Re: [stir] stir-06: retaining credentials
"Peterson, Jon" <jon.peterson@neustar.biz> Tue, 15 December 2015 17:52 UTC
Return-Path: <jon.peterson@neustar.biz>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CCF81A910A for <stir@ietfa.amsl.com>; Tue, 15 Dec 2015 09:52:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.267
X-Spam-Level:
X-Spam-Status: No, score=-102.267 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8MDt69BWx64Y for <stir@ietfa.amsl.com>; Tue, 15 Dec 2015 09:52:16 -0800 (PST)
Received: from mx0b-0018ba01.pphosted.com (mx0a-0018ba01.pphosted.com [67.231.149.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 924171A8BB6 for <stir@ietf.org>; Tue, 15 Dec 2015 09:52:16 -0800 (PST)
Received: from pps.filterd (m0078664.ppops.net [127.0.0.1]) by mx0a-0018ba01.pphosted.com (8.15.0.59/8.15.0.59) with SMTP id tBFHpRZc007571; Tue, 15 Dec 2015 12:52:16 -0500
Received: from stntexhc12.cis.neustar.com ([156.154.17.216]) by mx0a-0018ba01.pphosted.com with ESMTP id 1yrqn7p919-1 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Tue, 15 Dec 2015 12:52:16 -0500
Received: from STNTEXMB10.cis.neustar.com ([169.254.5.186]) by stntexhc12.cis.neustar.com ([::1]) with mapi id 14.03.0158.001; Tue, 15 Dec 2015 12:52:15 -0500
From: "Peterson, Jon" <jon.peterson@neustar.biz>
To: Eric Burger <eburger@standardstrack.com>, "stir@ietf.org" <stir@ietf.org>
Thread-Topic: [stir] stir-06: retaining credentials
Thread-Index: AQHRM+LQUoRl/SB3hUmJbI33jgbZG57MKIgA
Date: Tue, 15 Dec 2015 17:52:14 +0000
Message-ID: <D2958F27.17575A%jon.peterson@neustar.biz>
References: <D6CB47CC-5A20-4F1E-AE72-9A805AA5D6D4@standardstrack.com>
In-Reply-To: <D6CB47CC-5A20-4F1E-AE72-9A805AA5D6D4@standardstrack.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.7.151005
x-originating-ip: [192.168.128.142]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <FE95E0C496A0564DB40A3E800433971B@neustar.biz>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2015-12-15_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 kscore.is_bulkscore=0 kscore.compositescore=1 compositescore=0.9 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 rbsscore=0.9 spamscore=0 urlsuspectscore=0.9 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1507310007 definitions=main-1512150279
Archived-At: <http://mailarchive.ietf.org/arch/msg/stir/-hlm9kb4HgP-DJF_JPtc8d0KFIk>
Subject: Re: [stir] stir-06: retaining credentials
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Dec 2015 17:52:18 -0000
It is a protocol decision in so far as caching credentials has both performance implications and implications for how we approach revocation. That much said, I am inclined to agree this text shouldn't be normative, as normative guidance for this should appear in the credentials document, not here. So I'll tweak this. Jon Peterson Neustar, Inc. On 12/10/15, 6:16 PM, "stir on behalf of Eric Burger" <stir-bounces@ietf.org on behalf of eburger@standardstrack.com> wrote: >Section 5.2 states: > Verification service implementations supporting this specification > SHOULD have some means of retaining credentials > >Is this a protocol issue or an implementation suggestion? How does this >affect anything on the wire. It is a nice implementation suggestion. As >such, I would word this as a suggestion, something like > > Verification service implementations may wish to retain credentials
- [stir] stir-06: retaining credentials Eric Burger
- Re: [stir] stir-06: retaining credentials Peterson, Jon