Re: [cnit] CNIT Charter bashing..
Henning Schulzrinne <Henning.Schulzrinne@fcc.gov> Tue, 30 June 2015 02:28 UTC
Return-Path: <Henning.Schulzrinne@fcc.gov>
X-Original-To: cnit@ietfa.amsl.com
Delivered-To: cnit@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58EA51B2F42 for <cnit@ietfa.amsl.com>; Mon, 29 Jun 2015 19:28:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YoQzqL-Sjha6 for <cnit@ietfa.amsl.com>; Mon, 29 Jun 2015 19:28:15 -0700 (PDT)
Received: from DC-IP-1.fcc.gov (dc-ip-1.fcc.gov [192.104.54.97]) by ietfa.amsl.com (Postfix) with ESMTP id 362891B2F3F for <cnit@ietf.org>; Mon, 29 Jun 2015 19:28:15 -0700 (PDT)
Message-ID: <E6A16181E5FD2F46B962315BB05962D08544B6D1@fcc.gov>
From: Henning Schulzrinne <Henning.Schulzrinne@fcc.gov>
To: "Peterson, Jon" <jon.peterson@neustar.biz>
Thread-Topic: [cnit] CNIT Charter bashing..
Thread-Index: AQHQpF27t1IjTQnD9Ee6If5FuC7/752nvtOAgAAcbYD//73Z54ABUaEAgAA9LQD//8LlU4AARHQAgAAZ6QCAAArCAIAAB9cAgAAPTgCAABkwgP//7x3tADGHMBAAITkHRAAICivQADuTr0wACUe6gALCtpOA///oz+Q=
Date: Tue, 30 Jun 2015 02:28:13 +0000
References: <D19F23AD.26CEA%richard@shockey.us> <E42CCDDA6722744CB241677169E8365603614617@MISOUT7MSGUSRDB.ITServices.sbc.com> <9588_1434045613_5579CCAD_9588_574_1_fki5dyxdmgyv92b6hugpfuoy.1434045608655@email.android.com> <E6A16181E5FD2F46B962315BB05962D07D354C94@fcc.gov> <9384_1434103912_557AB068_9384_7221_1_B5939C6860701C49AA39C5DA5189448B14C216E0@OPEXCLILM42.corporate.adroot.infra.ftgroup> <D1A05A04.26E84%richard@shockey.us> <E6A16181E5FD2F46B962315BB05962D07D355543@fcc.gov> <557AE9E4.5030205@cs.tcd.ie> <D1A0761F.26EE1%richard@shockey.us> <15E9AA29-E9F1-4DA6-ADA4-E201F8F07B7A@brianrosen.net> <2B0F677F0B95454297753F58D4A07FA30279326B72@FHDP1LUMXC7V31.us.one.verizon.com> <53A932AB-5E5D-41C0-895F-21EC1D4B17D5@brianrosen.net> <2B0F677F0B95454297753F58D4A07FA30279326CB7@FHDP1LUMXC7V31.us.one.verizon.com> <E6A16181E5FD2F46B962315BB05962D07D3558A5@fcc.gov> <2B0F677F0B95454297753F58D4A07FA30279326E8D@FHDP1LUMXC7V31.us.one.verizon.com> <E6A16181E5FD2F46B962315BB05962D07D35C213@fcc.gov> <2B0F677F0B95454297753F58D4A07FA30279326EC8@FHDP1LUMXC7V31.us.one.verizon.com> <E6A16181E5FD2F46B962315BB05962D07D35E829@fcc.gov> <D1A4C8C9.2720D%richard@shockey.us>, <D1B6E341.1549D9%jon.peterson@neustar.biz>
In-Reply-To: <D1B6E341.1549D9%jon.peterson@neustar.biz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/cnit/EZgx-hl0noAmJfLBt9_bkskPMEA>
Cc: "cnit@ietf.org" <cnit@ietf.org>
Subject: Re: [cnit] CNIT Charter bashing..
