IETF Logo Mail Archive

Re: [stir] WGLC: draft-ietf-stir-identity-header-errors-handling-02

Paul Kyzivat <pkyzivat@alum.mit.edu> Tue, 26 July 2022 02:49 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68DC6C185737 for <stir@ietfa.amsl.com>; Mon, 25 Jul 2022 19:49:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alum.mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2DFYy6F-KPmL for <stir@ietfa.amsl.com>; Mon, 25 Jul 2022 19:49:21 -0700 (PDT)
Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2042.outbound.protection.outlook.com [40.107.100.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49966C185733 for <stir@ietf.org>; Mon, 25 Jul 2022 19:49:21 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=b3DWk/xkDoDvauvi4CfJuqs8IP9nFG16l5Adj/jdM0xKeRFmmqC8GuskQeQPTbkDJr6g3X1fI8dXaqiia1lAycuwhCRFF4i0i28F4Wvvpd1Q6d8L1x3wyZnb/BRYHELBTdCZOKF4UTneRqMbC0mECRX+N2csIvAvbajhdM5KjFUymxySJQzQYGLej8nH854HS1ohY3Qm0WV8Ify9eNYGzofAfgb4Ijm56INdEPUbdG0lwUPqEnxnCeitFB1JFFlYIbXv6F5Fphfa2w6YmE50gSxS/y9e1H+nJEpvYL0nmCxZYgoMyhstJtEKHH4WJfI8JZx18GBTrr2cWIr85YWXYg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nwirY21RxpLLGsZu18i2fp83n4DynjwnjWykrBg3WOk=; b=hkkDH2xxzkK2u/uTJ55HA78DsNPg17MqtsV3DMKxiMK8l59RYDQSp5VuKojbuJitSmiwjvmosC5Zssay+pJDwi4Yroa6OGiYIhZHD85rD4FGj/g4JuFDn7meeVr8q9UVPo1hJhK5H23GQAna6rws8qEjwKZpn69aaDNZhSGNJ88zDSSmaEbef+prqwQ7UsnkpC9Kx0ehId5ezhPxoVD8Nzp+KWUkLWbH6BicxXTeTPm0ZjTNf6V34uNmcLqqt8WZclyHg4fUOsoKirJVVzK3bsO9rS+TTtDHI9MDIaEYCOTqhr1rQZK2X3NWpfkemhrJcYGJ39XGCEEiVJZoXy4hKw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 18.7.68.33) smtp.rcpttodomain=ietf.org smtp.mailfrom=alum.mit.edu; dmarc=pass (p=none sp=none pct=100) action=none header.from=alum.mit.edu; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alum.mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nwirY21RxpLLGsZu18i2fp83n4DynjwnjWykrBg3WOk=; b=GvWlKNdlMyKU+Xppq8WZvmysxuBWtNtXCeLvANW8WqV9dgie7+LUynJe8Cy4O/i4/CbOyqYgnAtbaLF2D6gz0klqOaNrSIA5j356PhONeWS6aEIWvZ2SsoExAdEsNN1CmmIBhljFMXE8Y5+IYw2R8eksoEaFRc0qG4M81/O02jM=
Received: from SA0PR11CA0102.namprd11.prod.outlook.com (2603:10b6:806:d1::17) by BL0PR12MB2370.namprd12.prod.outlook.com (2603:10b6:207:47::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5458.19; Tue, 26 Jul 2022 02:49:16 +0000
Received: from SN1NAM02FT0011.eop-nam02.prod.protection.outlook.com (2603:10b6:806:d1:cafe::4f) by SA0PR11CA0102.outlook.office365.com (2603:10b6:806:d1::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5458.19 via Frontend Transport; Tue, 26 Jul 2022 02:49:15 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 18.7.68.33) smtp.mailfrom=alum.mit.edu; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=alum.mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of alum.mit.edu designates 18.7.68.33 as permitted sender) receiver=protection.outlook.com; client-ip=18.7.68.33; helo=outgoing-alum.mit.edu; pr=C
Received: from outgoing-alum.mit.edu (18.7.68.33) by SN1NAM02FT0011.mail.protection.outlook.com (10.97.5.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5458.17 via Frontend Transport; Tue, 26 Jul 2022 02:49:15 +0000
