IETF Logo Mail Archive

Re: [stir] current draft charter

"Richard Shockey" <richard@shockey.us> Mon, 17 June 2013 16:46 UTC

Return-Path: <richard@shockey.us>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B256F21F9BF3 for <stir@ietfa.amsl.com>; Mon, 17 Jun 2013 09:46:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.992
X-Spam-Level:
X-Spam-Status: No, score=-101.992 tagged_above=-999 required=5 tests=[AWL=0.273, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a2sLm-qFfd3i for <stir@ietfa.amsl.com>; Mon, 17 Jun 2013 09:45:58 -0700 (PDT)
Received: from oproxy6-pub.bluehost.com (oproxy6-pub.bluehost.com [67.222.54.6]) by ietfa.amsl.com (Postfix) with SMTP id C40B221F9BCD for <stir@ietf.org>; Mon, 17 Jun 2013 09:45:57 -0700 (PDT)
Received: (qmail 30001 invoked by uid 0); 17 Jun 2013 16:45:21 -0000
Received: from unknown (HELO box462.bluehost.com) (74.220.219.62) by oproxy6.bluehost.com with SMTP; 17 Jun 2013 16:45:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=shockey.us; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Date:Subject:In-Reply-To:References:To:From; bh=T87t4p3IC6s4FyQNLBDApnM+Ygj9+VtOP/LL7VMCSp4=; b=GDfP2ZM4epMcxhdOaHDNbyXXbaQ9ko14FVn3g66wehUsFQYGx1E/SG0SOgec1o0H9mn71WBNRT5X8Q7yey/RK9GtoOoZLTmyeQiXZJAOHkRjDQlAHqA85QnLAMIjV86Y;
Received: from [72.66.111.124] (port=52736 helo=RSHOCKEYPC) by box462.bluehost.com with esmtpa (Exim 4.80) (envelope-from <richard@shockey.us>) id 1UocYS-0001pq-Lv; Mon, 17 Jun 2013 10:45:21 -0600
From: Richard Shockey <richard@shockey.us>
To: 'Michael Hammer' <michael.hammer@yaanatech.com>, stir@ietf.org
References: <CDE38BC3.20F76%jon.peterson@neustar.biz> <6BAABF96-8892-4C50-BB30-5F1FC05BDFD8@oracle.com> <F5C27090-FF39-4FBC-BC7E-F2ACFA5A4E6F@cs.columbia.edu> <00C069FD01E0324C9FFCADF539701DB3A03DD0D4@ex2k10mb2.corp.yaanatech.com>
In-Reply-To: <00C069FD01E0324C9FFCADF539701DB3A03DD0D4@ex2k10mb2.corp.yaanatech.com>
Date: Mon, 17 Jun 2013 12:45:19 -0400
Message-ID: <013f01ce6b7a$0e555aa0$2b000fe0$@shockey.us>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQIeS+24DslSvLnJ8MI5p8Gz+jn+agINK/5mAay8OkgCxR4wsZhmYbTA
Content-Language: en-us
X-Identified-User: {3286:box462.bluehost.com:shockeyu:shockey.us} {sentby:smtp auth 72.66.111.124 authed with richard@shockey.us}
Subject: Re: [stir] current draft charter
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jun 2013 16:46:02 -0000

-----Original Message-----
From: stir-bounces@ietf.org [mailto:stir-bounces@ietf.org] On Behalf Of
Michael Hammer
Sent: Monday, June 17, 2013 12:04 PM
To: hgs@cs.columbia.edu; hadriel.kaplan@oracle.com
Cc: stir@ietf.org; dcrocker@bbiw.net; jon.peterson@neustar.biz
Subject: Re: [stir] current draft charter

All,

I am following the thread and trying to grasp the heart of the matter.

First point:  This is about E.164 number delegation and proof of ownership.

So, I find much of the discussion that seems to rely on DNS structure or
Domain name structuring to be a distraction.
How you prove proof of ownership of a domain is a separate, albeit twin
problem.
But, I think that is out of scope.  I do not believe the answer here is to
ask my evil twin if he owns the E.164.

Second point:  The delegation of E.164 numbers down the tree inextricable
defines who owns the number, so any collection of certs into an
authoritative repository MUST follow the same path back up, or you lose
sight of that ownership.
E.164 is already the hierarchy, so no second hierarchy is needed.
The recipient of a number block or an individual number may need to receive
the private key, else the carrier signs and inserts the signature on the
path out from that user.
(Note, still need to determine how many bytes constitute the signature such
that it fits into an existing SS7 parameter.
Perhaps the answer is to include an indicator in SS7 that the gateway to SIP
must perform the signature outbound.
But, that may limit this to a single hop, else need to trust follow-on SS7
networks to sign properly, but that may be acceptable.)

Third point:  The called party needs to unequivocally know how to validate
an assertion and who to go to for the inputs to perform that validation.
The how should be defined by the RFC, but the who ultimately depends on the
root of each E.164 country code (see point 2).
If the DNS is involved, I think that there is an IAB draft/RFC that says the
DNS should not be used for all things.

[RS> ]  I was waiting for that little subject to come up. :-)   Personally I
detest this draft since it was clearly designed as an anti 6116 statement.
Ive never liked it and personally I hope it is never published. 

