IETF Logo Mail Archive

Re: [cnit] CNIT Charter bashing..

Richard Shockey <richard@shockey.us> Mon, 25 May 2015 21:51 UTC

Return-Path: <richard@shockey.us>
X-Original-To: cnit@ietfa.amsl.com
Delivered-To: cnit@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 438E31A9029 for <cnit@ietfa.amsl.com>; Mon, 25 May 2015 14:51:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.701
X-Spam-Level:
X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PGJMalXoqufs for <cnit@ietfa.amsl.com>; Mon, 25 May 2015 14:51:17 -0700 (PDT)
Received: from qproxy4-pub.mail.unifiedlayer.com (qproxy4-pub.mail.unifiedlayer.com [66.147.248.250]) by ietfa.amsl.com (Postfix) with SMTP id DFBC91A9009 for <cnit@ietf.org>; Mon, 25 May 2015 14:51:16 -0700 (PDT)
Received: (qmail 4968 invoked by uid 0); 25 May 2015 21:51:12 -0000
Received: from unknown (HELO cmgw4) (10.0.90.85) by qproxy4.mail.unifiedlayer.com with SMTP; 25 May 2015 21:51:12 -0000
Received: from box462.bluehost.com ([74.220.219.62]) by cmgw4 with id YTPw1q0031MNPNq01TPzmM; Mon, 25 May 2015 21:24:01 -0600
X-Authority-Analysis: v=2.1 cv=D8zUdJhj c=1 sm=1 tr=0 a=jTEj1adHphCQ5SwrTAOQMg==:117 a=jTEj1adHphCQ5SwrTAOQMg==:17 a=cNaOj0WVAAAA:8 a=f5113yIGAAAA:8 a=yfQaRmzNqocA:10 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=ZZnuYtJkoWoA:10 a=8WrITzYgnNwA:10 a=HGEM6zKYvpEA:10 a=h1PgugrvaO0A:10 a=PeFO9FbFhS32YxYntvkA:9 a=dci_DRCyiIAA:10 a=CiRkrLRW1GAA:10 a=iycWLhIX580A:10 a=pGLkceISAAAA:8 a=ll-iCDY8AAAA:8 a=M0OflfRGAAAA:8 a=48vgC7mUAAAA:8 a=5b3Chl7SFygC0E7W7ScA:9 a=pOC0elmASihGrJeA:21 a=O3nCA2uf2CyiiQU8:21 a=wPNLvfGTeEIA:10 a=ivbTfD_dPm4A:10 a=-FEs8UIgK8oA:10 a=NWVoK91CQyQA:10 a=OtSP2khXrCftyCH1UqcA:9 a=Lp4GW45GXksn2Ej1:21 a=iVek6wMaWXj_g7d7:21 a=VvqDqTHEcdcI2ZSi:21 a=_W_S_7VecoQA:10
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=shockey.us; s=default; h=Content-type:Mime-version:In-Reply-To:References:Message-ID:To:From:Subject:Date; bh=wzKmgnayvhaAD/qvo/T81YDAy7tku+L+GEfFqGOEP5s=; b=dJif6OUTGEoz9rD28fLkjy7nvuNtFhWoPYgxi3K6R4XEFRXRUl1CuNAEFgYM3WtevYqCDYbsmf6f8nY4Knez2IJ8jRNsNlAAUo1PRtRDOLRb4K5Xgq1eFFTIxhYDk6Ll;
Received: from [108.56.131.201] (port=50135 helo=[192.168.1.12]) by box462.bluehost.com with esmtpa (Exim 4.84) (envelope-from <richard@shockey.us>) id 1Ywzxi-0005lk-Kq for cnit@ietf.org; Mon, 25 May 2015 15:31:07 -0600
User-Agent: Microsoft-MacOutlook/14.5.0.150423
Date: Mon, 25 May 2015 17:31:02 -0400
From: Richard Shockey <richard@shockey.us>
To: cnit@ietf.org
Message-ID: <D1890314.25B94%richard@shockey.us>
Thread-Topic: [cnit] CNIT Charter bashing..
References: <D13EDE15.22E45%richard@shockey.us> <CAHBDyN7KX9dPTHiuWGk-yqqkDt+LYqnDwY_pBWpnLdJFCMvPeg@mail.gmail.com> <CAHBDyN5KZpiA4bU_gvcB+Wk0Bv9AS0+bvU9OsCS3OpMDbUGchA@mail.gmail.com>
In-Reply-To: <CAHBDyN5KZpiA4bU_gvcB+Wk0Bv9AS0+bvU9OsCS3OpMDbUGchA@mail.gmail.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3515419866_229140"
X-Identified-User: {3286:box462.bluehost.com:shockeyu:shockey.us} {sentby:smtp auth 108.56.131.201 authed with richard+shockey.us}
Archived-At: <http://mailarchive.ietf.org/arch/msg/cnit/8nipiBHVOhrhA2N4-gcwUNWv0UI>
Subject: Re: [cnit] CNIT Charter bashing..
X-BeenThere: cnit@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Calling Name Identity Trust discussion list <cnit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cnit>, <mailto:cnit-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cnit/>
List-Post: <mailto:cnit@ietf.org>
List-Help: <mailto:cnit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cnit>, <mailto:cnit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 May 2015 21:51:22 -0000


From:  Mary Barnes <mary.ietf.barnes@gmail.com>
Date:  Friday, May 22, 2015 at 12:58 PM
To:  Richard Shockey <richard@shockey.us>
Subject:  Re: [cnit] CNIT Charter bashing..

Attached is what I have at this point. Really, the only thing I'm struggling
with is the milestones as I don't think we can request publication of the
data object and headers without having defined the trust model.


