Re: [stir] Proposal for update of erratum #6519

"Peterson, Jon" <jon.peterson@team.neustar> Tue, 20 April 2021 14:46 UTC

Return-Path: <prvs=7744d1f2de=jon.peterson@team.neustar>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BF313A2694 for <stir@ietfa.amsl.com>; Tue, 20 Apr 2021 07:46:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=team.neustar header.b=ZBAxK2td; dkim=pass (1024-bit key) header.d=neustar.onmicrosoft.com header.b=U7+umD7C
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0nYeVBCtGYX7 for <stir@ietfa.amsl.com>; Tue, 20 Apr 2021 07:46:37 -0700 (PDT)
Received: from mx0b-0018ba01.pphosted.com (mx0a-0018ba01.pphosted.com [67.231.149.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C5283A269B for <stir@ietf.org>; Tue, 20 Apr 2021 07:46:37 -0700 (PDT)
Received: from pps.filterd (m0078666.ppops.net [127.0.0.1]) by mx0a-0018ba01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 13KEkVFu016657; Tue, 20 Apr 2021 10:46:33 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=team.neustar; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=team-neustar; bh=LVFkHiGFfbiJcozYZ2FNxhIt1hEob/4zGsLgo04t3rA=; b=ZBAxK2tdNQZhad7vzMIqdraRnW6PQyXuVBbG+OrpC+HyIpH5HwBEYullQlvfiaU2ZTLO i/zhCTeKxF2j5VNGEAxNnNeQKhinDwthLgv176STn7uZDt84lGRjAJPbMXFKpSB4S38m DfyEnQibMBk7JwJZVvhMnvyjXQiXvbbZ8UQ76fIFuDnFef5BG1XiS3oPWmgpRFbpJTpw qVjeNQ0bd5t01+DsFlV3cn7FnL6mj0nvlDgb93i2jWEPQGsnt60/iv1OV4kvja+M1UJv d+ohA35aawN0QtPCa4GsnXcCuBy1wRbU3ssiLlru5ZAsDhW4OKbguU1hctoALls1LIo4 TQ==
Received: from nam12-dm6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2175.outbound.protection.outlook.com [104.47.59.175]) by mx0a-0018ba01.pphosted.com with ESMTP id 381pjv11kp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 20 Apr 2021 10:46:32 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i5+R/TLO2zvblRv+TRdDe5IVdEeRr8M4Jcq4HrUiGsp7DtVPxfjSuR53y5SSmZyvfgtKYgXq7uYqFRqHJt0NSZKcW8VEYncE7AdafkYjzrmUAibcfKKiZPCjwIW+G8DdpSUtC0VU5I2l5blRssmF8GcWqUaYs6W8f9YgK8APIu33ojMzeW41MobZRZZ5KJJiYPLvr7CF7MsQ0V/MgRprjBUxK6WtDBPimiMg0R5VXAkn3vYDflmoSw3dpMwuaOm/32bym6oYSWzeCin6L85Uhtf9LKFch6zB1B7k+65y5dOgeBJ7tE/1re3+k2vY4xai2OeFf1Pn3UeIbywvyt+nQg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LVFkHiGFfbiJcozYZ2FNxhIt1hEob/4zGsLgo04t3rA=; b=bScHQeKVR3h9U1kjFgp26c9+HmzytIngS8Y9aKcR9BkWcZ8YFsZJfV9g7F+4ko7R/cC1r6hSrLAiTL+0zy7Cp8kFcv0TzmkjJ+TO6g2fvYq2xUaCi3r0e+Lt5TtwcxgvtoluuIPK23nmzfIphw2URI8+h1ieWXjcBZyDlj2qU3CgnEyHjkJ/vKC9qmPn5lz61oYXVKliC2hRFwlLA3xJdSsL5W2kUCMhm7aF3JgGfg6yIkBvF69BT+1JLS3jYp/pkbqM1Ib8fKhTCD8lugeJwkqmJsYSlrlTOdctRtsCGG72Q1hwqHytawo4O62VldAogY2AWuepK2hUQiz+0IX6nQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=team.neustar; dmarc=pass action=none header.from=team.neustar; dkim=pass header.d=team.neustar; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neustar.onmicrosoft.com; s=selector1-neustar-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LVFkHiGFfbiJcozYZ2FNxhIt1hEob/4zGsLgo04t3rA=; b=U7+umD7CWDQZ1OJeHphe7QarEglvl1Ju39xltCTh4bBfh2taQTKawWRK9mepyeKuptLxmZTZ+GhXQrWCelJ4HzgGDAChLjRQeA5rwupO4xbned71dEJQb/vmn3pkxUwz1+bbqrRG6G8A0daLRDF8rHxKiOJah8aKX0zJCZsJ9fA=
Received: from BY5PR17MB3569.namprd17.prod.outlook.com (2603:10b6:a03:1b9::20) by BY5PR17MB3827.namprd17.prod.outlook.com (2603:10b6:a03:23f::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4042.16; Tue, 20 Apr 2021 14:46:25 +0000
