IETF Logo Mail Archive

Re: [stir] RFC 8224

Christer Holmberg <christer.holmberg@ericsson.com> Thu, 08 April 2021 19:21 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8EE23A1833 for <stir@ietfa.amsl.com>; Thu, 8 Apr 2021 12:21:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.588
X-Spam-Level:
X-Spam-Status: No, score=-1.588 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DC_PNG_UNO_LARGO=0.001, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001, URI_NOVOWEL=0.5, WEIRD_QUOTING=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i47ct48ARgPh for <stir@ietfa.amsl.com>; Thu, 8 Apr 2021 12:20:58 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2065.outbound.protection.outlook.com [40.107.20.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DDDC63A1831 for <stir@ietf.org>; Thu, 8 Apr 2021 12:20:57 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d0ATaE97aLCQs8rOxtDzIzPaN3b/G1YZ+cXqLsN6NWI2b2eku+SzA1+806rKQUaYZVObGZ2p5PBIHGOiIDQWWbLrkqOYh+6xSMZRrV9KgV4Ftvo3TvPXr2nOlpSoPHC/zEwwk8SgVQ/VmgW7nt8ups6y7PGFebcf4/a+3VJFQQ/rhL8lbk+2GL6UsW7jXIEy6Y/yIN1dEe7zt9Zx18ZZ5sIalOyix75Av3lW93dXP+jY9IiNu9fjWz+zq8O9nc9WohU7GAzRvBfy7fES2iFwpuD7UQ/4l2IVlPFWHg4czgNgI8dT9o8aDUNG4dO65IGXoimeHJEtkMW4YzO9xsoeBg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p68rjMPwRYN1VZtGpiswQ03SZ5tU5JJK3Lm8x3OrxVk=; b=J+AzP/hlMEdbbFaNYmQ4ZylRuXphNti7nHXYMW4tJMAwDGtD2wQYBPYB+/yYQC8XoEJNnfOgkt3kO2btJLnOQvpDoxGo/6i4RYxafZNgk8uEbn2Gqo72ixxRRSLLEO2jacz0+9nF+0YE203s1Z1p/kbsfcOHxXg/OZwY9dIamM6fHtOUJPvO1NSDOSid+kqWNlGS7oj0XA7ANhhoImH/cZiSmW0yC/OPyvGevZTcn8gJz22PKAIYndcwjkNfSNmvmtOCuiMXwrLaZh8ZfpYgXjsckBk7PPoZb9m5Bv2UI7Dw64bgO8JT5a3PJSfB5gQ6izc8/yhGw6z4i+vuJcHrVw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p68rjMPwRYN1VZtGpiswQ03SZ5tU5JJK3Lm8x3OrxVk=; b=gBvQ0yXQsjR6IQaPjYEZUGX4NVBaOP5RNupUHtJ5ldhO0Uo5bUz0YTZ3hFiSIdbkFYJ6jl+30/PEAt/cUxPChHS0d/XeyhVEz9w+6G+Q8WO1sIwuVxYaCKvq+xk/ewnPlsR60knJVlVihp4t+Rt5qLEPS++CfNYP0mh+/xPcv6c=
Received: from AM0PR07MB3860.eurprd07.prod.outlook.com (2603:10a6:208:4c::18) by AM0PR07MB4449.eurprd07.prod.outlook.com (2603:10a6:208:75::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4020.13; Thu, 8 Apr 2021 19:20:51 +0000
Received: from AM0PR07MB3860.eurprd07.prod.outlook.com ([fe80::35d8:a4ac:4e0d:f0dd]) by AM0PR07MB3860.eurprd07.prod.outlook.com ([fe80::35d8:a4ac:4e0d:f0dd%4]) with mapi id 15.20.4020.017; Thu, 8 Apr 2021 19:20:51 +0000
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: "Zerr, Brad" <BZerr@tnsi.com>, Marc Petit-Huguenin <marc@petit-huguenin.org>, Chris Wendt <chris-ietf@chriswendt.net>
CC: Cullen Jennings <fluffy@iii.ca>, IETF STIR Mail List <stir@ietf.org>, Eric Rescorla <ekr@rtfm.com>, Jon Peterson <jon.peterson@neustar.biz>, "Toy, Arthur" <atoy@tnsi.com>
Thread-Topic: [stir] RFC 8224
