IETF Logo Mail Archive

Re: [stir] Definition of STIR

"Gorman, Pierce" <Pierce.Gorman@t-mobile.com> Wed, 11 May 2022 18:04 UTC

Return-Path: <Pierce.Gorman@t-mobile.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EDFFC159523 for <stir@ietfa.amsl.com>; Wed, 11 May 2022 11:04:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tmobileusa.onmicrosoft.com header.b=aepy6QSE; dkim=pass (1024-bit key) header.d=tmobileusa.onmicrosoft.com header.b=aepy6QSE
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GTOfVM9p794E for <stir@ietfa.amsl.com>; Wed, 11 May 2022 11:04:42 -0700 (PDT)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on20725.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5a::725]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 235B0C159522 for <stir@ietf.org>; Wed, 11 May 2022 11:04:42 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=ilmo72gFqYcioH2JSAiw2tt0MyUUjE/+09R1Yqxh9N1fquo9ize790yTt2TNgdMGXoU9yflCj6O75pGcD6c6SoQfUpXK/scVzA5wh6KM++Njj++sNS+v95GnM7DslZu2UpxN2J/p+5pvxQ1ZcQLR84nhv3MXUuNvOLMid/XfgwjrsuhtexWjBMONO/H8rWM7hKF3zCt6V48Hvm3RhermM1bYU11eBTrYwEX39ATDK+cm9TM2BDlu2THC0qsaD8htGeTSUkabQrSk9Ki5QUP7Kxp55XtIrXzPHMfzfHd4c59FLIsnxbX81/bGllqrQUhH/GbzlUCAFc4jawl1nIbnYw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=u+AgcDFSgXd8VOlKwW5kBtzAVqoQBG7nk/h+rU4IaqQ=; b=N/IjkcB+onySik+p8MO1VBmgdOazpNvPr2spSqhI58LRmLQnfazCI/ILt4u++nyGpLuLzwGdKNGFsxvV0lof4zxO7d6FLGIRkhr9UAJLBJ3nxnEaJGA+P4I+lBjqC0FCo2xqIbgmIPlVvqbhHMBpRX4Qp3vgwf7qQQAUQoUWwDms146AxIOey50V5nUlRkJfM4cyuX3ysHP7QSgPHc+VvR+A8XyL5eTsc/LZehtJ5bdumhBOShrlVIeltoih+l8zg76X6mvPxKVh1/fBdBOEaa5V612K8U9EgVOXQkLtL0ItolJFAWnZIJVmgQkecSl24PdMIsHEx4n5frL5XM/IzA==
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=fail (sender ip is 144.49.247.27) smtp.rcpttodomain=dmarc.ietf.org smtp.mailfrom=t-mobile.com; dmarc=fail (p=none sp=none pct=100) action=none header.from=t-mobile.com; dkim=pass (signature was verified) header.d=tmobileusa.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=t-mobile.com] dkim=[1,1,header.d=t-mobile.com] dmarc=[1,1,header.from=t-mobile.com])
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TMobileUSA.onmicrosoft.com; s=selector1-TMobileUSA-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u+AgcDFSgXd8VOlKwW5kBtzAVqoQBG7nk/h+rU4IaqQ=; b=aepy6QSEm0rLFnHVgopaaaxNXPsJf3g9HqrcaPTCm8YrfQH3B/CCQnxasQw8Dc+bbwo0YNkDwssbxQMhxOCgPk3mA0L8jKIOQYbMbKP6vbaqXWcmOBAmbW94h+1A8h+UQMaER/0A/cb6CuQLaS13REdWto0dg/HvQC7myLwEvJA=
Received: from BN8PR15CA0045.namprd15.prod.outlook.com (2603:10b6:408:80::22) by CH2PR02MB6405.namprd02.prod.outlook.com (2603:10b6:610:a::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5227.23; Wed, 11 May 2022 18:04:38 +0000
Received: from BN1NAM02FT022.eop-nam02.prod.protection.outlook.com (2603:10b6:408:80:cafe::e7) by BN8PR15CA0045.outlook.office365.com (2603:10b6:408:80::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.13 via Frontend Transport; Wed, 11 May 2022 18:04:38 +0000
X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 144.49.247.27) smtp.mailfrom=t-mobile.com; dkim=pass (signature was verified) header.d=TMobileUSA.onmicrosoft.com;dmarc=fail action=none header.from=t-mobile.com;
Received-SPF: Fail (protection.outlook.com: domain of t-mobile.com does not designate 144.49.247.27 as permitted sender) receiver=protection.outlook.com; client-ip=144.49.247.27; helo=mail.ds.dlp.protect.symantec.com;