Received: from BY5PR17MB3569.namprd17.prod.outlook.com ([fe80::fd51:22ce:499d:3ae4]) by BY5PR17MB3569.namprd17.prod.outlook.com ([fe80::fd51:22ce:499d:3ae4%3]) with mapi id 15.20.4042.024; Tue, 20 Apr 2021 14:46:25 +0000
From: "Peterson, Jon" <jon.peterson@team.neustar>
To: Roman Shpount <roman@telurix.com>, Marc Petit-Huguenin <marc@petit-huguenin.org>
CC: IETF STIR Mail List <stir@ietf.org>, Russ Housley <housley@vigilsec.com>, Christer Holmberg <christer.holmberg@ericsson.com>
Thread-Topic: [stir] Proposal for update of erratum #6519
Thread-Index: AQHXNGtH973RDOeJ+U2ZYUH0GO8mK6q8DuYAgAAaegCAAAOBgIAADd+AgAAs2wCAAB63AIAAIcUAgABhmAA=
Date: Tue, 20 Apr 2021 14:46:25 +0000
Message-ID: <DF470A3C-6033-48F4-8A61-3442C5DD2239@team.neustar>
References: <42e964d3-2a16-660b-f8b4-fd9daedad115@petit-huguenin.org> <AM0PR07MB38604255784FF9E621257B2D93499@AM0PR07MB3860.eurprd07.prod.outlook.com> <3d8e2fce-d124-99b9-e295-734a36ad564a@petit-huguenin.org> <7558AA11-A7F9-4091-BFD3-F42C742AABAE@vigilsec.com> <167dde10-f242-2b6f-a7ce-96991158589a@petit-huguenin.org> <CAD5OKxvkN+BSY0XuBmfApDDWOLhqCLLFuQgVQryE+yHUftWs4w@mail.gmail.com> <15fc4a20-b5c8-cd27-b30e-76e1f479b4ff@petit-huguenin.org> <CAD5OKxvmvmotpxB8BGJfqRrVTjEGKQkQRow37gmwRMFaBGjEoA@mail.gmail.com>
In-Reply-To: <CAD5OKxvmvmotpxB8BGJfqRrVTjEGKQkQRow37gmwRMFaBGjEoA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.1b.201012
authentication-results: telurix.com; dkim=none (message not signed) header.d=none;telurix.com; dmarc=none action=none header.from=team.neustar;
x-originating-ip: [108.208.24.189]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 36c3cb66-a728-41f3-c892-08d9040b12b6
x-ms-traffictypediagnostic: BY5PR17MB3827:
x-microsoft-antispam-prvs: <BY5PR17MB3827E9732CE5694D657DE151E2489@BY5PR17MB3827.namprd17.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: AfqajqRVJQDye6XrQiegttl4MChWVNS89Gt1Y1GjaOC+f1qvHErkRKridbVZfKck3aD8nXxioKCQOydAkFdUoElhgLKmRf5MRiIAKFRztSO3ZwajVCKmA9C8JWAI9EIqv5ZWkuzlGVEfdj17xRp9CEzDs9opxjzGGZfD13zyzvXJACQ2kOcG7U0nfHUMImo3LaKK60zHzoaNm7rfLoioHGoJHHoH4vb0//8ts5Kl+Tumv14Mz6rUnIBWbal4DGVO7MzLYTWcyUwItLxT/FflRLTSZIyFYfDAUCDf9d4j0VreskSGJ8vBYN5axsF4tMuNo880sb/xpeVLVvfQptAVeRFja3yhJ1GpbU1h/IExFKUeFJ6tSRaWsqZVz6FGjZ7+nNwpd7+PRPe1cd7qUXSxMx/q3/yw6FiDWOA4HKYr/C5jvVk/BhxzGUlbGPBxwzAEWFhGo+Y+ceN9o0F3WzAyO45bSgtWXpAtnpUphBh8ka1wT4ucsbyXXoUehCmcNkio/qVblFZRyBFopqxUVR3YNirC799DDS7abMwcyCL6nMWl13iowmqRV2naT72sfmay/TfdlOpFluElwPPSTgl08rwkSb1DHBUrSi5tb6XU78L6+l6fOHgvbpJtqLmS9KN+Un+jOTtKsQ4pzp/Ird/eXekSRFx0D2ki2oHaWqGLdkAnmqTIzPfrk3cPDkwby/eo
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR17MB3569.namprd17.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39860400002)(136003)(396003)(376002)(346002)(83380400001)(122000001)(54906003)(38100700002)(110136005)(5660300002)(8936002)(86362001)(4326008)(15650500001)(316002)(2616005)(6512007)(76116006)(8676002)(26005)(71200400001)(186003)(66946007)(66556008)(66476007)(64756008)(66446008)(33656002)(6486002)(2906002)(6506007)(478600001)(53546011)(46492009)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?utf-8?B?bU4xNFpjdDJMRjUxYzBQWHRWYk5vRlZ1V1RTSUJRaTJrUnNzTTJ1eDVuM1VP?= =?utf-8?B?cXRJaVo5aGtMSExCUDBQSkp2WkozaE9mODlGZzAzZGlOVHAwYStZWW1abGVs?= =?utf-8?B?MVdiUVg4bFQ2d1hGOHhiR1V0aU8xa0VCaW5TZFBJZTlaakQ1RWFWSG95bStJ?= =?utf-8?B?QXBqQ3dSV3RvSXJyU1R2VlhETjZyVUswVDNkWFJZK01kblVvd3E0Q2FhOHMy?