[stir] review draft-ietf-stir-rfc4474bis-14
Jim Schaad <ietf@augustcellars.com> Fri, 28 October 2016 16:08 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B64B12954D; Fri, 28 Oct 2016 09:08:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.332
X-Spam-Level:
X-Spam-Status: No, score=-2.332 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.431, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U5kwxPkpUUN3; Fri, 28 Oct 2016 09:08:09 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D00512944A; Fri, 28 Oct 2016 09:08:09 -0700 (PDT)
Received: from hebrews (24.21.96.37) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Fri, 28 Oct 2016 09:24:14 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: draft-ietf-stir-rfc4474bis@ietf.org
Date: Fri, 28 Oct 2016 09:07:58 -0700
Message-ID: <01c301d23135$769464b0$63bd2e10$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdIwxjSmqsJMuGIpTVuD67Di5VZudA==
Content-Language: en-us
X-Originating-IP: [24.21.96.37]
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/4teA336slCxEC-D0NZlLO0KRRmU>
Cc: stir@ietf.org
Subject: [stir] review draft-ietf-stir-rfc4474bis-14
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Oct 2016 16:08:11 -0000
Section 3 - I am not sure that it is correct to say the following "an authentication service constructs tokens based on the PASSporT [I-D.ietf-stir-passport] format, a JSON [RFC7159] object" PASSporT is not producing a JSON object. More correct would be to say "an authentication service using PASSporT tokens, a value that uses JSON objects with values derived from ..." Section 4.1 - You have managed to miss a step in the procedure for "orig". Unless things are changed there is no way to populate a "tn" claim in an array, a JSON object is required as well. Section 4.1 - I believe that the procedures for doing "iat" are incorrect as this is a number not a quoted value. Section 4.1 - If the authentication service uses its own clock time, are there any requirements that either a compressed PASSporT not be used or the SIP date header be updated? Section 6.2.3 - This section leaves me unclear about what comparisons of the values in the passport are required to be compared against the values in the SIP header. It appears that checking the telephone numbers is only a MAY. Do the fields in the PASSporT become authoritive and you ignore the header fields? Jim
- [stir] review draft-ietf-stir-rfc4474bis-14 Jim Schaad