Re: [stir] Stephen Farrell's Discuss on draft-ietf-stir-certificates-11: (with DISCUSS and COMMENT)

Richard Shockey <> Fri, 04 November 2016 01:01 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7C437129580 for <>; Thu, 3 Nov 2016 18:01:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (768-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wa7SBN9K9rwD for <>; Thu, 3 Nov 2016 18:01:26 -0700 (PDT)
Received: from ( []) by (Postfix) with SMTP id 78A1712949C for <>; Thu, 3 Nov 2016 18:01:26 -0700 (PDT)
Received: (qmail 15273 invoked by uid 0); 4 Nov 2016 01:01:25 -0000
Received: from unknown (HELO cmgw3) ( by with SMTP; 4 Nov 2016 01:01:25 -0000
Received: from ([]) by cmgw3 with id 3cwM1u00L1MNPNq01cwQ9s; Thu, 03 Nov 2016 18:56:25 -0600
X-Authority-Analysis: v=2.1 cv=WL/sABcR c=1 sm=1 tr=0 a=jTEj1adHphCQ5SwrTAOQMg==:117 a=jTEj1adHphCQ5SwrTAOQMg==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=1oJP67jkp3AA:10 a=L24OOQBejmoA:10 a=ZZnuYtJkoWoA:10 a=M0OflfRGAAAA:8 a=48vgC7mUAAAA:8 a=HeG67adPAAAA:8 a=ll-iCDY8AAAA:8 a=pGLkceISAAAA:8 a=doUQZJtgAAAA:8 a=k7Ga1wGzAAAA:8 a=Y8WS0Dqd-joiclyuZ0IA:9 a=_H_0JMSbxK27V9Sm:21 a=lGuHAMhCZulIIxtu:21 a=QEXdDO2ut3YA:10 a=ivbTfD_dPm4A:10 a=6yl0mh0s51TKORVA8GqK:22 a=w1C3t2QeGrPiZgrLijVG:22 a=jlXKPczUY4Vio7-9iMRd:22 a=VpyrLIdO_Ztbr3SWPBuH:22 a=6kGIvZw6iX1k4Y-7sg4_:22 a=d0-0EwFVFT64L02gzcZV:22 a=ijMaxGghyylP-n2pFjDB:22
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;; s=default; h=Content-transfer-encoding:Content-type:Mime-version:In-Reply-To :References:Message-ID:CC:To:From:Subject:Date; bh=1yR7/gik8lqGgR3IhzUQhAartmg+5BVzco287XE/Pmk=; b=L+63m2rieN5K/LNW8w8+gGsECC jBZTM0W7P0HsKpFS0MI1KHYfo8aqryp0aH3sOoJgS+jOZNSh44SJ9va7m1pnGFIQCKdfMz+YUKXXl 04Fi+7HcWzTEAuX2q89q9BX6p;
Received: from ([]:53205 helo=[]) by with esmtpa (Exim 4.86_1) (envelope-from <>) id 1c2Snt-0001ww-6O; Thu, 03 Nov 2016 18:56:21 -0600
User-Agent: Microsoft-MacOutlook/f.1b.0.161010
Date: Thu, 03 Nov 2016 20:56:18 -0400
From: Richard Shockey <>
To:, The IESG <>
Message-ID: <>
Thread-Topic: [stir] Stephen Farrell's Discuss on draft-ietf-stir-certificates-11: (with DISCUSS and COMMENT)
References: <> <>
In-Reply-To: <>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-BWhitelist: no
X-Exim-ID: 1c2Snt-0001ww-6O
X-Source-Sender: ([]) []:53205
X-Email-Count: 3
X-Source-Cap: c2hvY2tleXU7c2hvY2tleXU7Ym94NDYyLmJsdWVob3N0LmNvbQ==
Archived-At: <>
Cc: "" <>, Robert Sparks <>, "" <>, "" <>, Stephen Farrell <>
Subject: Re: [stir] Stephen Farrell's Discuss on draft-ietf-stir-certificates-11: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 04 Nov 2016 01:01:28 -0000

Fair point ..

We are working pretty hard to open up this process. These things take time negotiation lawyers etc.  

The SHAKEN Documents are here.  On a forward basis it’s the joint SIP Forum’s and ATIS plan to open up the process to as wide an audience as possible. More importantly the US telecom associations US Telecom and CTIA are opening up their process to all participants look at some of the other issues defined in the strike force report including the all-important track and trace issues.  We have to identify the networks that are injecting the malicious traffic into the network.  Looking at the existing CDR’s is just useless. 

If the IETF and the IESG can deliver this first phase of the protocols, then 3GPP and now DISPATCH can to their thing. The good news is STIR, at this stage will have wide adoption. It’s a fine set of tools.

In case you hadn’t seen.

BTW IMHO these should be kept in DISPATCH and AD sponsored.  I will not support a new WG here. We have enough of those as it is. 

As you probably heard in Paris there is substantial interest in STIR/SHAKEN from multiple national jurisdictions and I will specifically be addressing some of those issues in the UK next week.

In our defense the ATIS SIP Forum NNI TF has been looking at this for some time.  The strike force was under a very very short time line.   The strike force to the FCC enforced a non-disclosure agreement on this first phase of the work to outline what was possible and provide a roadmap to solutions.  You can argue one way or another on whether that was a good idea but in retrospect I could live with it and I was NOT a signatory to the NDA.  Lets try and keep a cooperative effort going.

Richard Shockey

Shockey Consulting LLC

Chairman of the Board SIP Forum


Skype-Linkedin-Facebook rshockey101

PSTN +1 703-593-2683


On 11/3/16, 4:34 PM, "Dave Crocker" <> wrote:

    On 11/3/2016 1:08 PM, Richard Shockey wrote:
    > The basics of SHAKEN was reported to the FCC by the Industry robocall strikeforce.
    Basics.  Yes.  However...
    Small point:
          The Shaken activities are by a relatively small, closed group, 
    with results that are private, with no public access to the details and 
    no ability to contribute.  Were Shaken merely an effort to provide some 
    straightforward operational parameters, that might be fine.
          But getting STIR to be an functional service requires rather more 
    than just agreeing to some parameters.
          So the public IETF STIR work is inadequate for creating a useful 
    service, without the private, details specification work of Shaken.
    ps.  From a session at M3AAWG in Paris last week, I was promised that 
    the Shaken specs would be made public.  I look forward to that.
       Dave Crocker
       Brandenburg InternetWorking