= =?utf-8?B?T2lHYmcyeElod2k1WmJHQUtINkZuc2pXVXVEakVjRlFwUURjalNWczZoV2Fu?= =?utf-8?B?ZE9zMXV4UnVqeWk4MDh3NGs3c3doSjF5R0d5VUhUWFhCN0N1WDA1cy9hek91?= =?utf-8?B?Y3R4UzFpaHVQajBoR0xvN1dCdVZHRmV6Q2tzSDV3RURqVGp6VmxaWFExUmZr?= =?utf-8?B?SVNmR1oyV3YrNUlNd2VjdWtvQ0VuMEZEWkc3bnZCUTRXdE9nNDBNeUVtSTJx?= =?utf-8?B?dTlnTXVWTXQzKzZJcUJpMzZiZWY4TDFqa0p1aFpmS213ejZDWFBQREk3WWJv?= =?utf-8?B?SkQ5dWtwWjV3NXQ5YU0vd1FiSXU1RmdJeU0rbWE3ckd6TDlFa3ZSS1JIc1JY?= =?utf-8?B?VWNqL0gxY3JjeC8vN3dxVGkzVThFR1pub3NOYkhwTnlXbmpobTB1NlBQZW5q?= =?utf-8?B?dG9kdk9LZElmNTlHbFR6S291S2tiUHVQLzJZSnJndGpQWFBWUmUrT1BEbklE?= =?utf-8?B?WHNDVTJjcWY2ZHUxMFI5cklNRzNML3E5OThLb01zdXpkY2lNVnFvTUFRaVU1?= =?utf-8?B?WTNFU2w1R04wVnFjQTNzRXNvSDZ6aWNCTzJDR2FxaFVRVW1nT3RORWdXWHJF?= =?utf-8?B?empHTms1MmNJbTlBRWdsSFhaTTlhUi8xaWNhc3VSdWwwMWVZYWRqVDVNZjBX?= =?utf-8?B?dmFWNDJHd2xxTWpLSURSaVZ6UFlMRGFER1p6V2x2K2swR1VKZlJJeTYzbnJn?= =?utf-8?B?dmxtR3A3dEFaang3ZkdPeDJVYVZZQlY2em9CSkowWkNHQ0VYYS9yMzNFdkhj?= =?utf-8?B?eVFMQUZHcGx5RDEvOUhXdVh1Ynkza2pXejE3Y1J6UHBqNlIzc2FIbUdreTNZ?= =?utf-8?B?b2tYb0FSMkNUYmRoMDA1VmxQV09PLzNUM2tqaExjMEwzVjNnYlptdFh2c3Jp?= =?utf-8?B?NkFQcHJ2eTFxNFZub1RpVG12cWJiSlBRTzg3dUE1VjJZcHpmQjg2NmlXaUUx?= =?utf-8?B?d0wxNjNZUitWUSs4ZGxGOVhtNDhXeXNBNzM5ZW5LYXFGbnBBUmptY3M3cnYz?= =?utf-8?B?Ti81eEFCcXVvdTg4YzkxVXJGY3ZXb2crUTE0aUczb1V4Z0hTZnpObE1abmY2?= =?utf-8?B?ZUNvWnRhbVhVR3RuODRWZUF3TjBmbFBuT0VlRGtQRjRpZWdSSnFLRkdUMXBn?= =?utf-8?B?Wk1yOVBKakpsYmVlS0VCNktkL3VwRnJyTXAya3dmeVc3OUZyYlQ5SXpDZ0J3?= =?utf-8?B?dldSNjdTMEJBY1FQUW12azZhK09haVRaYWpsYTEwb0JUb1l2WDNDbCtwd3Fq?= =?utf-8?B?MXJoNEE0NTBSdEZuTzZEOWl6ZGFiZkF4RGt5Wkd0eDkyN1djYjUxVUc1UUxD?= =?utf-8?B?ekVRR2g4dmQzSU52QmJlSVZ1WWxxS1pOcmxHSGZwQ3F2R2xjL1BnbWlRYjdi?= =?utf-8?B?SnloaVcrc2pKeHRLNUozcU1ncy9VekYveENWVjRENlVhSzNFdE1kdTVZWjRH?= =?utf-8?B?c0I4TXlaQlhQZVFuTldyU3dwVzNGUnQ2YmZoWHdENCtydGkwVC9lNVhoS3pj?= =?utf-8?B?YlEyT2E0Z3RVTUVtUndqckFOWDNnUFJBN3NLdXhRT1p2eGpWV3hwOFJhMUZv?= =?utf-8?B?c0RRaTE5MGFXQjkyU3NxZz09?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DF470A3C603348F48A613442C5DD2239teamneustar_"
MIME-Version: 1.0
X-OriginatorOrg: team.neustar
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR17MB3569.namprd17.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 36c3cb66-a728-41f3-c892-08d9040b12b6
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Apr 2021 14:46:25.2697 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 73a2bbc1-f307-47c4-8f94-5f379c68bc30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4Qwz1BfLvrOZKpoNkD3lqkT05j5Ude/IPPYG1vJX07FQOrLomqM8OOykkKSXvmy8wzG8CmJYDUMcLiLzkRYev++vyKekNXebpNLyHJTw1GA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR17MB3827
X-Proofpoint-GUID: oJZAnH8AQEKwv9f0ObKxic2q5uEiw3EV
X-Proofpoint-ORIG-GUID: oJZAnH8AQEKwv9f0ObKxic2q5uEiw3EV
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-04-20_06:2021-04-20, 2021-04-20 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 mlxscore=0 bulkscore=0 lowpriorityscore=0 mlxlogscore=705 suspectscore=0 adultscore=0 spamscore=0 phishscore=0 clxscore=1015 impostorscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104060000 definitions=main-2104200110
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/EtnqMKSDW7pwOm457Qk7HaoYZSo>
Subject: Re: [stir] Proposal for update of erratum #6519
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Apr 2021 14:46:42 -0000

