IETF Logo Mail Archive

Re: [sipcore] [stir] draft-ietf-sipcore-callinfo-04 (call-reason)

"Gorman, Pierce" <Pierce.Gorman@t-mobile.com> Tue, 12 April 2022 20:23 UTC

Return-Path: <Pierce.Gorman@t-mobile.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2D7D3A0CFD; Tue, 12 Apr 2022 13:23:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.307
X-Spam-Level:
X-Spam-Status: No, score=-1.307 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, GB_ABOUTYOU=0.5, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tmobileusa.onmicrosoft.com header.b=X09jGiRX; dkim=pass (1024-bit key) header.d=tmobileusa.onmicrosoft.com header.b=X09jGiRX
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Teknya1XSrb0; Tue, 12 Apr 2022 13:23:16 -0700 (PDT)
Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam07on20731.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e83::731]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 674603A0CDE; Tue, 12 Apr 2022 13:23:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TMobileUSA.onmicrosoft.com; s=selector1-TMobileUSA-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mcI4zy59DUlBb0OZBhXoO1r3Xn12SJ1t5ydSxGT+H4g=; b=X09jGiRXPKsCwjB4K3HCuu6mGwWYf0TRd2QCbhL5/zgjAmTFYLKcWTPtXIsxbo2mWaXe5w0yh3O1HHii84bx0OQ/YPux//gJJRdr3oFfhHHqgOrL4BWq1tOVQlxwRPBnvs6EBTiAWjNz8lG3mZO/rM+8LzK7y23d4JFdu6yrT3Q=
Received: from DM6PR02CA0144.namprd02.prod.outlook.com (2603:10b6:5:332::11) by DM6PR02MB4523.namprd02.prod.outlook.com (2603:10b6:5:2b::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5144.29; Tue, 12 Apr 2022 20:23:12 +0000
Received: from DM3NAM02FT030.eop-nam02.prod.protection.outlook.com (2603:10b6:5:332:cafe::1f) by DM6PR02CA0144.outlook.office365.com (2603:10b6:5:332::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5144.29 via Frontend Transport; Tue, 12 Apr 2022 20:23:12 +0000
X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 144.49.247.42) smtp.mailfrom=t-mobile.com; dkim=pass (signature was verified) header.d=TMobileUSA.onmicrosoft.com;dmarc=fail action=none header.from=t-mobile.com;
Received-SPF: Fail (protection.outlook.com: domain of t-mobile.com does not designate 144.49.247.42 as permitted sender) receiver=protection.outlook.com; client-ip=144.49.247.42; helo=mail.ds.dlp.protect.symantec.com;
Received: from mail.ds.dlp.protect.symantec.com (144.49.247.42) by DM3NAM02FT030.mail.protection.outlook.com (10.13.4.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5164.19 via Frontend Transport; Tue, 12 Apr 2022 20:23:11 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RvRcVdCqSHmljw1tyWXU567PilZW1LZaEzQsGDNH9luuj1c9+KhjjkR814DxCYbOMdQdqZK5zYUqgonX6eB+zFNjAyqtp2lEO4cVfSDahoBVDYSSNgu8ligJH9/mpKSYWLD25b7g5OGNgdV+MLOk6lAYsN2BRIbu5raHUyEQ8WXlJDiTUt3eLoCkwt6ybg7qPgzLOq0u8PAHJ3iZAm+J6Vc9mBuJfTxvWxZb1OJ+ktsx0pNG6iwNBAlPFaCnzNJr6kN4uelEtBNZgzKpEVxOykhQDJeyvF+GZ+2eUqrDd0HkC4gdnFAqQgWqElAc9ITxMt+6ARL4jhIkMp3QLwBLng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mcI4zy59DUlBb0OZBhXoO1r3Xn12SJ1t5ydSxGT+H4g=; b=HmTTGfn56LhaEfLc+s7SJ6RcESKQtocK9dwnScLrtVgui09YH/teIeL8txWlHsyX5X+6FoxcKXNVVsQzP9B7v2N8ikkaapaUNuFsNcfW6y+bjBT8UZqIjCNP4rNnxxaV21lSs2TquGV1oSf9MAYsPgOkb+RkYXT7gno13wP4zFLP+5tqbU+4CS2wGYPd/UopgXh9AL+JDZVGXFuTcOvbb0E3SdnOID/aYAbV3RUJ7ge4ln/xvUL7tRwXTN+d1PcCV8xOWaZ9LGxgEbQsLhllHgL5s5GRWHJJPSgC6+okFcrtvc/WDXaYr/l2cMX2WfzF26gj4JofF7XufVFQV5bEsQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t-mobile.com; dmarc=pass action=none header.from=t-mobile.com; dkim=pass header.d=t-mobile.