IETF Logo Mail Archive

Re: [cnit] [stir] draft-peterson-stir-threats-00.txt

"Gorman, Pierce A [NTK]" <Pierce.Gorman@sprint.com> Thu, 07 November 2013 18:40 UTC

Return-Path: <Pierce.Gorman@sprint.com>
X-Original-To: cnit@ietfa.amsl.com
Delivered-To: cnit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1398221E81F1; Thu, 7 Nov 2013 10:40:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.969
X-Spam-Level:
X-Spam-Status: No, score=-2.969 tagged_above=-999 required=5 tests=[AWL=-0.370, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pmnTy8RGuv-U; Thu, 7 Nov 2013 10:40:40 -0800 (PST)
Received: from db9outboundpool.messaging.microsoft.com (mail-db9lp0248.outbound.messaging.microsoft.com [213.199.154.248]) by ietfa.amsl.com (Postfix) with ESMTP id A943421E81E7; Thu, 7 Nov 2013 10:39:27 -0800 (PST)
Received: from mail93-db9-R.bigfish.com (10.174.16.243) by DB9EHSOBE023.bigfish.com (10.174.14.86) with Microsoft SMTP Server id 14.1.225.22; Thu, 7 Nov 2013 18:39:25 +0000
Received: from mail93-db9 (localhost [127.0.0.1]) by mail93-db9-R.bigfish.com (Postfix) with ESMTP id 495F11C0356; Thu, 7 Nov 2013 18:39:25 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:144.229.32.56; KIP:(null); UIP:(null); IPV:NLI; H:pdaasdm1.corp.sprint.com; RD:smtpda1.sprint.com; EFVD:NLI
X-SpamScore: -24
X-BigFish: VS-24(zz98dI9371I542I1fdcIzz1f42h208ch1ee6h1de0h1fdah2073h2146h1202h1e76h1d1ah1d2ah1fc6hzz8275ch1de098h1033IL17326ah8275dh1de097h186068hz2fh109h2a8h839h944hd25hf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h1b0ah224fh1d0ch1d2eh1d3fh1dfeh1dffh1e1dh1fe8h1ff5h2216h1155h)
Received-SPF: pass (mail93-db9: domain of sprint.com designates 144.229.32.56 as permitted sender) client-ip=144.229.32.56; envelope-from=Pierce.Gorman@sprint.com; helo=pdaasdm1.corp.sprint.com ; p.sprint.com ;
Received: from mail93-db9 (localhost.localdomain [127.0.0.1]) by mail93-db9 (MessageSwitch) id 1383849561883559_8282; Thu, 7 Nov 2013 18:39:21 +0000 (UTC)
Received: from DB9EHSMHS025.bigfish.com (unknown [10.174.16.240]) by mail93-db9.bigfish.com (Postfix) with ESMTP id CAB3E3E00A5; Thu, 7 Nov 2013 18:39:21 +0000 (UTC)
Received: from pdaasdm1.corp.sprint.com (144.229.32.56) by DB9EHSMHS025.bigfish.com (10.174.14.35) with Microsoft SMTP Server (TLS) id 14.16.227.3; Thu, 7 Nov 2013 18:39:20 +0000
Received: from PLSWEH03.ad.sprint.com (plsweh03.corp.sprint.com [144.226.242.132]) by pdaasdm1.corp.sprint.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id rA7IdISC000975 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 7 Nov 2013 12:39:18 -0600
Received: from pdawm10a.ad.sprint.com ([144.226.111.33]) by PLSWEH03.ad.sprint.com ([144.226.242.132]) with mapi id 14.03.0123.003; Thu, 7 Nov 2013 12:39:17 -0600
From: "Gorman, Pierce A [NTK]" <Pierce.Gorman@sprint.com>
To: Michael Hammer <michael.hammer@yaanatech.com>, "Henning.Schulzrinne@fcc.gov" <Henning.Schulzrinne@fcc.gov>, "br@brianrosen.net" <br@brianrosen.net>
Thread-Topic: [cnit] [stir] draft-peterson-stir-threats-00.txt
Thread-Index: AQHO2nc0UwzhVvA23kepk+N3A5gBjZoXQFMAgAIHxfuAAI6Z8IAAbRgAgAAH4QCAAAxlAIAADh8AgAAB9wCAAAFPgIAAAa+AgAAUxyA=
Date: Thu, 07 Nov 2013 18:39:17 +0000
Message-ID: <B4C06A5710F0ED4583B3CF5E9C6B21D85515D116@PDAWM10A.ad.sprint.com>
References: <B4C06A5710F0ED4583B3CF5E9C6B21D855159DAC@PDAWM10A.ad.sprint.com> <CE9EE40A.2DA2E%fmousinh@cisco.com> <013601cedaf3$a05d72f0$e11858d0$@shockey.us> <0FDE6309-92B1-4031-AF72-2EDC11A5FE9E@brianrosen.net> <02e301cedb34$af790790$0e6b16b0$@shockey.us> <8285AA4C-2E08-46F7-B3A3-892FF793486E@brianrosen.net> <B4C06A5710F0ED4583B3CF5E9C6B21D85515B88F@PDAWM10A.ad.sprint.com> <E6A16181E5FD2F46B962315BB05962D01FC237B6@fcc.gov> <00C069FD01E0324C9FFCADF539701DB3BBEF7D86@sc9-ex2k10mb1.corp.yaanatech.com> <E6A16181E5FD2F46B962315BB05962D01FC238EE@fcc.gov> <6A94C6CF-69F6-42D9-9A6C-32361A0A4755@brianrosen.net> <00C069FD01E0324C9FFCADF539701DB3BBEF7E71@sc9-ex2k10mb1.corp.yaanatech.com> <E6A16181E5FD2F46B962315BB05962D01FC23ABC@fcc.gov> <00C069FD01E0324C9FFCADF539701DB3BBEF7EFE@sc9-ex2k10mb1.corp.yaanatech.com>
In-Reply-To: <00C069FD01E0324C9FFCADF539701DB3BBEF7EFE@sc9-ex2k10mb1.corp.yaanatech.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.229.76.114]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sprint.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Cc: "stir@ietf.org" <stir@ietf.org>, "cnit@ietf.org" <cnit@ietf.org>, "richard@shockey.us" <richard@shockey.us>, "fmousinh@cisco.com" <fmousinh@cisco.com>
Subject: Re: [cnit] [stir] draft-peterson-stir-threats-00.txt
X-BeenThere: cnit@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Calling Name Identity Trust discussion list <cnit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cnit>, <mailto:cnit-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cnit>
List-Post: <mailto:cnit@ietf.org>
List-Help: <mailto:cnit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cnit>, <mailto:cnit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 18:40:56 -0000