Thread-Index: AQHXKuCsV0y/psReW0yN3U7d8tpnjaqnbKNAgACQcQCAALgmsIAANsWAgAAk5HCAABl9gIAABJyAgAAUBTCAAAOnAIAAAKAQgAAI4gCAAABm8IAACioAgAAgA3CAAAy9AIAAA5JwgAF2nwCAAADcXQ==
Date: Thu, 08 Apr 2021 19:20:51 +0000
Message-ID: <AM0PR07MB3860CD5984E899362BE7833493749@AM0PR07MB3860.eurprd07.prod.outlook.com>
References: <DM6PR15MB4108EDAC1D320CA0132CFFE3C8779@DM6PR15MB4108.namprd15.prod.outlook.com> <AM0PR07MB3860D8B8F633F8AD911CA47893759@AM0PR07MB3860.eurprd07.prod.outlook.com> <DM6PR15MB4108A6CF60DB1FB40C427C7FC8759@DM6PR15MB4108.namprd15.prod.outlook.com> <AM0PR07MB38609183F83C41834AC0BDB493759@AM0PR07MB3860.eurprd07.prod.outlook.com> <5BE0F62B-2DE2-4073-BB7D-47DA2E1584B4@chriswendt.net> <DM6PR15MB41081CB035395CBE61904150C8759@DM6PR15MB4108.namprd15.prod.outlook.com> <AM0PR07MB38609494607756BB997F14D293759@AM0PR07MB3860.eurprd07.prod.outlook.com> <e91411bb-e524-8532-8df5-8658ba552a68@petit-huguenin.org> <AM0PR07MB3860CAF8EA7ACA8B65B0729D93759@AM0PR07MB3860.eurprd07.prod.outlook.com> <e5abeb7e-c192-11ad-b534-13e614547327@petit-huguenin.org> <AM0PR07MB38602BD2C8FE4111C1414E2893759@AM0PR07MB3860.eurprd07.prod.outlook.com> <bae50385-4b4c-5893-5155-2e808b3afc5b@petit-huguenin.org> <AM0PR07MB3860A69297A5911013FF341B93759@AM0PR07MB3860.eurprd07.prod.outlook.com> <7cd2574f-ddee-3001-c0ae-420b7198baab@petit-huguenin.org> <AM0PR07MB38605E6633E95419244D696193759@AM0PR07MB3860.eurprd07.prod.outlook.com>, <DM6PR15MB4108B0D599C3319A140113B3C8749@DM6PR15MB4108.namprd15.prod.outlook.com>
In-Reply-To: <DM6PR15MB4108B0D599C3319A140113B3C8749@DM6PR15MB4108.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: tnsi.com; dkim=none (message not signed) header.d=none;tnsi.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [2001:14bb:80:5422:ec66:2ba6:516a:2304]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 071a79fa-ed3b-4cac-ef0f-08d8fac36c52
x-ms-traffictypediagnostic: AM0PR07MB4449:
x-microsoft-antispam-prvs: <AM0PR07MB4449194E5BFD142E37F2AF0793749@AM0PR07MB4449.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:2803;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: W+hS3QeKp3ITiDcQRx89IzahXfRfABKTMSKjZndNCnO6ZogJFSykg8bEZ9cME6GGJo3kLa1EM8bBlPV7FiYa1WGdTG3Lw1lFqPWq4zuzE6nw3DPoWExlTyQxh4uibN2ZuablMdGZnYtKUX2Hx7JA5TvgyT5ctb01sS2ye9Kxep4+Hoslgn0oKeIYTkv7tmO14HLk+TWPXKdtyls4gmIDBlF+iwfWsL1A0vlBd9FaO2Rq4jKV5GFjRB65qQfDuKXMuP5ei/zSkhFw5OjG6fbihFsgKK7Db595C1AE/0H/HnAyhZT9kOrx57GJGQUZuEFoOU9ejtjuGtf9z6kfpoHhHDeaZq5RJceoeWMwm6yfwUQOJ2e70Dxq9+83L8bu2PVvE89T1zkI8K+Ie456jminpZ4MjV4zUDpSaCyJjyEhqC8EFSS6vg+vuj1J5Gv0pfVxdI+Iw9P2nHOK/IsBwfvsRc4/rHpTMZcuYU38qqrgC4eC4bWXXhylkR4KMRX8za1PKg5Z5n/OJK2cawKCKvUEIBeW5od4jlLIl6SxXP16jIC0AJyuh2KOUI1yAu2bzzQQ5iXArB1JdKsASKBUjqY7+U15Jr8vxyQgVY4O+3qMXlQfFbAotIUSRlgBvxaq5guaIUHBMKbJZb8oCSyNa37F/S0mGua2L98SZoBkiM0MH4FhTZGuJnyS83TIs3wMnatoGFurIncvHnNwmaEsaWd7h8IzQDejNSpeby+Vq6VfIiYi9NiqRywM0t6dOpeQjrOO