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TMobileUSA.onmicrosoft.com; s=selector1-TMobileUSA-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mcI4zy59DUlBb0OZBhXoO1r3Xn12SJ1t5ydSxGT+H4g=; b=X09jGiRXPKsCwjB4K3HCuu6mGwWYf0TRd2QCbhL5/zgjAmTFYLKcWTPtXIsxbo2mWaXe5w0yh3O1HHii84bx0OQ/YPux//gJJRdr3oFfhHHqgOrL4BWq1tOVQlxwRPBnvs6EBTiAWjNz8lG3mZO/rM+8LzK7y23d4JFdu6yrT3Q=
Received: from BYAPR02MB4168.namprd02.prod.outlook.com (2603:10b6:a02:f4::11) by BYAPR02MB4231.namprd02.prod.outlook.com (2603:10b6:a02:fc::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5144.29; Tue, 12 Apr 2022 20:23:09 +0000
Received: from BYAPR02MB4168.namprd02.prod.outlook.com ([fe80::d879:56a0:3a11:6f73]) by BYAPR02MB4168.namprd02.prod.outlook.com ([fe80::d879:56a0:3a11:6f73%3]) with mapi id 15.20.5144.029; Tue, 12 Apr 2022 20:23:09 +0000
From: "Gorman, Pierce" <Pierce.Gorman@t-mobile.com>
To: Ben Campbell <ben@nostrum.com>, Chris Wendt <chris-ietf@chriswendt.net>
CC: IETF STIR Mail List <stir@ietf.org>, SIPCORE <sipcore@ietf.org>, Henning Schulzrinne <hgs@cs.columbia.edu>
Thread-Topic: [stir] [sipcore] draft-ietf-sipcore-callinfo-04 (call-reason)
Thread-Index: AQHYOtLeZhFqIWu2qEWgbx5Bv5s9yqzFlosAgAAPAICAAXMeAIABVT8AgCRxR4CAAACJ8A==
Date: Tue, 12 Apr 2022 20:23:09 +0000
Message-ID: <BYAPR02MB4168AC85059C24E4D6186387D2ED9@BYAPR02MB4168.namprd02.prod.outlook.com>
References: <CACgrgBbUASA4HTukPwZL9V=8XOMTx_keZcDh-pVc0eSJYtVS8w@mail.gmail.com> <86BE36F5-7CFE-48BE-B0A7-7458B67EB208@chriswendt.net> <CACgrgBYVi2rJv0BCFf3UxmjtSJHXRuFw+gbHsQm0Uo0Dr3J8Mw@mail.gmail.com> <51718867-9092-4423-B895-8069A8AF3D07@chriswendt.net> <CACgrgBZNXc0zcn7O9z2TS4_r5OGTsde7euMxcz_SqDO35pJASw@mail.gmail.com> <28766342-130D-4FED-AD38-7A817D4B525B@chriswendt.net> <97AB0ACC-011C-48F8-826A-2E7238485D30@nostrum.com>
In-Reply-To: <97AB0ACC-011C-48F8-826A-2E7238485D30@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t-mobile.com;
X-MS-Office365-Filtering-Correlation-Id: ea017663-cb0d-40be-4983-08da1cc24427
x-ms-traffictypediagnostic: BYAPR02MB4231:EE_|DM3NAM02FT030:EE_|DM6PR02MB4523:EE_
X-Microsoft-Antispam-PRVS: <DM6PR02MB4523169829733F4672159A9CD2ED9@DM6PR02MB4523.namprd02.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: jVubeJij7BKawnXVqLbgHlCzdo3FuZdBkB5Wax3DetIWRel2eMeWMb9kKw8uTAsZquZV1kZgm5KTGaykMWVFpLdPRR+NMAU7XRLMnue4JslfyoUubTKVR2qNgD1306n8pEHaAi/HiAGoX948sIGG01W+obbiCQ17J8zQLeNhCtzRyLtdXNagt+6g+QetsdY6Nyv0c9DQgu+SOEKtUhKyKkI3qooRZ5ldwzRBUphUBPNf2Fx0ZkU8PKLVCvZPj+VxNmctXFQ2bsHoCizOZ0qE5eYAlpZCM3rx8TeZQKgPXVXDEQd0pacy8qlonq9pCPtJgqqupWzDECXP7FnfRbZFyvkHjyrAF2paw5j2GLTtTu3cpO+/Dxwt+42LqSDO42zkTrFWDw+qpipevdSR8XHm9Uu216UJbxj1+OU3PNxT8cVFrzxgii5r7joQSvnah8+wBurffWAMCFLxe4nwoDo47qshK7suvpDgJtXoxD15UNTZmfQC/FIqdm+g53JNgMbFdFZcgnDRLS1AxjWH2QVQzFpUygHxqXYgm6CjACjrIUfwKUqagQty3/tfWqgg6QTUm66i0LV0ydzs2zksHyyuD7Y5E55jZbMw5eSbtumnKAVSLpwIEbO8aAMmHov+r37TP/K0djjyiikHX6FA2ro8XWrN7sJG9jA76vgHkaN/G1ahxAaNRaAMjXPLfg1khWj7OJjfrhYspTbrhqaEgEc+GCZMcr/6JAw1nfRJ5+dnyCkWdRcs+RNpvdR+R6T9/ITF+9Qorc6BcNCVYJMcz62uw22sqxMgnG/On9c3Ep1uzRM=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR02MB4168.