The issues we keep circling are trust and value.

For practical reasons, carriers are going to continue to want to use CNAM clearinghouse information providers, and consumers are going to continue to want better information.  If the consumes are like me, they're going to be willing to pay a little extra to get better information, or be unwilling to pay but willing to just deal with liars calling.  Nobody is forced to answer or to believe anything they're told if they do answer.

Mechanisms are already in place to support real-time per-call per-subscriber 3rd party telecommunications services.  If KPMG or Prudential started offering information security services for CNAM, I'd pay for it.

IMHO, the focus of STIR and CNIT WGs should be mechanisms which 1) validate that a calling number is authentic (not trustworthy), and 2) provide a carrier or CNAM provider a key for retrieving (potentially untrustworthy)  information that has been associated with that calling number.

Ensuring the trustworthiness of the calling number or the information associated with the calling number should not be the domain of the IETF.

If trustworthiness of information is VALUABLE (and we've described multiple examples of this being so), then the marketplace can determine how the value is to be extracted and applied.

Pierce

-----Original Message-----
From: Michael Hammer [mailto:michael.hammer@yaanatech.com]
Sent: November 07, 2013 11:21 AM
To: Henning.Schulzrinne@fcc.gov; br@brianrosen.net
Cc: stir@ietf.org; Gorman, Pierce A [NTK]; fmousinh@cisco.com; cnit@ietf.org; richard@shockey.us
Subject: Re: [cnit] [stir] draft-peterson-stir-threats-00.txt

Agree, the user may trust the carrier or someone like FTC or FCC.

But, if it goes beyond a small handful, forget it.