X-BeenThere: cnit@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Calling Name Identity Trust discussion list <cnit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cnit>, <mailto:cnit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cnit/>
List-Post: <mailto:cnit@ietf.org>
List-Help: <mailto:cnit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cnit>, <mailto:cnit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2015 02:28:17 -0000
I was wondering if it would work to have two STIR headers, with the second binding the phone number to the display name (and other SIP headers, to prevent replay). Obviously, downstream validating parties have to have a reason to trust the signing party, but that always seems to be the case when you don't have the number signer as the implied originating carrier computing the signature. ________________________________________ From: Peterson, Jon [jon.peterson@neustar.biz] Sent: Monday, June 29, 2015 7:47 PM To: Richard Shockey; Henning Schulzrinne; Dwight, Timothy M (Tim) Cc: cnit@ietf.org Subject: Re: [cnit] CNIT Charter bashing.. It's not clear to me that we need any STIR-like mechanisms to be in place before embarking on CNIT. What I've basically written in to STIR is an extension field that CNIT could use to hook into the signature. All it would require is that CNIT create a specification (as currently written, a Standards Track RFC) that designates what the field(s) that will be signed, and then the necessary procedures and so on. Fundamentally I agree that hooking CNIT into STIR will only provide part of a solution. There are going to be cases when the entity that originates (or signs) SIP signaling is not going to be the right party to attest to the proper display name for a user. Architecturally, what I'd probably prefer is to think about this work as designing a small, but somewhat extensible block of information which someone could sign. Small enough that it could fit in a SIP message, and be signed there by hooking into the STIR extension field. But also something that could be carried by an external protocol for those cases when the STIR signer might not be the authority on the display name. Maybe the STIR signer would fetch it via that external protocol, and then pass along the signature of the authority from whom they acquired it, in addition to signing it themselves. Or maybe the recipient would use the external protocol if there is no STIR hook. If we build a system with roughly those qualities, and focus more on the info block than on how it gets transported necessarily, I think we'll do some valuable work. Jon Peterson Neustar, Inc. On 6/15/15, 3:32 PM, "Richard Shockey" <richard@shockey.us> wrote: > >Tim Henning .. This is uniquely timely and important because the SIP Forum >is at this moment attempting to revise its SIPConnect Recommendation for >PBX / hosted to SSP interface where the data may be originated by the >enterprise and it needs to be treated in some way by the NNI. (hopefully >maybe not stripped if its seen in the FROM or P-AI) > >Its a complication but not insurmountable. It clearly shows we need to >rethink the charter and look at some baby steps vs demanding that all the >STIR like mechanisms be in place before there is progress. > > > >‹ >Richard Shockey >Shockey Consulting LLC >Chairman of the Board SIP Forum >www.shockey.us >www.sipforum.org >richard<at>shockey.us >Skype-Linkedin-Facebook rshockey101 >PSTN +1 703-593-2683 > > > > > >On 6/15/15, 6:11 PM, "Henning Schulzrinne" <Henning.Schulzrinne@fcc.gov> >wrote: > >>Agreed that the terminating carrier can provide added value, e.g., by >>linking to other information. You could imagine mapping numbers to BBB >>information, or databases or registered charities, or Yelp... I am >>somewhat surprised that this isn't happening already more broadly. >> >>________________________________________ >>From: Dwight, Timothy M (Tim) [timothy.dwight@verizon.com] >>Sent: Sunday, June 14, 2015 1:58 PM >>To: Henning Schulzrinne >>Cc: cnit@ietf.org >>Subject: RE: [cnit] CNIT Charter bashing.. >> >>Henning, >> >>I'm not sure 'carrier B' would in the "in-band case" have no incentive to >>use a 3rd party service. It might be that the 3rd party service provides >>additional information and/or is considered more trustworthy than whoever >>provided the in-band information. We can (and I hope will) change the >>incentives. I think it would be a reasonable objective to carry whatever >>content is deemed "necessary" to serve the public, in-band. If people >>want to operate databases full of calling party's cat pictures, and >>Carrier B wants to provide this to their customer (or allow their >>customer to obtain it themselves, e.g., provide them a link to it) that's >>all OK with me. >> >>I agree with you about the importance of being able to know >>unambiguously, who inserted the information. >> >>Tim >> >>_______________________________________________ >>cnit mailing list >>cnit@ietf.org >>https://www.ietf.org/mailman/listinfo/cnit > > >_______________________________________________ >cnit mailing list >cnit@ietf.org >https://www.ietf.org/mailman/listinfo/cnit
- [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Eric Burger
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Brian Rosen
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. DOLLY, MARTIN C
- Re: [cnit] CNIT Charter bashing.. philippe.fouquart
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. DOLLY, MARTIN C
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. philippe.fouquart
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. philippe.fouquart
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Stephen Farrell
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Brian Rosen
- Re: [cnit] CNIT Charter bashing.. Dwight, Timothy M (Tim)
- Re: [cnit] CNIT Charter bashing.. Dwight, Timothy M (Tim)
- Re: [cnit] CNIT Charter bashing.. Brian Rosen
- Re: [cnit] CNIT Charter bashing.. Dwight, Timothy M (Tim)
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Brian Rosen
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Dwight, Timothy M (Tim)
- Re: [cnit] CNIT Charter bashing.. Dwight, Timothy M (Tim)
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] CNIT Charter bashing.. Dwight, Timothy M (Tim)
- Re: [cnit] CNIT Charter bashing.. Dwight, Timothy M (Tim)
- [cnit] Who says I am me? I say it is me. I have n… Eric Burger
- Re: [cnit] CNIT Charter bashing.. Dwight, Timothy M (Tim)
- Re: [cnit] Who says I am me? I say it is me. I ha… Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Richard Shockey
- Re: [cnit] Who says I am me? I say it is me. I ha… Dwight, Timothy M (Tim)
- Re: [cnit] CNIT Charter bashing.. Peterson, Jon
- Re: [cnit] CNIT Charter bashing.. Henning Schulzrinne
- Re: [cnit] CNIT Charter bashing.. Peterson, Jon