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(86362001)(33656002)(38070700005)(2906002)(38100700002)(82960400001)(26005)(71200400001)(186003)(55016003)(53546011)(7696005)(6506007)(9686003)(66446008)(66476007)(66556008)(83380400001)(66946007)(76116006)(64756008)(8676002)(52536014)(5660300002)(122000001)(8936002)(166002)(508600001)(4326008)(966005)(54906003)(316002)(110136005); DIR:OUT; SFP:1102;
Content-Type: multipart/alternative; boundary="_000_BYAPR02MB4168AC85059C24E4D6186387D2ED9BYAPR02MB4168namp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR02MB4231
X-CFilter-Loop: Reflected
X-DetectorID-Processed: 8c846453-0f50-46b3-95ab-8bbaf7238615
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DM3NAM02FT030.eop-nam02.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 123a8753-d362-468a-b5c8-08da1cc242c5
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: gykht0INiOR69ZsAK3OA03C029gQstZd1fJCIbdwIEatDaK7vYgbKpotOkufdOTLtvZ+62xUCi6ReVELMxUwyv5fdrjSeBTmiWUTx12DLDa1e+uYmJ3j8OrJDK6f3p22n6Iuy9uLQAZjvp0VYhWmslBJtKATO54R2GbB+e0wzoLyL3F/zoebuMgNJq5b44elLt9/4GRzAVum9vEdMNBkiS5OphMQcGvcL6c3s2Zwi4BHVXTIMY+KvMj96p3AqfbaJmACz++7pSpSuz21Pp+aR3Ik6gl52y7FYGpDYIEkTTXw6XkHnvhUsrzKuHVgo7kBVf1nqpDeMto5j8tKq4uic/bC/C/usIBFm7IdxzKKXBxHKaTzY+CTdku/ECi7eX/gSzHVLNfrU9n601QhjcGO7d8jL7ZYS8VW0zMYRE7XJdAq/kWM9C/YkQJRH1NapHhBvft0lyIyLwnyT3dKN/g4Ze2wr1aQZroHZbAa0T8UshQitNPHex9FjJhsqndV+/aAdJVGTtqp9KwrQ2H7a9yf88H1Low5fk1jF5/0WtAG6OaFMe+ZcnYp7tvJXPMipwmg8tCii8QsRbD+8A1FTnbXp/cn1GX3MkfO+v/KwbBNyR/FR7HtDUY6nlayLdi2/Loj5RExP4oh4qGFoqmLzETY5KGJwEL82C48fGmu9eoY+0yQdes8PCrbGp9PZjy5LvnYvfnfQIVq/ZbQT2hlXdtNv8wU9fsguL5TQVdILl7xYnMtXbNO104EgHJJ+pkhZ3fb4jeF9vsOE0v5WBjy7mTwtnTPAE5lHy3uoFbmkSNs1Ys=
X-Forefront-Antispam-Report: CIP:144.49.247.42; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.ds.dlp.protect.symantec.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230001)(4636009)(46966006)(36840700001)(40470700004)(55016003)(86362001)(52536014)(8936002)(966005)(82960400001)(508600001)(356005)(6506007)(30864003)(5660300002)(4326008)(70586007)(316002)(54906003)(70206006)(8676002)(36860700001)(336012)(7696005)(47076005)(40460700003)(186003)(26005)(110136005)(83380400001)(82310400005)(166002)(81166007)(45080400002)(9686003)(53546011)(33656002)(2906002)(36900700001); DIR:OUT; SFP:1102;
X-OriginatorOrg: t-mobile.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Apr 2022 20:23:11.6973 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: ea017663-cb0d-40be-4983-08da1cc24427
X-MS-Exchange-CrossTenant-Id: be0f980b-dd99-4b19-bd7b-bc71a09b026c
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=be0f980b-dd99-4b19-bd7b-bc71a09b026c; Ip=[144.49.247.42]; Helo=[mail.ds.dlp.protect.symantec.com]
X-MS-Exchange-CrossTenant-AuthSource: DM3NAM02FT030.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR02MB4523
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/_lNlKTTM3SSqeatO74ydXhHDkGQ>
Subject: Re: [sipcore] [stir] draft-ietf-sipcore-callinfo-04 (call-reason)
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2022 20:23:21 -0000

