Re: [cnit] [stir] draft-peterson-stir-threats-00.txt
Brian Rosen <br@brianrosen.net> Thu, 07 November 2013 17:36 UTC
Return-Path: <br@brianrosen.net>
X-Original-To: cnit@ietfa.amsl.com
Delivered-To: cnit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4FCB11E818D for <cnit@ietfa.amsl.com>; Thu, 7 Nov 2013 09:36:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.598
X-Spam-Level:
X-Spam-Status: No, score=-103.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UqPcHLbWyP09 for <cnit@ietfa.amsl.com>; Thu, 7 Nov 2013 09:36:43 -0800 (PST)
Received: from mail-qc0-f179.google.com (mail-qc0-f179.google.com [209.85.216.179]) by ietfa.amsl.com (Postfix) with ESMTP id D752E11E8149 for <cnit@ietf.org>; Thu, 7 Nov 2013 09:36:42 -0800 (PST)
Received: by mail-qc0-f179.google.com with SMTP id k18so698308qcv.24 for <cnit@ietf.org>; Thu, 07 Nov 2013 09:36:39 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:message-id:references:to; bh=x5uzqivUQfvyBiDhdBdIj6Oje9NxSD5KA+jXAlf+7nQ=; b=jdbDtoiXWdpDJtD6J/bMwLi04ct7YIfZHnrLre/eUAvP63Whmz9GeXAM1K/kcCgIku wiQ9RjzggW22m1LpjJ7z6ohv2Y7D/Sks4D/eo+7UMH19O4DRxfxs0aOeV2d4Lp8uSAhy g3bGcEdG5/9Q6OmNg/7Lk4m4QRdcDitLPs6BfoiIpv1XObJVzoVFlA7EOQpghPlogOpq FP79kWkgAZXfL0j4UtibHI1bpDJ67ZgY/wJmEFhdkZq8kvDniLlrmHkAAYcrkCZQ5uyZ 2gyqY8k5KITGGy+Btw/Ll97Xx2uSVPuCKTLEFPPehif5IMCVYkWSIHWyxySTr9Mu/oYI SO6Q==
X-Gm-Message-State: ALoCoQk0yRH05fIYT7xPRI7QaVvOW0w/mqDlFTRP338GrvJr1ToAKtQulF6YrA4+8j8ywaOvzHK8
X-Received: by 10.49.17.98 with SMTP id n2mr14928353qed.61.1383845799482; Thu, 07 Nov 2013 09:36:39 -0800 (PST)
Received: from wireless-a-v6.meeting.ietf.org ([2001:67c:370:176:9d97:144b:5e61:753]) by mx.google.com with ESMTPSA id r5sm9638671qeh.1.2013.11.07.09.36.37 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 07 Nov 2013 09:36:38 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_BD7413B8-CF2E-46DB-BB3E-FFC9F29C022E"
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1816\))
From: Brian Rosen <br@brianrosen.net>
In-Reply-To: <527BCB5F.1080001@bbn.com>
Date: Thu, 07 Nov 2013 09:36:34 -0800
Message-Id: <2E8BE11E-4010-4BFE-9FD1-3ABE04E2265B@brianrosen.net>
References: <B4C06A5710F0ED4583B3CF5E9C6B21D855159DAC@PDAWM10A.ad.sprint.com> <CE9EE40A.2DA2E%fmousinh@cisco.com> <013601cedaf3$a05d72f0$e11858d0$@shockey.us> <0FDE6309-92B1-4031-AF72-2EDC11A5FE9E@brianrosen.net> <02e301cedb34$af790790$0e6b16b0$@shockey.us> <8285AA4C-2E08-46F7-B3A3-892FF793486E@brianrosen.net> <B4C06A5710F0ED4583B3CF5E9C6B21D85515B88F@PDAWM10A.ad.sprint.com> <E6A16181E5FD2F46B962315BB05962D01FC237B6@fcc.gov> <527BCB5F.1080001@bbn.com>
To: Stephen Kent <kent@bbn.com>
X-Mailer: Apple Mail (2.1816)
Cc: cnit@ietf.org
Subject: Re: [cnit] [stir] draft-peterson-stir-threats-00.txt
X-BeenThere: cnit@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Calling Name Identity Trust discussion list <cnit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cnit>, <mailto:cnit-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cnit>
List-Post: <mailto:cnit@ietf.org>
List-Help: <mailto:cnit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cnit>, <mailto:cnit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 17:36:47 -0000
Yes, but we might be able to thread certification of various aspects to a single identity that we can use to coalesce the information. That identity COULD be the phone number (using proof of possession), but I suspect that isn’t quite enough. Brian On Nov 7, 2013, at 9:18 AM, Stephen Kent <kent@bbn.com> wrote: > Henning, > >> As a thought experiment, Kumiko Ono and I had published a draft >> >> http://tools.ietf.org/html/draft-ono-dispatch-attribute-validation-00 >> >> to allow third parties to validate property information. If the validating party (e.g., a bank regulator) is willing to sign a certificate, similar in spirit to the framed gold-leaf diplomas in your dentist’s office or, more lowly, to the health departments rating in a restaurant window, and it can be tied to a phone number, this shouldn’t be too hard. >> >> It’s a bit harder if the certifying authority (regulator, Realtor board, local bar association, …) is not involved. > The tricky part is ensuring that a certificate (using the term broadly) issued by some > organization is not interpreted by relying parties as meaning more than it should. > > It is not clear to me that most entities are good choices for the binding of a name > to a phone number. In part this is because these entities do not consider the phone > number to be a critical aspect of the attributes for which they vouch. > > My dentist's diploma is valid irrespective of the location (much less the phone number) > for his office. BTW, as the geographic boundaries for area code change, phone numbers > change. My home didn't move and it took a while for many of the records held by other > parties to be updated. So, no, I would not rely on many parties of the sort you seem to suggest, > to issue a credential binding my name to a phone nmber > > Steve > _______________________________________________ > cnit mailing list > cnit@ietf.org > https://www.ietf.org/mailman/listinfo/cnit
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Richard Shockey
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Brian Rosen
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Gorman, Pierce A [NTK]
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Brian Rosen
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Henning Schulzrinne
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Richard Shockey
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Michael Hammer
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Henning Schulzrinne
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Brian Rosen
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Henning Schulzrinne
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Gorman, Pierce A [NTK]
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Michael Hammer
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Brian Rosen
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Henning Schulzrinne
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Stephen Kent
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Michael Hammer
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Henning Schulzrinne
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Brian Rosen
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Gorman, Pierce A [NTK]
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Stephen Kent
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Henning Schulzrinne
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Brian Rosen
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Richard Shockey
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Stephen Kent
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Stephen Kent
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Brian Rosen
- Re: [cnit] [stir] draft-peterson-stir-threats-00.… Stephen Kent