Re: [stir] WGLC: draft-ietf-stir-rfc4916-update-02
Russ Housley <housley@vigilsec.com> Thu, 20 April 2023 15:12 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14E1CC1522DB for <stir@ietfa.amsl.com>; Thu, 20 Apr 2023 08:12:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.897
X-Spam-Level:
X-Spam-Status: No, score=-6.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ll2nrcfdkMvf for <stir@ietfa.amsl.com>; Thu, 20 Apr 2023 08:12:05 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6305EC1522C8 for <stir@ietf.org>; Thu, 20 Apr 2023 08:10:55 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id 5B43214C85A for <stir@ietf.org>; Thu, 20 Apr 2023 11:10:54 -0400 (EDT)
Received: from [192.168.1.161] (unknown [96.241.2.243]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 494BD14C758 for <stir@ietf.org>; Thu, 20 Apr 2023 11:10:54 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D6FAB335-FF23-4AD0-94D4-CB4B05CA4072"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Date: Thu, 20 Apr 2023 11:10:53 -0400
References: <3B4ECB37-214D-4B60-A260-CA39D4594691@nostrum.com> <34D290DC-3C4C-499F-B7A0-7A152F91EB84@nostrum.com>
To: IETF STIR Mail List <stir@ietf.org>
In-Reply-To: <34D290DC-3C4C-499F-B7A0-7A152F91EB84@nostrum.com>
Message-Id: <CBA33521-56E0-40CB-8485-97CE37779C7B@vigilsec.com>
X-Mailer: Apple Mail (2.3445.104.21)
X-Scanned-By: mailmunge 3.11 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/4Rq9ejU1na0XY8DE-zt2jXndg4s>
Subject: Re: [stir] WGLC: draft-ietf-stir-rfc4916-update-02
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Apr 2023 15:12:10 -0000
I do not think this document is ready for the IESG yet. MAJOR: General: In many places, the document uses: "rsp" PASSporT. This is not really accurate. It is an "rsp" claim in a PASSporT. General: Likewise for "div" PASSporT. Section 4 says: [TBD - Identity in 3xx, 4xx, 6xx responses?] This needs to be filled in or removed. Section 11: This section needs to be completed. Section 12: This section needs to be completed. MINOR: Section 1 says: The property of providing identity in the backwards direction of a call is here called "connected identity." I think it would be more clear to avoid the direction, and say: The property of providing identity of the called party to the calling party is called "connected identity." The next few sentences properly introduce direction, which is needed in the rest of the document. Can Section 5 be structured to avoid having a single subsection? Section 7 says: Users will not always place calls where the connected identity is crucial, but when they do, they should have a way to tell their devices that the call should not be completed if it arrives at an unexpected or insecure party. Can we replace "insecure" with "unidentified" or "unauthenticated"? Can Section 8 be structured to avoid having a single subsection? NITS: Section 1: s/initiated by a SIP/initiated by SIP/ Section 1: s/request, for various backwards-compatibility reasons/request/ Section 1: s/would not be signable/could not be properly signed/ Section 1: s/any work towards multiparty/multiparty/ Section 3: s/be unceremoniously dumped/be dumped/ Section 3: s/a local flat file/a local configuration file/ Section 4: s/In sunny-day uses cases/In straightforward call setup/ Section 5: s/Many of the use cases that motivate connected identity are not sunny-day cases, but instead involve retargeting/Use cases involve authorized retargeting motivate connected identity/ > From: Ben Campbell <ben@nostrum.com> > Subject: WGLC: draft-ietf-stir-rfc4916-update-02 > Date: April 13, 2023 at 2:15:15 PM CDT > To: IETF STIR Mail List <stir@ietf.org> > Cc: STIR Chairs <stir-chairs@ietf.org>, draft-ietf-stir-rfc4916-update.authors@ietf.org > > [Oops, I messed up the authors’ alias. Apologies for the repeat.] > > Hi, > > This is a Working Group Last Call for draft-ietf-stir-rfc4916-update-02 [1]. Please send feedback to the list and the authors by 28 April, 2023. > > If you have read the document and think it is ready to go, please say so. > > Thanks! > > Ben. > > > > [1] https://datatracker.ietf.org/doc/draft-ietf-stir-rfc4916-update/ <https://datatracker.ietf.org/doc/draft-ietf-stir-rfc4916-update/>
- [stir] WGLC: draft-ietf-stir-rfc4916-update-02 Ben Campbell
- Re: [stir] WGLC: draft-ietf-stir-rfc4916-update-02 Russ Housley
- Re: [stir] WGLC: draft-ietf-stir-rfc4916-update-02 Peterson, Jon