I assume Call-Info or Subject are likely to be stripped by SBCs.


From: stir <stir-bounces@ietf.org> On Behalf Of Ben Campbell
Sent: Tuesday, April 12, 2022 3:18 PM
To: Chris Wendt <chris-ietf@chriswendt.net>
Cc: IETF STIR Mail List <stir@ietf.org>; SIPCORE <sipcore@ietf.org>; Henning Schulzrinne <hgs@cs.columbia.edu>
Subject: Re: [stir] [sipcore] draft-ietf-sipcore-callinfo-04 (call-reason)

[External]

(as individual)

(as individual)

Apologies for coming to this thread late.

I agree we should keep the crn claim for "rcd" passports at this point. I also understand there to be some implementations that either use it or plan to use it..

I don't have a strong opinion on the Callinfo param vs Subject question, as long as we have a consistent mapping. I guess there is the question of whether SBCs will mess with either, but I don't know if that is more likely for one or the other.

Thanks!

Ben.


On Mar 20, 2022, at 10:47 AM, Chris Wendt <chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net>> wrote:

Hi Henning,

Just to focus on call-reason for passport-rcd at the moment, we do have that, it is an independent claim "crn" explicitly separate from the "rcd" claim. It is defined in same passport-rcd document, but that doesn't change how it's defined or used. I think one hopefully simple fix is to maybe reference Subject as a mapping for this claim and maybe point to callinfo-rcd in a more generic way that we can further discuss subject vs callinfo in the sipcore draft as we move that forward.  As i understand it, most implementations are focused on passport-rcd at the moment, so i don't want to hold that up if possible.

To everyone,

It would be great to get further input on this whether anyone has strong feelings about using Subject vs callinfo parameter call-reason.  I have the sense that there isn't yet much implementation if any at all (of callinfo/call-reason, i believe there is implementation of passport-rcd "crn"), and there won't strong feeling one way or the other, but if anyone does have strong feelings please speak up.

-Chris


On Mar 19, 2022, at 3:25 PM, Henning Schulzrinne <hgs@cs.columbia.edu<mailto:hgs@cs.columbia.edu>> wrote:

Hi Chris,

tl;dr: My suggestions are: (1) leave call purpose out of draft-ietf-stir-passport-rcd; (2) drop call-purpose from draft-ietf-sipcore-call-info-rcd; (3) consider a new JWT claim "subject" [or whatever] that encapsulates the signed call purpose in the future.

More details inline below.