Received: from [192.168.1.52] (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id 26Q2nDVn017937 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 25 Jul 2022 22:49:13 -0400
Message-ID: <dc9028e0-2c48-920e-5cff-edfdf2076256@alum.mit.edu>
Date: Mon, 25 Jul 2022 22:49:12 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.11.0
Content-Language: en-US
To: Chris Wendt <chris-ietf@chriswendt.net>
Cc: stir@ietf.org
References: <5393b70d-bfc7-c8ac-eb8d-30c8087a1e89@nostrum.com> <A47A285A-C230-4277-91D8-FE6D5F88735C@vigilsec.com> <86c3441e-986a-2409-64c3-2d911c2b22cb@comcast.net> <FB4E1240-B814-46F0-8EBA-E4F1FF02DFF3@chriswendt.net>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
In-Reply-To: <FB4E1240-B814-46F0-8EBA-E4F1FF02DFF3@chriswendt.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: c636ba4d-37e8-4133-bc1e-08da6eb16d99
X-MS-TrafficTypeDiagnostic: BL0PR12MB2370:EE_
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Y9FKznUOFdMbFkwM+Xai2sntj/whkVeUMEYoxYr98wq6tNAxzbqvJAJdrZRrtAPuGG5jtFI5eOG/XgfIiLrN1cTvV3OwaxpVh6T8FN4JSdZreorcFH7RlmvXtNkGJ6rF4Tox3b3iRsUjC4k11fs0L1amENaZfhuQXj9YW1T9SdrlX7xn8tKI57ZJ7IxzPE0xwLXJbVDQ9FnjZL3LuOYtKR0jKhyVvwAznUZOxNnOt19Vj6QlEXlJ5iYrJhPNgPtByTe6fRIhnDkT2GudkUOFiw4nbNKv8RRhpvqkjcREU/EdptGWlKQ9rrVAGmQUfSLmQYFM4sAj9IvAoxrvEmrn1mUbLYlQR9SbDfjnKeQ2NvF1RCEJ4NgeH2fHGbygfJ765AoFbcb9+ODgTM4Nuuy54o4KJ0bcH2lgFTau0W2nivr6h+gcryGHVHm5fIqROQABfCI/VrYYILpVkUKdsMPWdCn+O5Eyi8iwbNr9XHXLrNi3PWB6BvstNE4Kr6oc2dWqDV5kgtzhvAIHtLwlkXV1I1LpiMi9+ey7GfCGVfSrSuE54HVIvxYVAksmxK+QWTf5HU7atxrpiCBEOF6z+GPhYjRhxOifaq+H5485DUzsgqRXO/O8Qia9KfvKxsbZjm1DB3yNsODQ2ZecUpuMmqgXWN3MeSrlEHP9vqRsTVYqmxAGtf+tQtAuWvrds3ftZgzLV54STYolAR8Gh9CvVEu1kHQQUSP91N4ADqs6dNBg5foUgZNX0M0+4D8aETJhiwbLi1WVTBbbi7dMSgWPqoEYmJE4g6EhREDwJiGYYW3L9toaWK2U7uKzhom6k9XJQbtssf3OBf5voj3dMzYZU9ZqxQ==
X-Forefront-Antispam-Report: CIP:18.7.68.33; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:outgoing-alum.mit.edu; PTR:outgoing-alum.mit.edu; CAT:NONE; SFS:(13230016)(396003)(346002)(376002)(39860400002)(136003)(46966006)(36840700001)(70586007)(4326008)(8936002)(75432002)(70206006)(8676002)(82310400005)(36860700001)(5660300002)(786003)(316002)(6916009)(26005)(47076005)(336012)(31686004)(186003)(2616005)(31696002)(53546011)(83380400001)(41300700001)(478600001)(2906002)(82740400003)(41320700001)(86362001)(956004)(40480700001)(7596003)(356005)(966005)(43740500002); DIR:OUT; SFP:1101;
X-OriginatorOrg: alum.mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jul 2022 02:49:15.1530 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c636ba4d-37e8-4133-bc1e-08da6eb16d99
X-MS-Exchange-CrossTenant-Id: 3326b102-c043-408b-a990-b89e477d582f
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3326b102-c043-408b-a990-b89e477d582f; Ip=[18.7.68.33]; Helo=[outgoing-alum.mit.edu]
X-MS-Exchange-CrossTenant-AuthSource: SN1NAM02FT0011.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB2370
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/NLOEe5WdXYDN2JYtOQ4Ga1M3jKc>
Subject: Re: [stir] WGLC: draft-ietf-stir-identity-header-errors-handling-02
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2022 02:49:23 -0000

