Re: [Sip] New I-D on RFC4474 and phone numbers
"Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com> Mon, 18 February 2008 19:56 UTC
Return-Path: <sip-bounces@ietf.org>
X-Original-To: ietfarch-sip-archive@core3.amsl.com
Delivered-To: ietfarch-sip-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E7BF928C586; Mon, 18 Feb 2008 11:56:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.548
X-Spam-Level:
X-Spam-Status: No, score=-1.548 tagged_above=-999 required=5 tests=[AWL=-1.111, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D+ySg7S-i8YV; Mon, 18 Feb 2008 11:56:53 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 620413A6C3F; Mon, 18 Feb 2008 11:56:23 -0800 (PST)
X-Original-To: sip@core3.amsl.com
Delivered-To: sip@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6D90F3A689E for <sip@core3.amsl.com>; Mon, 18 Feb 2008 11:56:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ev1Hr-Y+KDlf for <sip@core3.amsl.com>; Mon, 18 Feb 2008 11:56:19 -0800 (PST)
Received: from demumfd001.nsn-inter.net (demumfd001.nsn-inter.net [217.115.75.233]) by core3.amsl.com (Postfix) with ESMTP id F18BC28C364 for <sip@ietf.org>; Mon, 18 Feb 2008 11:55:07 -0800 (PST)
Received: from demuprx016.emea.nsn-intra.net ([10.150.129.55]) by demumfd001.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id m1IJsli4006825 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 18 Feb 2008 20:54:47 +0100
Received: from demuexc022.nsn-intra.net (webmail.nsn-intra.net [10.150.128.35]) by demuprx016.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id m1IJsjW2007789; Mon, 18 Feb 2008 20:54:45 +0100
Received: from DEMUEXC012.nsn-intra.net ([10.150.128.23]) by demuexc022.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.3959); Mon, 18 Feb 2008 20:54:45 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Mon, 18 Feb 2008 20:54:39 +0100
Message-ID: <5FB585F183235B42A9E70095055136FB79857A@DEMUEXC012.nsn-intra.net>
In-Reply-To: <47B9DE39.60608@cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Sip] New I-D on RFC4474 and phone numbers
Thread-Index: AchyZulElgl5PP+qQYG8DvAYAxoq4AAABmmg
References: <47B9125B.2060104@cisco.com> <47B99B39.6040105@cisco.com> <47B9DE39.60608@cisco.com>
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
To: ext Jonathan Rosenberg <jdrosen@cisco.com>, Paul Kyzivat <pkyzivat@cisco.com>
X-OriginalArrivalTime: 18 Feb 2008 19:54:45.0085 (UTC) FILETIME=[1BEEA8D0:01C87268]
Cc: IETF SIP List <sip@ietf.org>
Subject: Re: [Sip] New I-D on RFC4474 and phone numbers
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: sip-bounces@ietf.org
Errors-To: sip-bounces@ietf.org
Hi Jonathan, Hi Paul, thanks for raising the aspect of E.164 and ENUM usage. There was an offline discussion between Dan Wing, Klaus Darilion, Kai Fischer, David Schwartz, Hadriel Kaplan, John Elwell, and myself about E.164 and SIP Identity. As part of the discussion Klaus and I polished a former document of Alexander Mayrhofer on the usage of ENUM for E.164 numbers (see draft-mayrhofer-enum-domainkeys-00). As we moved along with the work we obviously came across a couple of problems (as one can easily imagine) and the document triggered a long discussion among us. Dispite a couple of challenges, we published the document today (see http://www.ietf.org/internet-drafts/draft-darilion-sip-e164-enum-00.txt). I learned a lot while working on that document. In addition to publishing the document a few of us have also worked on a document that captures some of our discussion on E.164 number ownership. I will publish it very soon -- just a bit more proof-reading. Ciao Hannes > -----Ursprüngliche Nachricht----- > Von: sip-bounces@ietf.org [mailto:sip-bounces@ietf.org] Im > Auftrag von ext Jonathan Rosenberg > Gesendet: Montag, 18. Februar 2008 21:36 > An: Paul Kyzivat > Cc: IETF SIP List > Betreff: Re: [Sip] New I-D on RFC4474 and phone numbers > > I agree that something along the lines of enum could solve > this problem, > and I believe there was a draft that proposed such a thing. This has > been discussed since the start of rfc4474. > > However, I fear that saying, 'use enum' is kind of like saying, we'll > just use an All-Knowing Oracle, so lets figure out the interface > protocol to the Oracle. The easy part is the interface (the enum > mechanism). The actual hard problem is how to get those entries > populated. The deployment of public enum has been - shall we > say - less > than spectacular. I'd hate for that to be our only solution. Not that > its obvious what else to do; though I do suggest in my draft > how domain > based authentication, when combined with whitelists and > blacklists, can > help. > > -Jonathan R. > > Paul Kyzivat wrote: > > Jonathan, > > > > I guess the time has come for this discussion, since John > Ewell has also > > submitted a draft on this subject. > > > > I thought the problem was already well known, but perhaps > not. IMO the > > main thing now is to figure out the *solution* to the problem! > > IMO a solution is to use a 4474-style approach, but where the > > certificate is tied to just the phone number, not to some arbitrary > > domain name. That of course would depend on a model where > the "owner" of > > the phone number is the one who may obtain the certificate > for that number. > > > > My thought is that we already have an algorithmic mapping > from an E.164 > > phone number to a domain name, defined by enum. If the > sender puts an > > E.164 number in From, and can sign it with a cert for the > enum mapped > > domain name corresponding to that number, then that ought > to be valid > > proof of the validity of the sender. > > > > In those places where public enum is in operation, I think there is > > already a legal mechanism in place to give the owner of record of a > > particular phone number control over the contents of the > corresponding > > DNS entry. That should also be sufficient to allow a certificate > > authority to assign a cert to that same owner. > > > > Combine all that and you have a complete e2e identity model > for phone > > numbers, based on public enum. And that can be true even if > public enum > > isn't used to *route* the calls to that number. So it could > be used for > > "unlisted" numbers. > > > > To use this approach the From header should contain either > a TEL URI, or > > a sip/sips URI containing the enum-mapped domain name > corresponding to > > the phone number. (I would rather see the TEL used for this > - it is more > > user friendly.) > > > > Thanks, > > Paul > > > > Jonathan Rosenberg wrote: > >> I just submitted: > >> > http://www.ietf.org/internet-drafts/draft-rosenberg-sip-rfc447 > 4-concerns-00.txt > >> > >> > >> This is basically a discussion on the security properties > of rfc4474 > >> with phone numbers, and a comparison to rfc3325 in this > case. Also a > >> discussion on what happens to dtls-srtp. > >> > >> Comments welcome. > >> > >> -Jonathan R. > > > > -- > Jonathan D. Rosenberg, Ph.D. 499 Thornall St. > Cisco Fellow Edison, NJ 08837 > Cisco, Voice Technology Group > jdrosen@cisco.com > http://www.jdrosen.net PHONE: (408) 902-3084 > http://www.cisco.com > _______________________________________________ > Sip mailing list http://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use sip-implementors@cs.columbia.edu for questions on current sip > Use sipping@ietf.org for new developments on the application of sip > _______________________________________________ Sip mailing list http://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors@cs.columbia.edu for questions on current sip Use sipping@ietf.org for new developments on the application of sip