Bottom line, the average user needs to know that someone has actually

gone to the business site and knocked on the door, met the people,

and seen that it is a real business.

Not, just some fly-by-night operation that logged into some website.



Mike





From: Henning Schulzrinne [mailto:Henning.Schulzrinne@fcc.gov]
Sent: Thursday, November 07, 2013 12:15 PM
To: Michael Hammer; br@brianrosen.net
Cc: Pierce.Gorman@sprint.com; richard@shockey.us; stir@ietf.org; fmousinh@cisco.com; cnit@ietf.org
Subject: RE: [stir] draft-peterson-stir-threats-00.txt



The user shouldn't and wouldn't - they would trust a third party (often, their carrier, I suspect) to figure out who can attest to the bankiness of a bank. This is not new - there are a number of existing outfits that do this for web sites. (Example: Avast has a bar graph that shows trustworthiness.)





From: Michael Hammer [mailto:michael.hammer@yaanatech.com]
Sent: Thursday, November 07, 2013 12:10 PM
To: br@brianrosen.net; Henning Schulzrinne
Cc: Pierce.Gorman@sprint.com; richard@shockey.us; stir@ietf.org; fmousinh@cisco.com; cnit@ietf.org
Subject: RE: [stir] draft-peterson-stir-threats-00.txt



So, how does the average user know who is an authority?

(Note, we are not designing for IETF geniuses here.)



Is some well-known central authority going to certify all of these?

Are each of these going to cross-certify all the others? (federated model)



We need to always answer that fundamental user question:

Why should I TRUST this information?



Mike





From: Brian Rosen [mailto:br@brianrosen.net]
Sent: Thursday, November 07, 2013 12:03 PM
To: Henning Schulzrinne
Cc: Michael Hammer; Pierce.Gorman@sprint.com; Richard Shockey; stir@ietf.org; fmousinh@cisco.com; cnit@ietf.org
Subject: Re: [stir] draft-peterson-stir-threats-00.txt



Right.  I believe we can do this pretty easily.  We probably could have a
100 categories that would have similar authorities, and there are classifications maintained by folks like Dun Bradstreet that can go even farther.



What I think would be substantially harder is to validate an entire V/X/J card.  How is a validator to know your nickname is Fluffy?  Name, phone number and, if a business, a classification, yes, we can do that.  Content of a business card - very hard.



Brian





On Nov 7, 2013, at 8:12 AM, Henning Schulzrinne <Henning.Schulzrinne@fcc.gov> wrote:



Yes, that's a problem, but as long as the number of categories is small, you can build UIs that only render information that's appropriate to the declaration. For practical reasons, I think the number of useful categories is likely going to be fairly limited:

-          Financial institution (FDIC and a few others)

-          Health care (each health care facility has a gov't number)

-          Charity (501c3, state registered)

-          Contractor (state-licensed)

-          Public safety organization (police, fire)

-          Lawyer (bar association)

-          Local, state and federal government (.gov in the US)



I suspect that list encompasses a large fraction of the fraudulent
(impersonation) calls. For all of the above, at least within a country, it's pretty clear who can attest to the membership. Yes, this requires some UI work or some server logic, but these categories and the organizations don't change all that often - in most cases, the certifying entities have probably been the same for the past 50+ years. I'm not as worried about figuring out whether the beautician, mortician or florist is licensed and properly identified, although I'm sure we can all come up with potential fraud stories.



From: Michael Hammer [mailto:michael.hammer@yaanatech.com]
Sent: Thursday, November 07, 2013 10:28 AM
To: Henning Schulzrinne; Pierce.Gorman@sprint.com; br@brianrosen.net; richard@shockey.us
Cc: stir@ietf.org; fmousinh@cisco.com; cnit@ietf.org
Subject: RE: [stir] draft-peterson-stir-threats-00.txt



So, would you trust a certificate from the City of Reston, Virginia police department?



(Hint:  you can find Reston on a map, but there is no City of Reston.

  The only police are Fairfax County.)



My concern is that one you dilute or disperse authority, it becomes a free-for-all again, and anybody's guess.



