Re: [stir] current draft charter
"Peterson, Jon" <jon.peterson@neustar.biz> Mon, 17 June 2013 07:24 UTC
Return-Path: <jon.peterson@neustar.biz>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF9C421F88EA for <stir@ietfa.amsl.com>; Mon, 17 Jun 2013 00:24:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.53
X-Spam-Level:
X-Spam-Status: No, score=-106.53 tagged_above=-999 required=5 tests=[AWL=0.069, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cn9E6yXkDPAq for <stir@ietfa.amsl.com>; Mon, 17 Jun 2013 00:24:41 -0700 (PDT)
Received: from neustar.com (mx2.neustar.com [156.154.25.104]) by ietfa.amsl.com (Postfix) with ESMTP id 7257621F9AB7 for <stir@ietf.org>; Mon, 17 Jun 2013 00:24:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neustar.biz; s=neustarbiz; t=1371453830; x=1685861982; q=dns/txt; h=From:Subject:Date:Message-ID:Content-Language: Content-Type:Content-ID:Content-Transfer-Encoding; bh=8Gtt384Xkm zOlX2g/zxZ+ICfJ2ecb6AWIXnfDlhwAgU=; b=GqByiL1zv9BhHM3g98m0Cwi1LU OKrS21c7ov9fZ1/2uYX7Os356yC836bKD2Ob+/KaQM4hFJH7UhHiuZ46KFzQ==
Received: from ([10.31.58.69]) by chihiron2.nc.neustar.com with ESMTP with TLS id J041123125.21046680; Mon, 17 Jun 2013 03:23:49 -0400
Received: from stntexmb12.cis.neustar.com ([169.254.2.76]) by stntexhc10.cis.neustar.com ([169.254.4.66]) with mapi id 14.02.0342.003; Mon, 17 Jun 2013 03:24:37 -0400
From: "Peterson, Jon" <jon.peterson@neustar.biz>
To: "philippe.fouquart@orange.com" <philippe.fouquart@orange.com>, "stir@ietf.org" <stir@ietf.org>
Thread-Topic: current draft charter
Thread-Index: AQHOZwiVGT8OWD09JUqSfli80C7Gm5kxzvcAgAeIGwA=
Date: Mon, 17 Jun 2013 07:24:36 +0000
Message-ID: <CDE407A4.2153F%jon.peterson@neustar.biz>
In-Reply-To: <27770_1371030649_51B84479_27770_127_1_B5939C6860701C49AA39C5DA5189448B0A2BA6@PEXCVZYM12.corporate.adroot.infra.ftgroup>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.4.130416
x-originating-ip: [192.168.128.73]
x-ems-proccessed: R64IxjzeHPwwd+efoj3ZcA==
x-ems-stamp: ym27EGjl6Hpg0j6pqi5ryg==
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <D4C84B56C5038A4488ECDF58AD29CE79@neustar.biz>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [stir] current draft charter
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jun 2013 07:24:47 -0000
I don¹t think I previously replied to say, works for me. Those fixes are added. Jon Peterson Neustar, Inc. On 6/12/13 2:50 AM, "philippe.fouquart@orange.com" <philippe.fouquart@orange.com> wrote: >Jon, > >The only comment I would have is on the general phrasing of the first >paragraph, which at least for an outsider, may sometimes seem to be >focused on anonymous calls rather than on 'illegitimate' CPNs in general >(whilst the "more serious" problems that are listed there have indeed >more to do with the latter than the former). > >If this restriction is not deliberate, maybe you want to say "can be >hidden or forged" instead of only "hidden" and "that obscure or falsify" >as opposed to only "obscure". > >Regards, > >Philippe Fouquart >Orange Labs Networks >+33 (0) 1 45 29 58 13 > >From: stir-bounces@ietf.org [mailto:stir-bounces@ietf.org] On Behalf Of >Peterson, Jon >Sent: Wednesday, June 12, 2013 3:03 AM >To: stir@ietf.org >Subject: [stir] current draft charter > > >Below is the current draft of the charter, based on our prior discussions. > >Jon Peterson >Neustar, Inc. > >---- > >Name: Secure Telephone Identity Revisited (stir) >Area: RAI > >Chairs: TBD >Area Advisor: TBD (Barnes) > >Mailing list: (current source-auth) >To Subscribe: -- > >Over the last decade, a growing set of problems have resulted from the >lack of security mechanisms for attesting the origins of real-time >communications. Many of these problems are familiar from our experience >with email: bulk unsolicited commercial communications remain a challenge >for the traditional telephone network largely because the source of calls >can be hidden. Others are potentially more serious: voicemail hacking, >impersonating banks and similar attacks are becoming commonplace. The >technologies that obscure the caller's identity are frequently gateways >between the telephone network and the Internet. > >SIP is one of the main VoIP technologies employed by these gateways. A >number of previous efforts have attacked the problem of securing the >origins of SIP communications, including RFC3325, RFC4474 and the VIPR >WG. To date, however, true cryptographic authentication of the source of >SIP calls has not seen any appreciable deployment. While several factors >contributed to this lack of success, two seem like the largest culprits: >1) the lack of any real means of asserting authority over telephone >numbers on the Internet; and 2) a misalignment of the integrity >mechanisms proposed by RFC4474 with the highly interworked, mediated and >policy-driven deployment environment that has emerged for SIP. The VIPR >alternative, while promising, faced apparently unavoidable privacy >problems and other significant deployment hurdles. > >Given the pressing difficulties caused by the lack of a useful identity >solution, the problem of securing the origins of SIP communication must >be revisited. Because SIP deployments are so closely tied to the >telephone network, we moreover must investigate solutions that can work >when one side of a call is in the PSTN - or potentially even both. This >will require a two-pronged approach: one prong relying on information >carried in SIP signaling; the other prong relying on forming out-of-band >connections between IP endpoints that are participating in a call. > >The changes to the RFC4474 approach to SIP signaling must include a new >capability for Identity assertions to cover telephone numbers, rather >than domain names. To conform with realistic deployments, we must also >study ways to rebalance the requirements for the scope of RFC4474's >integrity protection to emphasize preventing third-party impersonation >over preventing men-in-the-middle from capturing media. > >Finally, the solution must encompass an out-of-band means for endpoints >to establish identity when there is no direct SIP signaling path between >them available, due to interworking or similar factors. This working >group will investigate a means for Internet endpoints to discover one >another in real time to verify that a telephone call between them is in >progress based on minimal evidence or configuration. This architecture >will, to the degree that is possible, reuse the credentials defined for >telephone numbers for the in-band signaling solution, and define a >discovery mechanism that provides better than hop-by-hop security. > >The working group will coordinate with the security area on certificate >management. > >The working group will coordinate with RAI area groups studying the >problem of signaling through existing deployments, including INSIPID. > >Identity is closely linked to privacy, and frequently one comes at the >cost of the other. This working group is not chartered to mandate the >presence of identity in SIP requests, and to the extent feasible it will >find privacy-friendly solutions that leak minimal information about calls >to third parties. > >The working group will deliver the following: > >- A problem statement detailing the deployment environment and >difficulties motivate work on secure origins > >- A revision to SIP's identity features to provide several fixes: > Changes to support certification for telephone numbers > Changes to the signature > >- A document describing the certificate profile required to support >telephone numbers in certificates > >- A fallback mechanism to allow out-of-band identity establishment during >call setup > >Milestones > >Sep 2013 Submit problem statement for Info >Nov 2013 Submit RFC4474bis for PS >Jan 2013 Submit TN cert profile for Info >Mar 2014 Submit fallback for PS > > >__________________________________________________________________________ >_______________________________________________ > >Ce message et ses pieces jointes peuvent contenir des informations >confidentielles ou privilegiees et ne doivent donc >pas etre diffuses, exploites ou copies sans autorisation. Si vous avez >recu ce message par erreur, veuillez le signaler >a l'expediteur et le detruire ainsi que les pieces jointes. Les messages >electroniques etant susceptibles d'alteration, >France Telecom - Orange decline toute responsabilite si ce message a ete >altere, deforme ou falsifie. Merci. > >This message and its attachments may contain confidential or privileged >information that may be protected by law; >they should not be distributed, used or copied without authorisation. >If you have received this email in error, please notify the sender and >delete this message and its attachments. >As emails may be altered, France Telecom - Orange is not liable for >messages that have been modified, changed or falsified. >Thank you. >
- [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Stephen Farrell
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter philippe.fouquart
- Re: [stir] current draft charter Wilhelm Wimmreuter
- Re: [stir] current draft charter Stephen Farrell
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Henning Schulzrinne
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Dan York
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Brian Rosen
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Dan York
- Re: [stir] current draft charter Wendt, Chris
- Re: [stir] current draft charter Brian Rosen
- Re: [stir] current draft charter - ENUM and datab… Richard Shockey
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Wendt, Chris
- Re: [stir] current draft charter Richard Shockey
