IETF Logo Mail Archive

Re: [Rum] I-D Action: draft-ietf-rum-rue-03.txt

James Hamlin <james.hamlin@purple.us> Thu, 24 September 2020 06:59 UTC

Return-Path: <james.hamlin@purple.us>
X-Original-To: rum@ietfa.amsl.com
Delivered-To: rum@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58BE33A0770 for <rum@ietfa.amsl.com>; Wed, 23 Sep 2020 23:59:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oeQSIclM6P-h for <rum@ietfa.amsl.com>; Wed, 23 Sep 2020 23:59:06 -0700 (PDT)
Received: from outbound-ip1a.ess.barracuda.com (outbound-ip1a.ess.barracuda.com [209.222.82.168]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C88F3A0772 for <rum@ietf.org>; Wed, 23 Sep 2020 23:59:04 -0700 (PDT)
Received: from smtp.purple.us (smtp02.purple.us.91.17.208.in-addr.arpa [208.17.91.144]) by mx3.us-east-2a.ess.aws.cudaops.com (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO); Thu, 24 Sep 2020 06:59:01 +0000
Received: from 1-WP-401-EXCH.purplenetwork.net (10.0.10.143) by 1-wp-402-exch.purplenetwork.net (10.0.10.144) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 23 Sep 2020 23:59:00 -0700
Received: from 1-WP-401-EXCH.purplenetwork.net ([fe80::e190:fa54:4b11:2dfb]) by 1-wp-401-exch.purplenetwork.net ([fe80::e190:fa54:4b11:2dfb%13]) with mapi id 15.00.1263.000; Wed, 23 Sep 2020 23:59:00 -0700
From: James Hamlin <james.hamlin@purple.us>
To: Paul Kyzivat <pkyzivat@alum.mit.edu>
CC: "rum@ietf.org" <rum@ietf.org>
Thread-Topic: [Rum] I-D Action: draft-ietf-rum-rue-03.txt
Thread-Index: AQHWj/Gl4E/+9/1icEKqjKU/sGCygqlzocYAgAO+W9Y=
Date: Thu, 24 Sep 2020 06:58:59 +0000
Message-ID: <1600930740003.80867@purple.us>
References: <1600679072074.473@purple.us>, <13bd7883-da42-9c48-5cfe-8eaac47c8886@alum.mit.edu>
In-Reply-To: <13bd7883-da42-9c48-5cfe-8eaac47c8886@alum.mit.edu>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.0.10.15]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-BESS-ID: 1600930741-893004-1313-65002-1
X-BESS-VER: 2019.1_20200923.1534
X-BESS-Apparent-Source-IP: 208.17.91.144
X-BESS-Outbound-Spam-Score: 0.00
X-BESS-Outbound-Spam-Report: Code version 3.2, rules version 3.2.2.227108 [from cloudscan12-95.us-east-2a.ess.aws.cudaops.com] Rule breakdown below pts rule name description ---- ---------------------- -------------------------------- 0.00 BSF_BESS_OUTBOUND META: BESS Outbound
X-BESS-Outbound-Spam-Status: SCORE=0.00 using global scores of KILL_LEVEL=7.0 tests=BSF_BESS_OUTBOUND
X-BESS-BRTS-Status: 1
Archived-At: <https://mailarchive.ietf.org/arch/msg/rum/vPu_DeyAaqf76h-d0kugJGfEiyU>
Subject: Re: [Rum] I-D Action: draft-ietf-rum-rue-03.txt
X-BeenThere: rum@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Relay User Machine <rum.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rum>, <mailto:rum-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rum/>
List-Post: <mailto:rum@ietf.org>
List-Help: <mailto:rum-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rum>, <mailto:rum-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Sep 2020 06:59:07 -0000

Hi Paul

Agreed, the background to this is that VRS Providers wish to provide controlled, limited access to 3rd party applications so as to protect their services from bad actors and misbehaving Apps. And I don't think a solution had been fully agreed.

Best regards

James


James Hamlin
Contractor
Purple, a Division of ZP Better Together, LLC
purplevrs.com
The information contained in this e-mail message is intended only for the personal and confidential use of the recipient(s) named above. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message.

________________________________________
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Sent: 21 September 2020 15:47
To: James Hamlin
Cc: rum@ietf.org
Subject: Re: [Rum] I-D Action: draft-ietf-rum-rue-03.txt

James,

Since you are the one VRS Provider person who regularly contributes
here, can I ask you to help a bit more?

Back when we started this work with Henning several years ago a major
concern of the providers was to find a mechanism to easily and cheaply
restrict access to RUE implementations that have been tested/certified.
The goal as I understand it was to avoid subjecting the provider systems
to attacks. But to date we haven't identified a mechanism for doing this
that actually works. At the moment there is nothing in the draft for that.

I have been arguing that web servers don't limit access to certified web
browsers and they manage to survive. But still I am willing to entertain
including a mechanism if we could find one that is workable.

Would you be willing to work on this with us? In particular, to start,
identify the particular concerns and the level of effort that is/isn't
acceptable to identify and reject uncertified clients.

        Thanks,
        Paul

On 9/21/20 5:04 AM, James Hamlin wrote:
> Brian
>
>
> Thanks for the new draft.
>
>
> I think the final sentence in section 5.2.5. "Emergency Calls" is out of
> scope, as it tries to define the interface between the VRS provider and
> the PSAP. From the rest of the text, the purpose of the data exchange
> between RUE and VRS provider is already clear; the final sentence could
> be dropped without detracting from the description of the RUM interface.
> I propose dropping the text/: "Providers MUST implement Data Provider
> and Service Information blocks as the call is forwarded to the PSAP."./
>
>
> Best Regards
>
>
> James
>
>
> James Hamlin
> Contractor
> Purple, a Division of ZP Better Together, LLC
> purplevrs.com
>
> The information contained in this e-mail message is intended only for
> the personal and confidential use of the recipient(s) named above. If
> you have received this communication in error, please notify us
> immediately by e-mail, and delete the original message.
>
>

v2.23.0 | Report a Bug | By Email