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB3860.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(376002)(346002)(366004)(39860400002)(396003)(7696005)(54906003)(66616009)(66476007)(66946007)(186003)(64756008)(66556008)(66446008)(76116006)(38100700001)(71200400001)(52536014)(8936002)(55016002)(91956017)(99936003)(4326008)(83380400001)(9686003)(8676002)(166002)(478600001)(44832011)(966005)(30864003)(6506007)(316002)(45080400002)(5660300002)(110136005)(2906002)(19627235002)(86362001)(33656002)(53546011)(21314003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: XNdWwhpChQlFmD49dzT6bOxN2ifGgcOz8cRA5uTIoVrn6mrel0Hixqp1nYFheHaI4awiJXSIqEtYjjeXOjXAPbJbyY6qJ6h04uVHgsePGhRDEIxN92ecsZkzCBd8EDDj2F4QknC2UE/Zs4L3Gz2IKbbn/Ek1ddAwqwTCvWvGcH+8JPTV1bhHMhlJ2UIfXGYkgR7hR+lO36pgh1kTGE8mZbmQPzoClScSRPAMfzh0cOZwPSgKYiLJRvn9jLL6MwrcDPl7KzJVWgwV03WLaXTip4xArrtORexE6+NCmXjfLNsHQe4U7zoMMaRoMt5INIucuxBmU0WtpyymByzoPLMiQzQoEPVKP9iOWfg0uAcdO08WDLARkknfhBXQtT3pFIfHqQv4sZcEDiZvt5ZQ2OtZwWU0ysSa97FdHXDGc+wsettU4AuBtj3eBagl/rMv3kfLSnfVQiPSQYU71pYu+WcTJhDKKCYicI7MxgeT6wWgNr0k7cEBowGpJYxwhvIs4R8azhKT7TE+PiwK4CvitaubTXtAd5aHFFv+JihRrvbuJEgaRllbGXxOMLjiSK6rMj63gPX3/HRyc7vKdmRp6eRdVSnZ7mWGS8h94GtoOgwlGvoYcYhBWQJeLmt86l2loMKIrhI8fOh6x45id5DPpciL2kY8Oj5Q42YzPBukx1UXTpgTLZlI+0rZQG/hzJFhznTnFKat7wxsJ6YZxeyVhsmlHA0RLkkFA0xVu5x8JrnZOlK9Eq6K13Os4mdawBSHmqecZHgapXKVwtWXuL+E+ox/zTHnRMGGKdCPkR1UGlAAMJkLWeHllJjE7N1jOLARSaweV9oJEPGuhlczWeoSPFIx3/Y8V1iWD4RibOeBW4AYkHVxiXUstpTO0Tivuth9cT+aKGCrS0nT44DWQHypp/GECMpA3Mpj1YcmivX/DF+qPouULQ1L2yV+lwxYCTNW5MsODmQb8z4FaA4dCuBPZS7yWkZLyQJA2oY388/XF7e1+IMYugV0gxLELh7AxATU2QlUqrmRL+lLoJPEuCss2W+ztIYFPsM9sYBWfNv4+q4+OQrONsJN1n/AboquCSUXXw2ps+6HsuYkgs2YmD1IGRVpv+QMsyk3XRZAlmfsMLlgLAxsE6EoW83q1AIXkDda7DnRvvedOfJM9fWre8jB+XqeBI8x2lsh1m8vxWCnKTcIWhAAz7MW6zjJGReQsj3LyYrvVmAep+ywsv/ZJkHFTUvd//LDx/iv8iGs+AaxrNmkbnkBGtbaw0k+m+CJuIkBA6mTeMs0ljNRaO3V5blOXJdpV7O6GUzrS5lV7aV1K7Ps5nM01i7iDeWD2mYR6q0r/aqeLy6STManjHDCgiZMT0V/JlKuF3e4WfcgUmJTJyZwAV0qLyahoJl463FSwZuc9okeCe0xRAC0EZ93nBx8u9x/Rg==
x-ms-exchange-transport-forked: True
Content-Type: multipart/related; boundary="_004_AM0PR07MB3860CD5984E899362BE7833493749AM0PR07MB3860eurp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR07MB3860.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 071a79fa-ed3b-4cac-ef0f-08d8fac36c52
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Apr 2021 19:20:51.4677 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: DXg3a+/maQk8DTqMp5b0WOUAEIon06kZi6s6VxuhFr03xKEAWHcKit5asX2EQj9+mCfF5f/GIqE4MEOp3jaOae2FYUXFLZe3QQT29UY8Lgo=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB4449
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/SxE7aoz4ca43HbE2weqll_am0hA>
Subject: Re: [stir] RFC 8224
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Apr 2021 19:21:05 -0000

