTP CONNECT method in RFC 2817 [X5] for establishing the TLS tunnel with the P-CSCF when the IMS client is configured with an HTTP proxy. For firewall traversal of IMS media plane, the IMS client shall implement the following functionality: - support ICE for UDP and TCP based media streams according to Annex G of TS 23.228 [3]; - support TLS/TCP on non-standard port 443 and TCP on non-standard port 80 for communication with TURN server; - support the HTTP CONNECT method in RFC 2817 [62] for establishing TLS tunnels with the TURN server when the IMS client is configured with an HTTP proxy. Note that the HTTP CONNECT method is only used when the IMS client is configured with an HTTP proxy for outgoing HTTP(S) requests. The way in which the IMS client obtains the proxy address and port is out of scope. W.3.4Required functions of the P-CSCF For firewall traversal of IMS control plane, the P-CSCF shall implement the following functionality: - support SIP over TLS/TCP on the non-standard port 443 (HTTPS); - support the SIP Digest authentication method according to Annex N; -
Image of page 127
Image of page 128
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern