Re: [stir] I-D Action: draft-ietf-stir-certificates-13.txt
Tony Rutkowski <tony@yaanatech.com> Tue, 28 March 2017 14:01 UTC
Return-Path: <tony@yaanatech.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7269129528; Tue, 28 Mar 2017 07:01:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ztFEqteGDNPI; Tue, 28 Mar 2017 07:01:56 -0700 (PDT)
Received: from mil-admin1.yaanatech.net (38-110-174-3-static.dzbja.com [38.110.174.3]) by ietfa.amsl.com (Postfix) with ESMTP id 174D1128ACA; Tue, 28 Mar 2017 07:01:56 -0700 (PDT)
Received: from extmail1.yaanatech.com (12-12-158-76-static.dzbja.com [12.12.158.76]) by mil-admin1.yaanatech.net (Postfix) with ESMTP id D4FC8146; Tue, 28 Mar 2017 14:01:55 +0000 (UTC)
Received: from [192.168.1.53] (pool-70-106-242-209.clppva.fios.verizon.net [70.106.242.209]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by extmail1.yaanatech.com (Postfix) with ESMTP id 5E6C758090; Tue, 28 Mar 2017 14:01:55 +0000 (UTC)
Reply-To: tony@yaanatech.com
References: <149065198337.30490.6512482120705975775@ietfa.amsl.com>
To: internet-drafts@ietf.org, i-d-announce@ietf.org
Cc: stir@ietf.org, tsbdir@itu.int, jie.zhang@itu.int
From: Tony Rutkowski <tony@yaanatech.com>
Organization: Yaana Technologies LLC
Message-ID: <c28c2d24-917e-9895-9cb3-466402193669@yaanatech.com>
Date: Tue, 28 Mar 2017 10:01:54 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <149065198337.30490.6512482120705975775@ietfa.amsl.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/KdhxXnNPc5oYWDcgy9wSCOg5-N8>
Subject: Re: [stir] I-D Action: draft-ietf-stir-certificates-13.txt
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Mar 2017 14:01:59 -0000
This draft is getting better. However inquiring minds would raise some substantive concerns about the construct of authority over telephone numbers. Perhaps the most significant one is the failure to cite E.164 and related international standards as authoritative - even though the purpose of the ID is "establishing authority over telephone numbers." Similarly, the chain of authority described in section 5 is not accurate. The identifiers are those of the ITU and its Members pursuant to treaty provisions, and then delegated to those Members (or in a few cases to provider registrants directly) who in turn delegate the administration to some entity, e.g., the NANPA. For the U.S., the State Dept delegates the authority to the FCC which in turn delegates it to NANPA. Indeed, the U.S. Court of Appeals decision a few days ago, is especially relevant here, as it established the authority of the Commission to enable E.164 numbers being allocated directly to VoIP providers. See https://www.cadc.uscourts.gov/internet/opinions.nsf/30E3C0768DB6D78C852580ED004F9935/$file/15-1497-1667619.pdf See also, https://apps.fcc.gov/edocs_public/attachmatch/FCC-15-70A1_Rcd.pdf On the other side of the "authority" binding, it is also ICCs (ITU Carrier Codes) pursuant to M.1400 that are the identifiers. Here also in the U.S., the authority is the U.S. State Dept which allocates it to the FCC which in turn allocates it to NECA. NECA is directed by the FCC to use ATIS-0300251. (The spec itself is not authoritative. It is simply informative for expressing an identifier applicable for the U.S.) As presently constructed, this draft seems to create its own scheme for establishing and expressing authority for E.164 numbers that is contrary to well established legal and regulatory requirements domestically, regionally, and internationally - creating its own Service Provider Code out of thin air. It also gives the appearance that the IETF here is acting unilaterally as some kind of job shop for a one-off local U.S. implementation rather than acting as an international body. Perhaps the ITU's TSB and Study Group 2 can be helpful here. --tony On 27-Mar-17 5:59 PM, internet-drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Secure Telephone Identity Revisited of the IETF. > > Title : Secure Telephone Identity Credentials: Certificates > Authors : Jon Peterson > Sean Turner > Filename : draft-ietf-stir-certificates-13.txt > Pages : 20 > Date : 2017-03-27 > > Abstract: > In order to prevent the impersonation of telephone numbers on the > Internet, some kind of credential system needs to exist that > cryptographically asserts authority over telephone numbers. This > document describes the use of certificates in establishing authority > over telephone numbers, as a component of a broader architecture for > managing telephone numbers as identities in protocols like SIP. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-stir-certificates/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-stir-certificates-13 > https://datatracker.ietf.org/doc/html/draft-ietf-stir-certificates-13 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-stir-certificates-13 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > stir mailing list > stir@ietf.org > https://www.ietf.org/mailman/listinfo/stir
- [stir] I-D Action: draft-ietf-stir-certificates-1… internet-drafts
- Re: [stir] I-D Action: draft-ietf-stir-certificat… Tony Rutkowski
- Re: [stir] I-D Action: draft-ietf-stir-certificat… Tony Rutkowski
- Re: [stir] I-D Action: draft-ietf-stir-certificat… Tony Rutkowski
- Re: [stir] I-D Action: draft-ietf-stir-certificat… Russ Housley
- Re: [stir] I-D Action: draft-ietf-stir-certificat… Russ Housley
- Re: [stir] I-D Action: draft-ietf-stir-certificat… Michael Hammer
- [stir] FW: I-D Action: draft-ietf-stir-certificat… Michael Hammer
- [stir] FW: I-D Action: draft-ietf-stir-certificat… Michael Hammer
- Re: [stir] I-D Action: draft-ietf-stir-certificat… Tony Rutkowski