Title           : Architectural Considerations on Application Features in
the DNS
	Author(s)       : Jon Peterson
                          Olaf Kolkman
                          Hannes Tschofenig
                          Bernard Aboba
	Filename        : draft-iab-dns-applications-07.txt
	Pages           : 37
	Date            : 2013-02-25

Abstract:
   A number of Internet applications rely on the Domain Name System
   (DNS) to support their operations.  Many applications use the DNS to
   locate services for a domain; some for example transform identifiers
   other than domain names into formats that the DNS can process, and
   then fetch application data or service location data from the DNS.
   Proposals incorporating sophisticated application behavior using DNS
   as a substrate have raised questions about the role of the DNS as an
   application platform.  This document explores the architectural
   consequences of using the DNS to implement certain application
   features, and provides guidance to future application designers as to
   the limitations of the DNS as a substrate and the situations in which
   alternative designs should be considered.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-iab-dns-applications

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-iab-dns-applications-07

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-iab-dns-applications-07



So, it is likely that the called party search would start with a well-known
URI to the CC authority, communication to which could be secure, who could
then point to one or more authoritative services, depending on how the
out-sourcing is done, who have the official cert associated with the
official delegation of E.164 number blocks or numbers.

This seems to be a parallel to the number portability databases, except that
one is now looking for a cert rather than a route to the serving carrier.
I am not suggesting that the NP databases be used, as this could be
orthogonal to that.

Doing a search based on using the E.164 as an index should not be an issue,
since in many cases a 10k block of numbers may point to a single cert.


RS> I wish to point out that reliance on 10K block delegations in most cases
is essentially a nonstarter for endless reasons in the US and is irrelevant
in other national jurisdictions.  



In those cases where portability occurs and single numbers have a different
cert, the database could have an indicator of which 10k blocks require full
E.164 search to be performed. 
(For international, blocks are defined by how many leading digits are used.)

Fourth point:  Lastly, so the called party has all the elements from the
signaling with which to validate the signature, the RFC needs to specify
what elements are prohibited from changing end-to-end.
Given that some of the existing parameters do change in current systems, I
don't know how you get around doing one of the following:
- define new header that contains complete signature package that is added
by whomever does the signing.
- re-define existing headers to add the signature and restrict any
intermediary from modifying those values.
Seeing that the existing already have usage baggage, the first option seems
more likely to succeed.

Also, need to ensure that the SS7 network can carry elements E2E without
changes.
SS7 terminations may have to rely on the SIP-to-SS7 GW to perform
validation.
SIP terminations may have to rely on the SS7-to-SIP GW to generate
signatures.
SIP-SS7-SIP would be an issue given the "no change SS7" limitation.

Did I miss any requirements or constraints here?

Mike


-----Original Message-----
From: stir-bounces@ietf.org [mailto:stir-bounces@ietf.org] On Behalf Of
Henning Schulzrinne
Sent: Monday, June 17, 2013 8:14 AM
To: Hadriel Kaplan
Cc: stir@ietf.org; dcrocker@bbiw.net; Peterson, Jon
Subject: Re: [stir] current draft charter

I wouldn't be surprised if the large carriers cache all certs locally. For
+1, I'd suggest that's less than a TB, i.e., a single disk, even if 
+every
number has their own cert, rather than number ranges. They would then
subscribe to a notification service for any porting-related changes, given
that such changes affect a very small fraction of the numbers (quarterly
churn of mobile carriers is about 1-2%). This can all be done within the
carrier network, i.e., without affecting the external public data interface.

On Jun 17, 2013, at 2:18 AM, Hadriel Kaplan wrote:

> 
> On Jun 16, 2013, at 7:27 PM, "Peterson, Jon" 
> <jon.peterson@neustar.biz>
wrote:
> 
>> The exact amount of tolerable delay is a very interesting dimension 
>> of this problem space. I suspect we have a considerable amount of 
>> time, given all the human expectations about both post-dial delay and 
>> the wait for someone to pick up after altering. I think it's enough 
>> time to perform some non-trivial operations.
> 
> I've been thinking about that and I'm not sure we actually have much time.
I've been looking at what the CNAM guys are doing, and at least one them
(used in a large mobile provider) goes so far as to sometimes skip it on the
INVITE and send their CNAM info in an UPDATE or INFO afterwards due to the
delay.  I.e., they have us queue the INVITE while they retrieve the CNAM
info for the given caller-id, but if they take too long then we send the
INVITE and send their results separately afterwards in another message.
Another operator that uses private ENUM for CNAM querying also sets very low
timeouts on the query, and just don't provide a calling name if it times out
(ie., the INVITE gets sent on without it, and nothing updates it later).
> 
> Also, Brian at one point mentioned transit providers possibly doing 
> the verification check as well, and that might be difficult if it 
> takes non-trivial time I think, because one of the SLA measurements 
> they get ranked on is how fast they route their calls onward.
> (Besides which they're never involved this type of stuff so I'd doubt 
> they'd start now anyway.)
> 
> Anecdotally, I find that intra-nation calls get to ringing stage much
faster than international calls, so people are probably ok with
international caller-id verification taking longer.
> 
> -hadriel
> 
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir
> 

_______________________________________________
stir mailing list
stir@ietf.org
https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email