Re: [cnit] CNIT Charter bashing..

"Dwight, Timothy M (Tim)" <timothy.dwight@verizon.com> Fri, 12 June 2015 16:48 UTC

Return-Path: <timothy.dwight@verizon.com>
X-Original-To: cnit@ietfa.amsl.com
Delivered-To: cnit@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 314381A87ED for <cnit@ietfa.amsl.com>; Fri, 12 Jun 2015 09:48:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.711
X-Spam-Level:
X-Spam-Status: No, score=-2.711 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8z78BlG_v5pq for <cnit@ietfa.amsl.com>; Fri, 12 Jun 2015 09:48:33 -0700 (PDT)
Received: from fldsmtpe03.verizon.com (fldsmtpe03.verizon.com [140.108.26.142]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A8081A87CC for <cnit@ietf.org>; Fri, 12 Jun 2015 09:48:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verizon.com; i=@verizon.com; q=dns/txt; s=corp; t=1434127714; x=1465663714; h=from:to:date:subject:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=i/SnMa79OvG9++SGwW41pAsTmz6nSjEbArvEa4us7Jw=; b=W857YY9Bafawm4KJdcZv1NHX4c848T/P7N7f3D0EJ1yXUsFXXxHjUvFM Yih8edn+eA+xKu9qyZ88LktNunrJ2A04qVFMhltt3m6wEbiTmo+g/gHAZ tvLc4O23DyHAtmv4005c4Z69ruKum6kbKCrERVCQvm+P+2FxxY9UIWVwl k=;
X-IronPort-Anti-Spam-Filtered: false
Received: from unknown (HELO fldsmtpi03.verizon.com) ([166.68.71.145]) by fldsmtpe03.verizon.com with ESMTP; 12 Jun 2015 16:48:33 +0000
From: "Dwight, Timothy M (Tim)" <timothy.dwight@verizon.com>
X-IronPort-AV: E=Sophos;i="5.13,602,1427760000"; d="scan'208";a="28216440"
Received: from fhdp1lumxc7hb05.verizon.com (HELO FHDP1LUMXC7HB05.us.one.verizon.com) ([166.68.59.192]) by fldsmtpi03.verizon.com with ESMTP; 12 Jun 2015 16:48:31 +0000
Received: from FHDP1LUMXC7V31.us.one.verizon.com ([166.68.125.32]) by FHDP1LUMXC7HB05.us.one.verizon.com ([166.68.59.192]) with mapi; Fri, 12 Jun 2015 12:47:57 -0400
To: Richard Shockey <richard@shockey.us>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Henning Schulzrinne <Henning.Schulzrinne@fcc.gov>, "philippe.fouquart@orange.com" <philippe.fouquart@orange.com>, "cnit@ietf.org" <cnit@ietf.org>
Date: Fri, 12 Jun 2015 12:47:56 -0400
Thread-Topic: [cnit] CNIT Charter bashing..
Thread-Index: AdClKkUdIXswVnj6RCiRWdrHP1en3AAA+r1Q
Message-ID: <2B0F677F0B95454297753F58D4A07FA30279326B59@FHDP1LUMXC7V31.us.one.verizon.com>
References: <D19F23AD.26CEA%richard@shockey.us> <E42CCDDA6722744CB241677169E8365603614617@MISOUT7MSGUSRDB.ITServices.sbc.com> <9588_1434045613_5579CCAD_9588_574_1_fki5dyxdmgyv92b6hugpfuoy.1434045608655@email.android.com> <E6A16181E5FD2F46B962315BB05962D07D354C94@fcc.gov> <9384_1434103912_557AB068_9384_7221_1_B5939C6860701C49AA39C5DA5189448B14C216E0@OPEXCLILM42.corporate.adroot.infra.ftgroup> <D1A05A04.26E84%richard@shockey.us> <E6A16181E5FD2F46B962315BB05962D07D355543@fcc.gov> <557AE9E4.5030205@cs.tcd.ie> <D1A0761F.26EE1%richard@shockey.us>
In-Reply-To: <D1A0761F.26EE1%richard@shockey.us>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/cnit/aYvstLO26hmhIUu0IIn2YtbHwq0>
Subject: Re: [cnit] CNIT Charter bashing..
X-BeenThere: cnit@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Calling Name Identity Trust discussion list <cnit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cnit>, <mailto:cnit-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cnit/>
List-Post: <mailto:cnit@ietf.org>
List-Help: <mailto:cnit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cnit>, <mailto:cnit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jun 2015 16:48:35 -0000

Rich,

I'm probably not following this right, so bear with me.  In the current paradigm the calling party's name isn't sent in the call request message, right?  But you're proposing that it should be (or optionally could be, whatever).  Doesn't that open up the possibility Mr. Farrell suggested, that some entity that's in the path of the call request message can "see" something he previously could not?

Note that "existing anonymous calling protections" apply to the presentation of information to the user, not necessarily to carriage of information across the network.  The FROM header may be anonymized when the calling user requests privacy, for example, but the P-Asserted-Identity header will not.  So if we were to use the display name in the P-A-ID to carry the calling party name asserted by the originating network, that name would (unless we encrypt it) be "visible" to any network element on the path of the INVITE.  

tim


-----Original Message-----
From: cnit [mailto:cnit-bounces@ietf.org] On Behalf Of Richard Shockey
Sent: Friday, June 12, 2015 10:50 AM
To: Stephen Farrell; Henning Schulzrinne; philippe.fouquart@orange.com; cnit@ietf.org
Subject: Re: [cnit] CNIT Charter bashing..


Henning is right. No one is forcing anything. Existing anonymous calling protections still apply.


Again my point is that is a great many cases Interconnected SIP between NA carriers are covered by other security mechanisms.

Right now your Facetime session is totally in the clear. My concern is we end up going down the rat hole of trying to create perfect end to end security nothing will get done.



On 6/12/15, 10:17 AM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote:

>
>
>On 12/06/15 15:13, Henning Schulzrinne wrote:
>> In almost all cases of interest, the calling party *wants* to 
>> disclose accurate information to the called party, so the privacy 
>> issues don't seem to arise. They would only arise if there was forced 
>> disclosure; I don't think anybody is proposing that.
>
>Privacy issues could also arise if a middlebox could now see sensitive 
>information that it previously could not see. I think that is 
>independent of whether disclosure is desired by either of the 
>endpoints.
>
>S.
>
>_______________________________________________
>cnit mailing list
>cnit@ietf.org
>https://www.ietf.org/mailman/listinfo/cnit


_______________________________________________
cnit mailing list
cnit@ietf.org
https://www.ietf.org/mailman/listinfo/cnit