RS> Mary I¹m not sure about that statement. I can certainly anticipate
several deployment models where the trust mechanism (aka signing) does not
need to be formally integrated in the solution especially those where the
exchange of data is more bi-lateral and the trust mechanism is at lower
layers of the stack than the signaling. My initial concern  is what is the
header and what is the data object(s) carried in the header. How the CNIT
data is created should not be our concern.

I totally agree that the more narrow the scope aka MARTINI the greater the
chance of success and early deployments.

I¹ll have more comments about the charter shortly.


 However, I think it's important that we're clear that we anticipate getting
the proposed mechanism defined early and then hammer out the trust model.
We could just do two milestones which is what Martini did: 1) Problem
Statement and Requirements and 2) Solution.  The charter provides the
detailed deliverables in the body earlier and I'm not sure that we would
want things in separate documents UNLESS we think those mechanisms could be
used for other things. But, I don't think so - I think the trust model has
to be ingrained with those.

Let me know your thoughts.

Regards,
Mary.

On Fri, May 22, 2015 at 11:11 AM, Mary Barnes <mary.ietf.barnes@gmail.com>
wrote:
> Just FYI, I'm working on updates to this charter and will ship to you shortly
> for review.  We can then repost on CNIT/DISPATCH and see if we can get this
> wrapped up.  I will separately ping Ben and let him know that this ought to be
> ready for him to send to the IESG soon and stress the importance of doing this
> work in the IETF and the careful selection of chairs.
> 
> Regards,
> Mary.
> 
> On Mon, Mar 30, 2015 at 10:03 AM, Richard Shockey <richard@shockey.us> wrote:
>> 
>> My running assumption after DISPATCH last week is we have a conditional go
>> ahead to proceed to a WG if we can answer the questions posed which, if
>> memory serves me,
>> 
>> A. Refine and or further define the problem we are trying to solve.
>> 
>> B. Include into the requirements the Trust Validation concept.  I presume
>> Brian is willing to help edit text on that.
>> 
>> I do have a issue for the AD¹s. I really want to know up front if we have to
>> define a new header here.
>> 
>> I would like to know in advance the level of torture we are going to have to
>> deal with.
>> 
>> 
>> ************
>> CNIT Charter [Calling Name Identity Trust]
>>  
>> WG Chairs TBD:
>>  
>> Calling Name Delivery [CNAM] is currently a string of 15 ASCII and/or
>> potentially 50 characters of information associated with a specific E.164
>> calling party number in the Public Switched Telephone Network [PSTN] as
>> defined in ITU-T Recommendation I.251.9. This PSTN data is sent by the
>> originating network only at the specific request of the terminating network
>> via a SS7 Transaction Application Part [TCAP] response message.  In the
>> Session Initiation Protocol [SIP] this information can be inserted into the
>> FROM: part of the originating INVITE message or imbedded in the Provider
>> Asserted Identity [PAI] header.
>>  
>> As with the originating source telephone number, this data can be altered in
>> transit creating a variety of malicious abuses similar to the ones identified
>> by the IETF STIR working group.
>>  
>> The purpose of the CNIT working group will be to define a data structure, a
>> new SIP header or repurpose an existing SIP header to carry an advanced
>> form(s) of trusted multi media CNAM as well as information from a STIR
>> Validation Authority.  The purpose of this work is to present to the SIP
>> called party trusted information from the calling party in order that the
>> called party make a more reasoned and informed judgment on whether to accept
>> the INVITE or not.
>>  
>> The working group will not invalidate any existing SIP mechanism for
>> anonymous calling.
>>  
>> The working group will not define registration, provisioning or data query
>> response mechanisms for the creation and storage of the CNIT data object(s) .
>>  
>> The working group will, to the best of its ability, reuse existing IETF
>> protocols.
>>  
>> Full Internationalization of the Calling Name Identity Trust data object(s)
>> is a requirement.
>>  
>> The working group will closely work with the IETF STIR working group
>>  
>> The working group will immediately liaison with 3GPP SA-1 and other
>> appropriate SDO¹s in order to coordinate efforts.
>>  
>> The working group will coordinate with National Numbering Authorities and
>> National Regulatory Authorities as needed.
>>  
>> The working group will deliver the flowing.
>>  
>> ·     A problem statement and requirements detailing the current deployment
>> environment and situations that motivate work on Calling Name Identity Trust.
>> 
>> ·     Define either a new SIP header or document a repurpose of an SIP
>> existing header for Calling Name Identify Trust data
>> 
>> ·     Define a data model for the Calling Name Identity Trust object (s)
>> which may include various forms of multimedia data.
>> 
>> ·     Define a Trust Mechanism for CNIT data. (Brian text?)
>> 
>> ·     Deliver an analysis of privacy implications of the proposed Calling
>> Name Identity Trust mechanism.
>> 
>>  
>>  
>> Milestones:
>>  
>> January 2016 : Problem Statement and Requirements for Calling Name Identity
>> Trust
>>  
>> April 2016 : Data Objects and SIP headers for Calling Name Identity Trust
>>  
>> November 2016 :  Trust Mechanism for Calling Name Identity Trust
>>  
>>  
>>  
>>  
>> ‹ 
>> Richard Shockey
>> Shockey Consulting LLC
>> Chairman of the Board SIP Forum
>> www.shockey.us <http://www.shockey.us>
>> www.sipforum.org <http://www.sipforum.org>
>> richard<at>shockey.us <http://shockey.us>
>> Skype-Linkedin-Facebook rshockey101
>> PSTN +1 703-593-2683 <tel:%2B1%20703-593-2683>
>> 
>> 
>> _______________________________________________
>> cnit mailing list
>> cnit@ietf.org
>> https://www.ietf.org/mailman/listinfo/cnit
>> 
>

v2.23.0 | Report a Bug | By Email