Inline.

From: stir <stir-bounces@ietf.org> on behalf of Roman Shpount <roman@telurix.com>
Date: Monday, April 19, 2021 at 6:57 PM
To: Marc Petit-Huguenin <marc@petit-huguenin.org>
Cc: IETF STIR Mail List <stir@ietf.org>rg>, Russ Housley <housley@vigilsec.com>om>, Christer Holmberg <christer.holmberg@ericsson.com>
Subject: Re: [stir] Proposal for update of erratum #6519

On Mon, Apr 19, 2021 at 7:56 PM Marc Petit-Huguenin <marc@petit-huguenin.org<mailto:marc@petit-huguenin.org>> wrote:
A literalist.  Fantastic.


That was not my understanding.

We can go back to the recording to check on the decision.

More importantly, what is the normative strength of "be tolerant to the absence of quotes when receiving"? Is this MUST accept quotes? SHOULD accept quotes?

In the sentence "Implementations SHOULD use quotes around the token when sending", what would be the valid use cases when implementations are allowed not to use quotes?

My understanding is that SHOULD implies well know exceptions.

The exception we are aware of is that implementations exhibiting this behavior exist. It is, in other words, for backwards compatibility reasons.

Regardless of what the recording says (we were kinda all over the place, if I recall), I think I agree that the right semantics are that you MUST accept quoted and unquoted, and SHOUD send quotes (the exception to the SHOULD being backwards compatibility). If we said you MUST send quotes, well, then implementations that don’t are violating the spec. As you pointed out, it’s kind of a mixed bag at the moment out there in terms of where implementations are.

Jon Peterson
Neustar, Inc.