Received: from mail.ds.dlp.protect.symantec.com (144.49.247.27) by BN1NAM02FT022.mail.protection.outlook.com (10.13.2.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.13 via Frontend Transport; Wed, 11 May 2022 18:04:37 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=a4owVi26UXRhEwJ3LdiF2LEKMg6SVJBjOfy9/QlErlNxz7y/tWGR3Dl8g2ds5hbcAy83ysPAVDaz+9dfjEhfLMCLVq46Q4YfiaQN+b7pJIJC7gPR/vJM+XLcfOb9n/kQ5K3jjsPxzWfzvG75qPd1jKsJXA/z61QVu/OYTVuK9IHxPmxQ0LuBhCXth28avhyjDCz/7YPN1GyNQQeiSSKQ3QGiJv5kDzkkfR3A7zj7fL01S7H4XjTek8brWkrQVHO505e3TnPL1YzbT7YYvbd0BAY1+Xlhb1NPm8pxd2gtbpSCWlGPHmOwbROTblu86l6kmpIvBgbrMioTTnLUcsNSCQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=u+AgcDFSgXd8VOlKwW5kBtzAVqoQBG7nk/h+rU4IaqQ=; b=OOF909ofaP5UPEI1MvSoymqmKWAcqjr/JQjEP/USO9kHq+rrTcQKfs0w5eoHXzAZh49405cY2Pv1iZsYiz8ffd7Zh2Z6/TkOz/GNx4qPDtn+u9lMJEggZ+duwwhawbLWV+XJHIb9QTvvwuUyEOIySQ1QO5xEi9jYgvUUEAda4/m4PVwCGeHfNIlsZ9laSDC/qGpISWfnWb7SCZXaRBjiHmGXNaxNop/SOf3FFEoHGjIk+6hzdj61DpbRnkYVBcOPLElIaShAuxkLZavwoenjlQdfvscS618imphMUf7Q5e/KTqXcloFIU59OL8apGyBc++zcy3iiHcqmG6aPDRR3NA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t-mobile.com; dmarc=pass action=none header.from=t-mobile.com; dkim=pass header.d=t-mobile.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TMobileUSA.onmicrosoft.com; s=selector1-TMobileUSA-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u+AgcDFSgXd8VOlKwW5kBtzAVqoQBG7nk/h+rU4IaqQ=; b=aepy6QSEm0rLFnHVgopaaaxNXPsJf3g9HqrcaPTCm8YrfQH3B/CCQnxasQw8Dc+bbwo0YNkDwssbxQMhxOCgPk3mA0L8jKIOQYbMbKP6vbaqXWcmOBAmbW94h+1A8h+UQMaER/0A/cb6CuQLaS13REdWto0dg/HvQC7myLwEvJA=
Received: from BYAPR02MB4168.namprd02.prod.outlook.com (2603:10b6:a02:f4::11) by SA2PR02MB7514.namprd02.prod.outlook.com (2603:10b6:806:135::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.13; Wed, 11 May 2022 18:04:33 +0000
Received: from BYAPR02MB4168.namprd02.prod.outlook.com ([fe80::d879:56a0:3a11:6f73]) by BYAPR02MB4168.namprd02.prod.outlook.com ([fe80::d879:56a0:3a11:6f73%3]) with mapi id 15.20.5227.023; Wed, 11 May 2022 18:04:31 +0000
From: "Gorman, Pierce" <Pierce.Gorman@t-mobile.com>
To: Christer Holmberg <christer.holmberg=40ericsson.com@dmarc.ietf.org>, "stir@ietf.org" <stir@ietf.org>
Thread-Topic: Definition of STIR
Thread-Index: AQHYZVdXBhmcYvRTBkqU9X5Q4zXVb60Z8iIw
Date: Wed, 11 May 2022 18:04:31 +0000
Message-ID: <BYAPR02MB4168BE198D24C18F50183B96D2C89@BYAPR02MB4168.namprd02.prod.outlook.com>
References: <HE1PR07MB4441E6DEDF137F3AEA3C8D5793C89@HE1PR07MB4441.eurprd07.prod.outlook.com>
In-Reply-To: <HE1PR07MB4441E6DEDF137F3AEA3C8D5793C89@HE1PR07MB4441.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t-mobile.com;
X-MS-Office365-Filtering-Correlation-Id: cd77e558-96f9-4a85-8c1a-08da3378b6aa
x-ms-traffictypediagnostic: SA2PR02MB7514:EE_|BN1NAM02FT022:EE_|CH2PR02MB6405:EE_