On Fri, Mar 18, 2022 at 5:17 PM Chris Wendt <chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net>> wrote:
Hi Henning,

I understand what you are saying.  I do however think there is reasons to protect call-reason/Subject of call.  I think these situations are mostly in the context of delegation to perhaps a call center, where you have authorized them to represent your company in particular ways, including not only your identity, but for different context of calls that you have authorized them to represent you.  We all know there is some call centers that use call identities with good reputation for customers that may exploit that reputation for other customers.  I would look at this as similar situation.

I think we generally agree - your example of a call center is probably, in my view, the most likely case where some indication of call purpose will be used, probably with explicit arrangement with the carrier. This may well turn out to be similar to the current model for SMS, where (in the US and some other countries) you'll have to register your "campaign" with the carrier or designated third party. This may even take the notion of a template ("This call is about your recent order from {date}") that can be auto-enforced. It's clear that carriers seem quite concerned about their individual customers messaging, in volume, to their subscribers, given the abuse.


There is also potential for future of Subject/call-reason to be more than just a text string.

I suspect that's best handled separately, once we have a clearer use case. I don't think we can just stick this into call-reason without all kinds of backwards-compatibility issues.


I'm struggling a bit on your point that we should sign some data but not other data because it is less likely to be manipulated.  Is that the bar we should be striving for here? Seems to conflict with my understanding of some of the goals.

Maybe this indicates that we should be clearer on the goals. My take on the value of STIR "classic" (for TNs) is that the main purpose of signing is to make it clear who is responsible for the information provided - thus, the whole discussion of A/B/C attestation. Indeed, the experience seems to indicate that C-level attestation is actually a signal for a robocall, i.e,. C-level calls are *more* likely to be robocalls than unsigned calls. A/B/C obviously have the same cryptographic strength and all prevent modification by third parties.

I don't think that carrier manipulation of the caller information (except in various normalization ways) has ever been a major problem - it's originator (OSP or end user) spoofing. This is rather different than the typical threat model where the originator worries about evil Mallory changing their data, e.g., by redirecting a money transfer to them.

But for call-purpose, this is less relevant - this is clearly (mostly) useful if inserted by the originating caller, and unlike for A-level attestation, the carrier can't really validate that the message is truthful. How would it know that "You have won a cruise!" in the call-purpose/Subject was correct or a scam? Indeed, as mentioned, if I were a carrier, I'd never want to attest to that purpose, as somebody could reasonably claim that the carrier should have known that the recipients hadn't won anything.

This is the main reason that I think this should be a separate claim - if anybody should sign/attest this, it's the enterprise call center and only that call center.


Why not have the framework that we can do that.  You are free to protect or not protect data depending on your own policy.

Nothing wrong as such. My argument is that RCD and call-purpose/Subject are very different, so they shouldn't be in the *same* framework. If we need Subject/call-purpose, they should be in separate claims, for the operational reasons mentioned.


I guess i want to be sure whether you are reacting to us not using Subject vs call-info as a common container for "rich call data" related info or that we have both call-info and 'rcd' as a container for Rich Call Data more generally?  I think there is many reasons why we landed there, we can re-hash that in the context of call-info vs subject.  I would be less excited about re-hashing it for passport/rcd.

For the reasons above, I think this is a bad idea for both cases, in my view. It's worse for Call-Info, because of the duplication of existing functionality.

To use an analogy: The RCD is mostly like a business card. We don't typically write our contracts and messages on business cards - we might staple our business card to a note.

My constructive suggestion is to create a separate claim if needed. (My understanding is that rcd-14 does not contain the call purpose, so this is the current state.)


I do believe both of these frameworks need to be extensible, i don't think we are finished.  We can define more passport extensions, but at the same time, do we want to redefine "rcd" and "rcdi" for new passport extensions?

No, we should create, in my view, a separate document that focuses on signing the call purpose, expressed either as Subject (as the compact form) or an explicit JWT claim, such as "subject".


-Chris



_______________________________________________
sipcore mailing list
sipcore@ietf.org<mailto:sipcore@ietf.org>
https://www.ietf.org/mailman/listinfo/sipcore<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsipcore&data=04%7C01%7Cpierce.gorman%40t-mobile.com%7C8f7f691977104a02c56e08da1cc1a356%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637853915250872762%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=7vp%2Fn9jfcrDCenYXJ6w9ePzAHCGBriNtxv4MqYlrAAM%3D&reserved=0>

v2.23.0 | Report a Bug | By Email