Re: [stir] stir input drafts
Hadriel Kaplan <hadriel.kaplan@oracle.com> Thu, 13 June 2013 05:29 UTC
Return-Path: <hadriel.kaplan@oracle.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3537E21F99DE for <stir@ietfa.amsl.com>; Wed, 12 Jun 2013 22:29:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.566
X-Spam-Level:
X-Spam-Status: No, score=-6.566 tagged_above=-999 required=5 tests=[AWL=0.032, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KGUF76RKxPuU for <stir@ietfa.amsl.com>; Wed, 12 Jun 2013 22:29:12 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id CE34521F99CF for <stir@ietf.org>; Wed, 12 Jun 2013 22:29:12 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r5D5TBjq006119 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 13 Jun 2013 05:29:12 GMT
Received: from aserz7022.oracle.com (aserz7022.oracle.com [141.146.126.231]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r5D5TABS007766 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 13 Jun 2013 05:29:10 GMT
Received: from abhmt104.oracle.com (abhmt104.oracle.com [141.146.116.56]) by aserz7022.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r5D5TAHQ027869; Thu, 13 Jun 2013 05:29:10 GMT
Received: from dhcp-amer-vpn-adc-anyconnect-10-154-151-252.vpn.oracle.com (/10.154.151.252) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 12 Jun 2013 22:29:09 -0700
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Hadriel Kaplan <hadriel.kaplan@oracle.com>
In-Reply-To: <CDDD2831.1F09A%jon.peterson@neustar.biz>
Date: Thu, 13 Jun 2013 01:29:09 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <633497AC-D5D5-4AC6-BC4E-9AE5122F8BA1@oracle.com>
References: <CDDD2831.1F09A%jon.peterson@neustar.biz>
To: "Peterson, Jon" <jon.peterson@neustar.biz>
X-Mailer: Apple Mail (2.1508)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Cc: "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] stir input drafts
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2013 05:29:18 -0000
On Jun 11, 2013, at 10:17 PM, "Peterson, Jon" <jon.peterson@neustar.biz> wrote: > However, based on all of our prior discussions we knew that there were use > cases where no amount of refining RFC4474 was going to help. Pretty much > any use case that transited a PSTN gateway necessarily would need > something different. We therefore started sketching out some strawmen for > how we could attack that part of the problem by creating an out-of-band > connection of some kind, without resorting the DHT of ViPR. EKR came up > with a model for this that had less security problems than what I was > thinking of, which is documented here: > https://github.com/ekr/ietf-drafts/blob/master/draft-rescorla-callerid-fall > back.txt One nice thing about the Call Detail Service idea is the Call Detail database already exists, for US-based calls. It's at something like: calls.prism.nsa.gov Unfortunately they probably won't let us access it for caller-id verification. But on a more serious note, I mentioned this at the meeting in DC but I'll repeat it for posterity: the really useful property of a CDS model, or potentially other models that don't rely on the signaling to carry anything, is that once a calling party opts-in to the idea, they prevent anyone else from spoofing them so long as the called party verifies. By that I mean you can know when a received call's caller-id *must* be verifiable, and thus be able to reject it if it's not. For example the instant Fidelity joins such a model for their outbound calls, no one else can spoof their numbers, because no matter how their call got to you, as soon as you check the CDS you'll know if it's legit or being spoofed. As opposed to any in-band method (4474, p-asserter signing, etc.), where you can only know a caller-id is valid if and only if the received signaling has whatever new headers we define. So when you receive a call claiming to be from Fidelity, but it has no such headers, you don't know if it doesn't have the headers because the call is fraudulent, or just Fidelity isn't doing this new thing yet, or just the call came through some PRI circuit in the middle somewhere. So it's very useful for overcoming the typical early adoption problem. If we use an in-band method with a DNSSEC/DANE-type model, regardless of whether we get the new headers or not we can get the property of knowing whether Fidelity is doing this new thing or not yet; but we still don't know if the headers just got lost in translation. (huh, there's a triple pun there for old bell-heads) -hadriel
- [stir] stir input drafts Peterson, Jon
- Re: [stir] stir input drafts Hadriel Kaplan