X-Microsoft-Antispam-PRVS: <CH2PR02MB6405E42D768E77630F34EA31D2C89@CH2PR02MB6405.namprd02.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: uG6V2ec2P46pg80UEpKuufIloJweHWAetJH8plLDo6+S/wH2TmwzNScuCdAoNy/LDDWrn9Tnxk2kSM2X3tYYFf+FFQ5Dr8LKpyDoCn4hwFX9JjO5FqTKBQYbcs8yLuuvusoUlOc2LwYxIFGIPMd3uLPV2yxljCUBeurTrFAaZy7XrhAIbQnz8z+4I7+TqLmSL82XEQIWLvrLcm3MgzLxH+3/3ojYiaLSpYg5wqJA26VlR5RsVpzVvkXt80V63mB5BHdtGlE59IMJMqB4reSnqVmemQqBID4xu1GthSdGY+eHoLnnJaTtHi5zoJ7BRMR+JRTp4xe6RWddcCX6vCqEqgkceZnHLwAq3PQvNG9Lhr2Y+ex2AIgZgQMQzWsMwcFahhyXM62TzTcltmUP3t7in1YCh3RNhVdWDdbGhluWRDh/T4P2omIZaneyBG/5JYngma48DTzlADavze4D2eqloJP0iuMgzP4GFrYYwxQ4MD1hM4tYMR43EGqMoh9U/8MRJ2IYzBdO+feRuHoO2aOaVMeBaJ0x7v0driOiQKa1AND2OJbri/H/siAW3dCq/hUil+uxQUtgA4W2xTFrIcGwZbVtG0fQHqOBko//wAhCIEja/KXjrMPH9qq9GhZvj7j0pvaAROpAxLIpfyO0uOt7vahU4Xywv3gKiIIKWLU6uDLYEoUbgzLYujDa08S1yFpqdkDxvm9u4JRti4Yv8LAI9A==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR02MB4168.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(64756008)(38100700002)(316002)(38070700005)(8676002)(66446008)(66556008)(66476007)(66946007)(76116006)(508600001)(5660300002)(186003)(110136005)(122000001)(26005)(3480700007)(8936002)(52536014)(7696005)(55016003)(83380400001)(9686003)(2906002)(6506007)(71200400001)(33656002)(82960400001)(86362001)(7116003)(53546011); DIR:OUT; SFP:1102;
Content-Type: multipart/alternative; boundary="_000_BYAPR02MB4168BE198D24C18F50183B96D2C89BYAPR02MB4168namp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA2PR02MB7514
X-CFilter-Loop: Reflected
X-DetectorID-Processed: 8c846453-0f50-46b3-95ab-8bbaf7238615
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: BN1NAM02FT022.eop-nam02.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 54b52cf9-ed48-47d8-da54-08da3378b2f6
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: uKhaj3kSa0FD3EEDb8SpxFXwxx0GTSncMVmn1/CrpD9GVpZh9baocsXt5Jwmg8VUmuCSZbpNBoZ/yoNTQz6txzJzJV/7yBsgLqRS7kdA1nezORFTdeHNJ1HTlxzpHtRVLu+xtLk1+/LJniEX5Yssmcx4pvyuOZJP8oZkB7wjiVRuziu3hloroS9omqbt6YGjh+VZ8B0oIipJzqcWvFnSdvNdR3O+FqgXM+ZetO3mZdqAJiPHm4DoxI2+R0S9VuV812jmo7BjSqj+Oriv8jAXpaJSjNmQCK+7kCwxgIUm6Tj1isqfqYl58oWeNhFQOBtkiDFrxpREjMwI89xogO3q29+f5BOpXhe2OBecPsdC46jIY7PcVkMpzO+gpAXyQeZPmedcFkUh0GH9vfhnDNhKduwiPu95DCTqPMEezjBdvLDe1OOR2i7PacVR36/tWsgkjnTQEj0CW0WPC0Sjr2lE8oAwyMU7EAd2VtbhFKVb4F0bPaE/mk5m7l7I4moRAiXavjCkgMRyO1EvWIwYTDbhf1g2V3stQUGf15DqMGz3tFqCEovF9TsqWE6KoQIDPEvpFO0bxRzWz6tVONvQY2Aqe01Ci0HwoBdu/dNE+zuv/xSnLs8XjKA8gOgj6+3WVQBCFXjEC4OTv32wqaN+QVqYWEAsoKCgkESDJHQ17V2GYWqYq6gs7SWuATGXlVzj5qq7Hgh8dSHEqpl6ewZafWEchg==
X-Forefront-Antispam-Report: CIP:144.49.247.27; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.ds.dlp.protect.symantec.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230001)(4636009)(36840700001)(46966006)(40470700004)(83380400001)(70206006)(508600001)(33656002)(8676002)(70586007)(47076005)(336012)(8936002)(186003)(7116003)(55016003)(86362001)(26005)(9686003)(316002)(82310400005)(7696005)(6506007)(53546011)(110136005)(81166007)(3480700007)(36860700001)(40460700003)(356005)(52536014)(82960400001)(2906002)(5660300002)(36900700001); DIR:OUT; SFP:1102;
X-OriginatorOrg: t-mobile.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 May 2022 18:04:37.6162 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: cd77e558-96f9-4a85-8c1a-08da3378b6aa
X-MS-Exchange-CrossTenant-Id: be0f980b-dd99-4b19-bd7b-bc71a09b026c
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=be0f980b-dd99-4b19-bd7b-bc71a09b026c; Ip=[144.49.247.27]; Helo=[mail.ds.dlp.protect.symantec.com]
X-MS-Exchange-CrossTenant-AuthSource: BN1NAM02FT022.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR02MB6405
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/X-IxybvCGi5tH7N2IMAJwkfMroo>
Subject: Re: [stir] Definition of STIR
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 May 2022 18:04:46 -0000