Chris,

On 7/25/22 5:24 PM, Chris Wendt wrote:
> Thanks Paul for the detailed review, i will definitely bring up these topics in tomorrow’s STIR meeting. 

I haven't registered for this meeting so I won't be online for the stir 
session. So its great if you can represent these points.

	Thanks,
	Paul

> Your latter points i think are a side effect of the progressive nature of how the document evolved through discussions, so will be sure to bring up these points and try to address and see if we can agree on a path forward.
> 
>> On Jul 23, 2022, at 2:47 PM, Paul Kyzivat <paul.kyzivat@comcast.net> wrote:
>>
>> Here are thoughts I have after reviewing this document:
>>
>> * Section 3:
>>
>> This document is depending on draft-sparks-sipcore-multiple-reasons for an extension to the Reason header field permitting multiple reasons for the same protocol. That is an individual draft and is currently expired. IMO *this* draft should not complete WGLC until that draft is adopted and completes its own WGLC.
>>
>> Also, I think this draft should be more explicit in stating that the new STIR protocol it defines permits multiple uses, and perhaps constraints on how. (E.g., in what ways the multiple uses must differ, or how to resolve ambiguities among them. I *think* the response codes defined in RFC 8224 are mutually exclusive for a single passport, so perhaps constrain to a single cause per ppi.)
>>
>> I'm inclined to think that draft-sparks-sipcore-multiple-reasons ought to revise the IANA registry to include a new column that indicates single or multiple use. If so this document would need to include that field in its IANA registration.
>>
>> * Section 7:
>>
>> Requiring unconditional removal of the Reason header field seems an excessive remedy for the stated problem. It should be sufficient to remove the ppi parameter. And is even that needed if the ppi value is in compact form?
>>
>> * Section 8:
>>
>> The Protocol Cause for the STIR Protocol Value is specified as "Status code". This is the same as is defined for the SIP protocol. The values used for STIR as a subset of the SIP Protocol Causes. It isn't clear what values are valid for use here. I guess you intend the values specified in section 6.2.2 of RFC 8224. But defining that way isn't future proof. What if a subsequent extension/update to RFC 8224 defines some additional codes?
>>
>> I'm not certain what the best answer is here. I think it is worth some discussion.
>>
>> 	Thanks,
>> 	Paul
>>
>> On 7/12/22 9:34 AM, Russ Housley wrote:
>>> At the STIR Working Group Virtual Interim on 22 April 2022, we agreed to start WG Last Call for this document once an updates was posted.  It has now been posted.
>>> Please send reviews to the list by Noon Eastern time on  in 26 July 2022.  This is a few hours before the STIR session at IETF 114.
>>> If you plan to provide a review but need more time, please let us know as soon as possible.
>>> See <https://datatracker.ietf.org/doc/draft-ietf-stir-rfc4916-update/>
>>> For the STIR WG Chairs,
>>>   Russ
>>> _______________________________________________
>>> stir mailing list
>>> stir@ietf.org
>>> https://www.ietf.org/mailman/listinfo/stir
>>
>> _______________________________________________
>> stir mailing list
>> stir@ietf.org
>> https://www.ietf.org/mailman/listinfo/stir
>

v2.23.0 | Report a Bug | By Email