IETF Logo Mail Archive

Re: [dispatch] VIPR - proposed charter version 3

Jonathan Rosenberg <jdrosen@jdrosen.net> Fri, 09 July 2010 22:20 UTC

Return-Path: <jdrosen@jdrosen.net>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 658383A67D0; Fri, 9 Jul 2010 15:20:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rUeM7OHEuQiy; Fri, 9 Jul 2010 15:20:19 -0700 (PDT)
Received: from ecbiz71.inmotionhosting.com (ecbiz71.inmotionhosting.com [173.205.124.201]) by core3.amsl.com (Postfix) with ESMTP id 01F783A67B8; Fri, 9 Jul 2010 15:20:19 -0700 (PDT)
Received: from pool-173-63-40-38.nwrknj.fios.verizon.net ([173.63.40.38] helo=[192.168.1.8]) by ecbiz71.inmotionhosting.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <jdrosen@jdrosen.net>) id 1OXLv4-0001Cs-QO; Fri, 09 Jul 2010 18:19:42 -0400
Message-ID: <4C37A09E.5080102@jdrosen.net>
Date: Fri, 09 Jul 2010 18:20:14 -0400
From: Jonathan Rosenberg <jdrosen@jdrosen.net>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Richard Shockey <richard@shockey.us>
Subject: Re: [dispatch] VIPR - proposed charter version 3
References: <AANLkTintQWiM1BNi1Lz11i4AEUm4vnpFhHNRPRMs6ctG@mail.gmail.com> <EDC652A26FB23C4EB6384A4584434A04022F40FB@307622ANEX5.global.avaya.com> <AANLkTinCs4ooaP7qczjOf_CMJB2tZg9XR9Ro5H-WWHK6@mail.gmail.com> <EDC652A26FB23C4EB6384A4584434A04022F4219@307622ANEX5.global.avaya.com> <001201cb1ade$4195f680$c4c1e380$@us> <AANLkTimGO9mf_q78EYJJ_UwuM834m3vJ0i4BiGqEB4KJ@mail.gmail.com> <009f01cb1bba$4c7bcd40$e57367c0$@us> <4C32199A.80809@cisco.com> <008d01cb1c72$9bdb96a0$d392c3e0$@us> <2a2201cb1e5a$85b5df90$91219eb0$@com> <00f401cb1eb4$cbb98230$632c8690$@us>
In-Reply-To: <00f401cb1eb4$cbb98230$632c8690$@us>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - ecbiz71.inmotionhosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jdrosen.net
Cc: 'Paul Kyzivat' <pkyzivat@cisco.com>, 'DISPATCH' <dispatch@ietf.org>, 'IETF-Discussion list' <ietf@ietf.org>, 'Peter Musgrave' <peter.musgrave@magorcorp.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jul 2010 22:20:20 -0000

Richard Shockey wrote:

> RS> You cannot authoritatively determine a binding between a phone number
> and a consumer (domain) without access to the databases.

The point of ViPR is that the authoritative mapping as you've defined it 
just isn't necessary; a forward routability check is all that is really 
needed.

Indeed, let us look at email for a moment. How does one know that 
"jdrosen@jdrosen.net" authoritatively maps to me? In reality the only 
authoritative source for this is the databases at jdrosen.net which 
contain credentials that are bound to me. However, those are 
inaccessible to the rest of the world. Instead, one can check if 
jdrosen@jdrosen.net routes to me by sending me an email with some kind 
of secret, and if I can prove I know that secret, you know that I'm 
jdrosen@jdrosen.net. This forward routability check is the foundation 
for vast amounts of web security and identity, and that same principle 
is applied here for phone numbers.

Do you argue that we should stop using these forward email routing 
checks in the web?

-Jonathan R.


-- 
Jonathan D. Rosenberg, Ph.D.                   SkypeID: jdrosen
Chief Technology Strategist                    Mobile: +1 (732) 766-2496
Skype                                          SkypeIn: +1 (408) 465-0361
jdrosen@skype.net                              http://www.skype.com
jdrosen@jdrosen.net                            http://www.jdrosen.net

v2.23.0 | Report a Bug | By Email