IETF Logo Mail Archive

Re: [stir] current draft charter - ENUM and databases

"Richard Shockey" <richard@shockey.us> Fri, 14 June 2013 22:10 UTC

Return-Path: <richard@shockey.us>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADFF521F9ABB for <stir@ietfa.amsl.com>; Fri, 14 Jun 2013 15:10:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.953
X-Spam-Level:
X-Spam-Status: No, score=-101.953 tagged_above=-999 required=5 tests=[AWL=0.312, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1dzUIZ7opwV3 for <stir@ietfa.amsl.com>; Fri, 14 Jun 2013 15:10:26 -0700 (PDT)
Received: from oproxy14-pub.unifiedlayer.com (oproxy14-pub.unifiedlayer.com [67.222.51.224]) by ietfa.amsl.com (Postfix) with SMTP id C8ACD21F9AAD for <stir@ietf.org>; Fri, 14 Jun 2013 15:10:25 -0700 (PDT)
Received: (qmail 24406 invoked by uid 0); 14 Jun 2013 22:05:07 -0000
Received: from unknown (HELO box462.bluehost.com) (74.220.219.62) by oproxy14.unifiedlayer.com with SMTP; 14 Jun 2013 22:05:07 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=shockey.us; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Date:Subject:In-Reply-To:References:Cc:To:From; bh=djil6PfACX+puolLljJqkIgZE5omriqAMQG+2UOcH7k=; b=gzBtHmJizViZXh6Z/zBv5S3sR6uevmtpE4ACmZGaTjg4XNrqsxM+nr8m6dipKuGKn/YBskQ3WXSUpHZC9T+ZazyXM0N1XEzmR72ffcTQ8CPg5ZROji55W3q8jkC9qT7h;
Received: from [72.66.111.124] (port=54075 helo=RSHOCKEYPC) by box462.bluehost.com with esmtpa (Exim 4.80) (envelope-from <richard@shockey.us>) id 1Unc7G-0003AO-Il; Fri, 14 Jun 2013 16:05:06 -0600
From: Richard Shockey <richard@shockey.us>
To: 'Henning Schulzrinne' <hgs@cs.columbia.edu>, 'Dan York' <york@isoc.org>
References: <CDDE44D8.D939%york@isoc.org> <4758E6F6-EDA5-4A11-9E94-42C97C03118E@cs.columbia.edu>
In-Reply-To: <4758E6F6-EDA5-4A11-9E94-42C97C03118E@cs.columbia.edu>
Date: Fri, 14 Jun 2013 18:05:02 -0400
Message-ID: <01cc01ce694b$391898a0$ab49c9e0$@shockey.us>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQIXky4FP44qPRG7y+/mn9A2J1JF1QIDKzFymJNO7UA=
Content-Language: en-us
X-Identified-User: {3286:box462.bluehost.com:shockeyu:shockey.us} {sentby:smtp auth 72.66.111.124 authed with richard@shockey.us}
Cc: stir@ietf.org
Subject: Re: [stir] current draft charter - ENUM and databases
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jun 2013 22:10:30 -0000

In line 

-----Original Message-----
From: stir-bounces@ietf.org [mailto:stir-bounces@ietf.org] On Behalf Of
Henning Schulzrinne
Sent: Thursday, June 13, 2013 9:13 PM
To: Dan York
Cc: stir@ietf.org
Subject: Re: [stir] current draft charter - ENUM and databases

Instead of looking at this as an ENUM-like problem, another angle is to
consider this somewhat similar to the whois issue.

Also, I suspect there would be fewer concerns if the DNS-like database
mainly referred to other databases, which can then be access-controlled as
needed, and can evolve. This model might also allow for combining the
CDS-like approach with the PKI approach for the same number, and allow for
multiple operators for both models. The DNS (or similar) public database
would only indicate which methods the number supports and redirect to the
rendezvous or PKI service. I'm not sure that qualifies as DANE-like.

[RS> ]  For what it's worth several of the designs for Carrier 6116 systems
relied specifically on this model where the tree was essentially a "thin
registry" and the E2U functions relied on NS records of one form or another
to indicate a level of redirection where the carrier of record (or whomever)
for a TN was presumed authoritative and you could also use other protocol
methodologies like HTTPS for access control.  The other model assumed the
"thick registry" where indirection was not present and it more closely
resembled a CDB model like the NPAC where the registry preformed the role of
validating the provisioning and the URI data was ultimately "pushed" into
the carrier networks or was available through other means to smaller
carriers by whatever protocol method they choose 6116,  SIP Redirect so long
as they were able to be "certified" for access as a" licensed" user etc.

I'll say it again if we deal with Telephony carriers provisioning within
OSS/BSS systems has to be taken into account.  In the US that is, I think
700 Million or so assigned TN's It would be easy for some folks to check
with the NANPA Administrator to find out how many are actually active. 

I'm not saying STIR should go down this path only that that idea has had
some serious proposals associated with it.  



My general gut feeling is that we don't guess well on how public
infrastructure evolves (or doesn't), so allowing for multiple outcomes and
abstracting it, as well as allowing for functionality that gets better over
time, might be more productive, as this allows for partial success, rather
than just "exactly as planned" or "complete failure".

Also, keeping scale in mind helps: In our case, the scale for
"number-holding service providers" is currently a few thousand, not
millions, so management solutions that don't scale to millions are
acceptable to get started. The backend process today is pretty manual
(faxes, web pages and proprietary APIs), so expectations are fairly low.
[RS> ] 
[RS> ]   +1 to that ...


Henning

On Jun 12, 2013, at 4:40 PM, Dan York wrote:

> On 6/12/13 2:22 PM, "Peterson, Jon" <jon.peterson@neustar.biz> wrote:
> 
> 
>> Agreed. Though I do think that even for the domain model, we could 
>> get some value from looking at DANE to improve the way that 
>> credentials are managed. Whether we put the keys in the DNS or just 
>> point to the approved cert by reference, we should probably have some 
>> means for the successor to
>> RFC4474 Identity-Info to tip off relying parties to DANE.
> 
> Agreed (as you would expect me to say). I've been thinking about how 
> DANE could help here, but...
> 
>> But yes, for the telephone model it seems unlikely that casting these 
>> as domain names will get us very far.
> 
> ... I think this issue will get in the way right now.  As much as I 
> would love to see this as a good example of where DANE can help, I 
> still haven't been able to wrap my brain around how we could use DNS 
> for telephone numbers without running into all the exact same issues 
> that made public ENUM non-deployable.  :-(
> 
> I agree, though, that it would be helpful to have some way for a 
> header to alert relying parties to DANE in the event that there is a way
it can work.
> 
> Dan
> 
> 

_______________________________________________
stir mailing list
stir@ietf.org
https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email