- Re: [stir] current draft charter Brian Rosen
- Re: [stir] current draft charter Richard Shockey
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Richard Shockey
- Re: [stir] current draft charter Brian Rosen
- Re: [stir] current draft charter Richard Shockey
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter - ENUM and datab… Henning Schulzrinne
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter DOLLY, MARTIN C
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter - ENUM and datab… Henning Schulzrinne
- Re: [stir] current draft charter Henning Schulzrinne
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter DOLLY, MARTIN C
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter DOLLY, MARTIN C
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter - ENUM and datab… Peterson, Jon
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter - ENUM and datab… Henning Schulzrinne
- Re: [stir] current draft charter Henning Schulzrinne
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Michael Hammer
- Re: [stir] current draft charter Richard Shockey
- Re: [stir] current draft charter Richard Shockey
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Dave Crocker
- [stir] Nature vs. nurture -- semantics vs. encodi… Dave Crocker
- Re: [stir] current draft charter Dan York
- Re: [stir] current draft charter Michael Hammer
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- [stir] Not just "called party" - Re: current draf… Dan York
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] current draft charter Michael Hammer
- Re: [stir] current draft charter Peterson, Jon
- Re: [stir] Not just "called party" - Re: current … Michael Hammer
- Re: [stir] current draft charter - ENUM and datab… Richard Shockey
- Re: [stir] current draft charter DOLLY, MARTIN C
- Re: [stir] current draft charter Michael Hammer
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] Not just "called party" - Re: current … Peterson, Jon
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter - ENUM and datab… Peterson, Jon
- Re: [stir] current draft charter - ENUM and datab… Michael Hammer
- Re: [stir] Not just "called party" - Re: current … Hadriel Kaplan
- Re: [stir] current draft charter Dan York
- Re: [stir] current draft charter Michael Hammer
- Re: [stir] current draft charter Paul Kyzivat
- Re: [stir] Not just "called party" - Re: current … Dan York
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- Re: [stir] current draft charter - ENUM and datab… Richard Shockey
- Re: [stir] current draft charter Hadriel Kaplan
- Re: [stir] current draft charter - ENUM and datab… Peterson, Jon
- Re: [stir] Not just "called party" - Re: current … Henning Schulzrinne
- Re: [stir] current draft charter - ENUM and datab… Henning Schulzrinne
- Re: [stir] current draft charter - ENUM and datab… Henning Schulzrinne
- Re: [stir] current draft charter Henning Schulzrinne
- Re: [stir] current draft charter - ENUM and datab… Henning Schulzrinne
- Re: [stir] current draft charter philippe.fouquart
- Re: [stir] current draft charter - ENUM and datab… Richard Shockey
- Re: [stir] current draft charter Richard Shockey
- Re: [stir] current draft charter Dave Crocker
- Re: [stir] current draft charter Michael Hammer
- Re: [stir] current draft charter Richard Barnes
- Re: [stir] current draft charter - ENUM and datab… Dave Crocker
- Re: [stir] current draft charter philippe.fouquart
- Re: [stir] current draft charter philippe.fouquart
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- Re: [stir] current draft charter - ENUM and datab… Brian Rosen
- Re: [stir] current draft charter - ENUM and datab… Wendt, Chris
- Re: [stir] current draft charter - ENUM and datab… Michael Hammer
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- Re: [stir] current draft charter - ENUM and datab… Peterson, Jon
- Re: [stir] current draft charter - ENUM and datab… Dave Crocker
- Re: [stir] current draft charter - ENUM and datab… Richard Shockey
- Re: [stir] current draft charter - ENUM and datab… Peterson, Jon
- Re: [stir] current draft charter - ENUM and datab… Henning Schulzrinne
- Re: [stir] current draft charter - ENUM and datab… Lee, Yiu
- Re: [stir] current draft charter - ENUM and datab… Michael Hammer
- Re: [stir] current draft charter - ENUM and datab… Dave Crocker
- Re: [stir] current draft charter - ENUM and datab… Lee, Yiu
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- Re: [stir] current draft charter - ENUM and datab… Lee, Yiu
- Re: [stir] current draft charter - ENUM and datab… Hadriel Kaplan
- Re: [stir] current draft charter - ENUM and datab… Wendt, Chris
- Re: [stir] current draft charter - ENUM and datab… Peterson, Jon
- Re: [stir] current draft charter - ENUM and datab… Lee, Yiu
- Re: [stir] current draft charter Wilhelm Wimmreuter