- [Sip] New I-D on RFC4474 and phone numbers Jonathan Rosenberg
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Henry Sinnreich
- [Sip] SIP & E.164 assertions Joel M. Halpern
- Re: [Sip] New I-D on RFC4474 and phone numbers Frank W. Miller
- Re: [Sip] New I-D on RFC4474 and phone numbers Dean Willis
- Re: [Sip] New I-D on RFC4474 and phone numbers Hadriel Kaplan
- Re: [Sip] New I-D on RFC4474 and phone numbers Frank W. Miller
- Re: [Sip] New I-D on RFC4474 and phone numbers Dean Willis
- Re: [Sip] New I-D on RFC4474 and phone numbers Frank W. Miller
- Re: [Sip] New I-D on RFC4474 and phone numbers Hadriel Kaplan
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Frank W. Miller
- Re: [Sip] New I-D on RFC4474 and phone numbers Frank W. Miller
- Re: [Sip] New I-D on RFC4474 and phone numbers Jonathan Rosenberg
- Re: [Sip] SIP & E.164 assertions Jonathan Rosenberg
- Re: [Sip] New I-D on RFC4474 and phone numbers Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [Sip] New I-D on RFC4474 and phone numbers Hadriel Kaplan
- [Sip] New I-D on why From/To-URIs are changed at … Hadriel Kaplan
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] SIP & E.164 assertions Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Richard Shockey
- Re: [Sip] New I-D on RFC4474 and phone numbers Richard Shockey
- Re: [Sip] New I-D on RFC4474 and phone numbers Hadriel Kaplan
- Re: [Sip] SIP & E.164 assertions Hadriel Kaplan
- Re: [Sip] New I-D on RFC4474 and phone numbers Richard Shockey
- Re: [Sip] New I-D on RFC4474 and phone numbers Richard Shockey
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Hadriel Kaplan
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Henry Sinnreich
- Re: [Sip] New I-D on RFC4474 and phone numbers Richard Shockey
- Re: [Sip] New I-D on RFC4474 and phone numbers Richard Shockey
- Re: [Sip] New I-D on RFC4474 and phone numbers Dale.Worley
- Re: [Sip] SIP & E.164 assertions Dale.Worley
- Re: [Sip] New I-D on RFC4474 and phone numbers Dean Willis
- Re: [Sip] SIP & E.164 assertions Joel M. Halpern
- Re: [Sip] SIP & E.164 assertions Hadriel Kaplan
- Re: [Sip] New I-D on RFC4474 and phone numbers Dean Willis
- Re: [Sip] New I-D on RFC4474 and phone numbers Hadriel Kaplan
- Re: [Sip] SIP & E.164 assertions Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Hannes Tschofenig
- [Sip] Oracle -- New I-D on RFC4474 and phone numb… Hannes Tschofenig
- Re: [Sip] New I-D on RFC4474 and phone numbers Dan Wing
- Re: [Sip] New I-D on RFC4474 and phone numbers Dan Wing
- Re: [Sip] New I-D on RFC4474 and phone numbers Dan Wing
- Re: [Sip] SIP & E.164 assertions Hadriel Kaplan
- Re: [Sip] New I-D on RFC4474 and phone numbers Richard Shockey
- [Sip] Infrastructure issues involving e164 numbers Richard Shockey
- Re: [Sip] Infrastructure issues involving e164 nu… Hannes Tschofenig
- Re: [Sip] Infrastructure issues involving e164 nu… Richard Shockey
- Re: [Sip] Infrastructure issues involving e164 nu… Paul Kyzivat
- Re: [Sip] Infrastructure issues involving e164 nu… Dan Wing
- Re: [Sip] Infrastructure issues involving e164 nu… Hannes Tschofenig
- Re: [Sip] New I-D on RFC4474 and phone numbers Francois Audet
