IETF Logo Mail Archive

Re: [cnit] CNIT Charter bashing..

Brian Rosen <br@brianrosen.net> Fri, 12 June 2015 16:28 UTC

Return-Path: <br@brianrosen.net>
X-Original-To: cnit@ietfa.amsl.com
Delivered-To: cnit@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 332B51A8755 for <cnit@ietfa.amsl.com>; Fri, 12 Jun 2015 09:28:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.821
X-Spam-Level:
X-Spam-Status: No, score=-1.821 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_NEUTRAL=0.779] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H9-ChaS-FWpa for <cnit@ietfa.amsl.com>; Fri, 12 Jun 2015 09:28:27 -0700 (PDT)
Received: from mail-qc0-f173.google.com (mail-qc0-f173.google.com [209.85.216.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 205A41A9085 for <cnit@ietf.org>; Fri, 12 Jun 2015 09:28:27 -0700 (PDT)
Received: by qcjq9 with SMTP id q9so7166186qcj.2 for <cnit@ietf.org>; Fri, 12 Jun 2015 09:28:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=T4B/e2w2qzQbXyFracGbj54ewCj5QyjwjlqdJkR4yRk=; b=edVaPIiOW58Ai6oSW+FmAAHnPwCdm4WM+R3lDCB+twhJPBmF056aWUrt308PmkwGY/ ZESmFJWuD9/vddsBBNsHpNQT8QSZnXFnTJhcw1sKJQDfg7/e9UHqbeJD7aOVLedk9OXs +Z90qxiiKC60iFOr9y8vdm2Ox3//8ClUwSQFZyt1Nc3gPv1Cy/XL8wXYzY8ijvTCK09b gnDxQ3hB9mrxudhO/jhau59hG2zzs3I/esSH0oSPF1cRf8rrbEkrvi96gA1IJojejbIQ HJbF5sFoVGf67aGfq/hkWsx8I19H5yGKCpSdZTRMIzR0PVMgxSG9+Nv9I9zgtKOpL+cT vP/A==
X-Gm-Message-State: ALoCoQl9KXGT2BdmTueW61KPp1NuED00hSC9c35MVU2Qbr0UKK7hpgK4dQnam10QM5694iemGOGl
X-Received: by 10.140.97.136 with SMTP id m8mr19461193qge.32.1434126506398; Fri, 12 Jun 2015 09:28:26 -0700 (PDT)
Received: from [10.33.128.56] ([156.154.61.4]) by mx.google.com with ESMTPSA id l81sm1856391qhl.24.2015.06.12.09.28.24 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 12 Jun 2015 09:28:25 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
From: Brian Rosen <br@brianrosen.net>
In-Reply-To: <D1A0761F.26EE1%richard@shockey.us>
Date: Fri, 12 Jun 2015 09:28:22 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <15E9AA29-E9F1-4DA6-ADA4-E201F8F07B7A@brianrosen.net>
References: <D19F23AD.26CEA%richard@shockey.us> <E42CCDDA6722744CB241677169E8365603614617@MISOUT7MSGUSRDB.ITServices.sbc.com> <9588_1434045613_5579CCAD_9588_574_1_fki5dyxdmgyv92b6hugpfuoy.1434045608655@email.android.com> <E6A16181E5FD2F46B962315BB05962D07D354C94@fcc.gov> <9384_1434103912_557AB068_9384_7221_1_B5939C6860701C49AA39C5DA5189448B14C216E0@OPEXCLILM42.corporate.adroot.infra.ftgroup> <D1A05A04.26E84%richard@shockey.us> <E6A16181E5FD2F46B962315BB05962D07D355543@fcc.gov> <557AE9E4.5030205@cs.tcd.ie> <D1A0761F.26EE1%richard@shockey.us>
To: Richard Shockey <richard@shockey.us>
X-Mailer: Apple Mail (2.2098)
Archived-At: <http://mailarchive.ietf.org/arch/msg/cnit/y_05dvNEdSftnqJSfsMtmLS2Eg0>
Cc: "philippe.fouquart@orange.com" <philippe.fouquart@orange.com>, Henning Schulzrinne <Henning.Schulzrinne@fcc.gov>, "cnit@ietf.org" <cnit@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [cnit] CNIT Charter bashing..
X-BeenThere: cnit@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Calling Name Identity Trust discussion list <cnit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cnit>, <mailto:cnit-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cnit/>
List-Post: <mailto:cnit@ietf.org>
List-Help: <mailto:cnit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cnit>, <mailto:cnit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jun 2015 16:28:29 -0000

One possible extra bit is that we need to know WHO signed.  That could be easy (identity in a cert for the signature), but it’s a requirement.

I still want an optional confidence value, because the source is often not authoritative.

If we’re thinking we’re using the existing display name, and coming up with a way to sign it, then, like stir, the termination side can decide what it wants to do if it gets a display name but no signature.  The sender has the option to provide the name or not, and provide the signature or not.

We COULD consider a new header that would contain the name encrypted for a destination TN (To:).  That would afford privacy to the name to middle boxes that we would not have today with display name.  I would not be opposed to that.  This would work like the offline stir proposal, where the sender obtains the public key of the recipient and encrypts the name for the recipient.

Brian

> On Jun 12, 2015, at 8:49 AM, Richard Shockey <richard@shockey.us> wrote:
> 
> 
> Henning is right. No one is forcing anything. Existing anonymous calling
> protections still apply.
> 
> 
> Again my point is that is a great many cases Interconnected SIP between NA
> carriers are covered by other security mechanisms.
> 
> Right now your Facetime session is totally in the clear. My concern is we
> end up going down the rat hole of trying to create perfect end to end
> security nothing will get done.
> 
> 
> 
> On 6/12/15, 10:17 AM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote:
> 
>> 
>> 
>> On 12/06/15 15:13, Henning Schulzrinne wrote:
>>> In almost all cases of interest, the calling party *wants* to
>>> disclose accurate information to the called party, so the privacy
>>> issues don't seem to arise. They would only arise if there was forced
>>> disclosure; I don't think anybody is proposing that.
>> 
>> Privacy issues could also arise if a middlebox could now see
>> sensitive information that it previously could not see. I think
>> that is independent of whether disclosure is desired by either
>> of the endpoints.
>> 
>> S.
>> 
>> _______________________________________________
>> cnit mailing list
>> cnit@ietf.org
>> https://www.ietf.org/mailman/listinfo/cnit
> 
> 
> _______________________________________________
> cnit mailing list
> cnit@ietf.org
> https://www.ietf.org/mailman/listinfo/cnit

v2.23.0 | Report a Bug | By Email