I suppose you or others could volunteer attempts at a definition.  Once satisfactorily achieved, what would you do with it?  Not trying to be a smart alec.  I'm seriously curious.

I will volunteer that I think of "STIR" as being the collection of work in the IETF that is referenced in "SHAKEN" call authentication specifications in use in the US and Canada (so far).

"STIR" is the collection of work that tells you how to create a SIP Identity header of whatever type you need for a particular call type, and how to create an X.509 security certificate (chain) with extensions and constraints needed to verify the contents of a SIP Identity header.

"SHAKEN" (a body of work in the ATIS/SIP Forum Joint Task Force on IP-NNI) tells you how to create and use various SIP Identity types defined in "STIR" and about the governance, policy, and certificate authorization framework used to acquire SHAKEN-specific X.509 end-entity certificates.

Beyond this, the call authentication governance authorities in the US and Canada have created requirements and selected entities to be Policy Administrators (PAs) and also created Certificate Policies which outline the requirements to be an authorized (within their respective jurisdictions) Certification Authority (CA), thus creating the SHAKEN GA/PA/CA Secure Telephone Identity (STI) Public Key Infrastructures (PKIs).

I expect others can volunteer alternative, and potentially better, definitions.

Best regards,


Pierce Gorman

From: stir <stir-bounces@ietf.org> On Behalf Of Christer Holmberg
Sent: Wednesday, May 11, 2022 11:52 AM
To: stir@ietf.org
Subject: [stir] Definition of STIR

[External]


Hi,



What exactly is "STIR", other than the name of an IETF WG?



Sometimes "STIR" used in document titles, sometimes there is text saying "STIR"/"the STIR mechanism" does this and that, provides this and that etc. draft-ietf-stir-identity-header-errors-handling talks about "extending STIR".



RFC 7340 is supposed to describe the STIR problem, but 7340 does not even say what STIR stands for (Secure Telephone Identity Revisited), and there is no RFC named "STIR".



The question came up while I was reviewing the messaging draft, which says:



"Secure Telephone Identity Revisited (STIR) provides a means of attesting the identity of a telephone caller..."



Regards,



Christer

v2.39.1 | Report a Bug | By Email | System Status