- Re: [Sip] Infrastructure issues involving e164 nu… Richard Shockey
- Re: [Sip] New I-D on RFC4474 and phone numbers Alan Johnston
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Francois Audet
- Re: [Sip] New I-D on RFC4474 and phone numbers Joel M. Halpern
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Francois Audet
- Re: [Sip] New I-D on RFC4474 and phone numbers Paul Kyzivat
- Re: [Sip] Infrastructure issues involving e164 nu… Henry Sinnreich
- Re: [Sip] New I-D on RFC4474 and phone numbers Jonathan Rosenberg
- Re: [Sip] New I-D on RFC4474 and phone numbers Joel M. Halpern
- Re: [Sip] New I-D on RFC4474 and phone numbers Dale.Worley
- Re: [Sip] New I-D on RFC4474 and phone numbers Hadriel Kaplan
- Re: [Sip] Infrastructure issues involving e164 nu… Hannes Tschofenig
- Re: [Sip] New I-D on RFC4474 and phone numbers Elwell, John
- Re: [Sip] New I-D on RFC4474 and phone numbers Elwell, John
- Re: [Sip] Infrastructure issues involving e164 nu… Elwell, John
- Re: [Sip] Infrastructure issues involving e164 nu… Horvath, Ernst
- Re: [Sip] New I-D on why From/To-URIs are changed… Elwell, John
- Re: [Sip] Infrastructure issues involving e164 nu… Elwell, John
- Re: [Sip] [Enum] New I-D on RFC4474 and phone num… PFAUTZ, PENN L, ATTCORP
- Re: [Sip] Infrastructure issues involving e164 nu… Hannes Tschofenig
- Re: [Sip] Infrastructure issues involving e164 nu… Patrik Fältström
- Re: [Sip] New I-D on RFC4474 and phone numbers Jonathan Rosenberg
- Re: [Sip] New I-D on RFC4474 and phone numbers Michael Thomas
- Re: [Sip] Infrastructure issues involving e164 nu… Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Francois Audet
- Re: [Sip] New I-D on RFC4474 and phone numbers Dan Wing
- Re: [Sip] Infrastructure issues involving e164 nu… Francois Audet
- Re: [Sip] New I-D on why From/To-URIs are changed… Hadriel Kaplan
- Re: [Sip] Infrastructure issues involving e164 nu… Elwell, John
- Re: [Sip] New I-D on RFC4474 and phone numbers Elwell, John
- Re: [Sip] Infrastructure issues involving e164 nu… Paul Kyzivat
- Re: [Sip] Infrastructure issues involving e164 nu… Michael Thomas
- Re: [Sip] New I-D on why From/To-URIs are changed… Paul Kyzivat
- Re: [Sip] New I-D on RFC4474 and phone numbers Dan Wing
- Re: [Sip] Infrastructure issues involving e164 nu… Paul Kyzivat
- Re: [Sip] Infrastructure issues involving e164 nu… Dean Willis
- Re: [Sip] Infrastructure issues involving e164 nu… Francois Audet
- Re: [Sip] Infrastructure issues involving e164 nu… Dean Willis
- Re: [Sip] Infrastructure issues involving e164 nu… Michael Thomas
- Re: [Sip] SIP & E.164 assertions Dale.Worley
- Re: [Sip] Infrastructure issues involving e164 nu… Dean Willis
- Re: [Sip] Infrastructure issues involving e164 nu… Hadriel Kaplan
- Re: [Sip] Infrastructure issues involving e164 nu… Hadriel Kaplan
- Re: [Sip] Infrastructure issues involving e164 nu… Elwell, John
- Re: [Sip] Infrastructure issues involving e164 nu… Elwell, John
- Re: [Sip] Infrastructure issues involving e164 nu… Elwell, John
- Re: [Sip] Infrastructure issues involving e164 nu… DRAGE, Keith (Keith)
- Re: [Sip] Infrastructure issues involving e164 nu… Paul Kyzivat
- Re: [Sip] Infrastructure issues involving e164 nu… Paul Kyzivat
- Re: [Sip] Infrastructure issues involving e164 nu… Michael Thomas
- Re: [Sip] Infrastructure issues involving e164 nu… Dean Willis
- Re: [Sip] Infrastructure issues involving e164 nu… Michael Thomas
- Re: [Sip] Infrastructure issues involving e164 nu… Francois Audet
- Re: [Sip] New I-D on why From/To-URIs are changed… Jonathan Rosenberg
- Re: [Sip] New I-D on why From/To-URIs are changed… Hadriel Kaplan