Mike





From:  <mailto:stir-bounces@ietf.org> stir-bounces@ietf.org [ <mailto:stir-bounces@ietf.org> mailto:stir-bounces@ietf.org] On Behalf Of Henning Schulzrinne
Sent: Thursday, November 07, 2013 10:00 AM
To: 'Gorman, Pierce A [NTK]'; Brian Rosen; Richard Shockey
Cc:  <mailto:stir@ietf.org> stir@ietf.org List; Fernando Mousinho (fmousinh);  <mailto:cnit@ietf.org> cnit@ietf.org
Subject: Re: [stir] draft-peterson-stir-threats-00.txt



As a thought experiment, Kumiko Ono and I had published a draft



 <http://tools.ietf.org/html/draft-ono-dispatch-attribute-validation-00>
http://tools.ietf.org/html/draft-ono-dispatch-attribute-validation-00



to allow third parties to validate property information. If the validating party (e.g., a bank regulator) is willing to sign a certificate, similar in spirit to the framed gold-leaf diplomas in your dentist's office or, more lowly, to the health departments rating in a restaurant window, and it can be tied to a phone number, this shouldn't be too hard.



It's a bit harder if the certifying authority (regulator, Realtor board, local bar association, .) is not involved.



Henning



From:  <mailto:cnit-bounces@ietf.org> cnit-bounces@ietf.org <mailto:[mailto:cnit-bounces@ietf.org]> [mailto:cnit-bounces@ietf.org] On Behalf Of Gorman, Pierce A [NTK]
Sent: Thursday, November 07, 2013 9:54 AM
To: Brian Rosen; Richard Shockey
Cc:  <mailto:stir@ietf.org> stir@ietf.org List;  <mailto:cnit@ietf.org> cnit@ietf.org; Fernando Mousinho (fmousinh)
Subject: Re: [cnit] [stir] draft-peterson-stir-threats-00.txt



I'll admit I am not familiar with v/x/jcard encoding differences or the implications of their use so I'll encourage educating me if it isn't too onerous.



I'm not sure what is the concern with a 3rd party providing "validation"
though.  There are numerous examples of 3rd parties providing validation of information including NASDAQ, NYSE, Barron's, Moody's, and the federal reserve banking system to name a few.



Pierce



From: Brian Rosen [ <mailto:br@brianrosen.net> mailto:br@brianrosen.net]
Sent: November 06, 2013 11:59 PM
To: Richard Shockey
Cc: Fernando Mousinho (fmousinh); Gorman, Pierce A [NTK]; <mailto:stir@ietf.org> stir@ietf.org List;  <mailto:cnit@ietf.org> cnit@ietf.org
Subject: Re: [stir] draft-peterson-stir-threats-00.txt



I think this would be a heavy lift.



If the responsible entity was a carrier, then it would have to validate the data, which it has very little basis to validate.  It could get a 3rd party to do the validation, but then it's putting its reputation on the back of some hired hand validator.



If the responsibility is the end user/device, then the signature has no value.



I do not argue that Call-Info is suitable,  it is.



I do question JCARD vs xCard, but that's an encoding detail.  All of SIP Is XML described by schema, not json.



Brian



On Nov 6, 2013, at 1:10 PM, Richard Shockey < <mailto:richard@shockey.us> richard@shockey.us> wrote:



URI for a JCARD in the CALL INFO header provisioned by the calling party and ultimately signed by the responsible entity.  The carrier could provision this for their mobile or hosted customers.  Enterprises could do this themselves.  This also has advantages in Enterprise to Enterprise UC as well where the data is derived from the Enterprise "directory" and could facilitate end to end PPX to PBX communications especially in point to point video communications.



There are certainly privacy and security issues to be addressed.  The Push vs Pull model.  This really would be PII in the clear but then its done voluntarily.



There would have to be some work around restructuring the Header and adding some parameters but it's underutilized right now and this Use Case is a perfectly appropriate use.



 <https://tools.ietf.org/html/draft-ietf-jcardcal-jcard-06>
https://tools.ietf.org/html/draft-ietf-jcardcal-jcard-06



Obviously it would need to be signed but we don't need to worry about that ..yet.



________________________________

This e-mail may contain Sprint proprietary information intended for the sole use of the recipient(s). Any use by others is prohibited. If you are not the intended recipient, please contact the sender and delete all copies of the message.

v2.23.0 | Report a Bug | By Email