Hi Brad,

The ATIS text you reference is not for the To header.

Regards,

Christer

Get Outlook for iOS<https://aka.ms/o0ukef>
________________________________
From: Zerr, Brad <BZerr@tnsi.com>
Sent: Thursday, April 8, 2021 10:16:44 PM
To: Christer Holmberg <christer.holmberg@ericsson.com>; Marc Petit-Huguenin <marc@petit-huguenin.org>; Chris Wendt <chris-ietf@chriswendt.net>
Cc: Cullen Jennings <fluffy@iii.ca>; IETF STIR Mail List <stir@ietf.org>; Eric Rescorla <ekr@rtfm.com>; Jon Peterson <jon.peterson@neustar.biz>; Toy, Arthur <atoy@tnsi.com>
Subject: RE: [stir] RFC 8224


Hi all,



>From previous conversations, it was recommended that the # character in the TO header needed to be escaped with %23



To: sip:%2355;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc420.mcc312.3gppnetwork.org;user=phone



This seems to be at odds with ATIS 1000082 stating what the allowed characters are.  As you can see below from 1000082, the % is not as part of this list.



Recommendations?



[cid:image001.png@01D72C81.C4932560]



From: Christer Holmberg <christer.holmberg@ericsson.com>
Sent: Wednesday, April 7, 2021 4:00 PM
To: Marc Petit-Huguenin <marc@petit-huguenin.org>; Zerr, Brad <BZerr@tnsi.com>; Chris Wendt <chris-ietf@chriswendt.net>
Cc: Cullen Jennings <fluffy@iii.ca>; IETF STIR Mail List <stir@ietf.org>; Eric Rescorla <ekr@rtfm.com>; Jon Peterson <jon.peterson@neustar.biz>; Toy, Arthur <atoy@tnsi.com>
Subject: RE: [stir] RFC 8224



Hi,

>>>>> 1. Section 8.1:
>>>>>
>>>>> The origin is either in the From header or in the P-Asserted-Identity header, in the example below we have both, but which one to use is a matter of local policy, so we are going to process all 3 (one in the From, two in the PAI):
>>>>>
>>>>> orig1:
>>>>> sip:+1xxxxxxxxxx@ims.mncxxxx.mccxxx.3gppnetwork.org;tag=p65539t1617
>>>>> 20
>>>>> 6731m169121c110882s1_1220390100-1617434405
>>>>> orig2: sip:xxxxxxxxx@ims.mnc420.mcc312.3gppnetwork.org
>>>>> orig3: tel:xxxxxxxxx
>>>>>
>>>>> The destination is always in the To header:
>>>>>
>>>>> dest:
>>>>> sip:*99;phone-context=ims.mncxxx.mccxxx.3gppnetwork.org@ims.mncxxx.
>>>>> mc
>>>>> cxxx.3gppnetwork.org;user=phone
>>>>>
>>>>> 2. Section 8.1
>>>>>
>>>>> Per this section, SIP URIs containing a user=phone parameter or tel URI contain a phone numbers. Everything else does not contain a phone number.
>>>>>
>>>>> Here only orig3 and dest contains a phone number, and need to be canonicalized using section 8.3. The part subject to canonicalization is the user part of the URI:
>>>>>
>>>>> orig3: xxxxxxxxx
>>>>> dest: *99;phone-context=ims.mncxxx.mccxxx.3gppnetwork.org<https://protect2.fireeye.com/v1/url?k=7c40792e-23db4012-7c4039b5-86b1886cfa64-568f8cb842251179&q=1&e=0857f501-f35f-4a5a-b9cc-18fdb5033d11&u=http%3A%2F%2Fims.mncxxx.mccxxx.3gppnetwork.org%2F>
>>>>>
>>>>> orig1 and orig2 are canonicalized using section 8.5. The input is the whole URI:
>>>>>
>>>>> orig1: sip:+1xxxxxxxxxx@ims.mncxxxx.mccxxx.3gppnetwork.org
>>>>> orig2: ip:xxxxxxxxx@ims.mnc420.mcc312.3gppnetwork.org
>>>>
>>>> Where in Section 8 is it defined that phone-context is removed?
>>>
>>> It is removed by not being part of the username (or user part) portion of a SIP URI:
>>
>> It is part of the user part.
>>
>> When user=phone is present, the user part is encoded as a telephone-subscriber (RFC 2806), which may contain a phone-context.
>
> Right, I was thinking of user=phone.
>
> phone-context and the other parameters are removed when applying the first bullet point in 8.3.

well, the bullet only talks about specific characters, which means numeric characters of the phone-context would remain...

I think there should be explicit text about tel-URL parameters (in addition to phone-context there are also others).

Regards,

Christer



>
> Regards,
>
> Christer
>
>
>
>
>
>
>
>
> 8.1:
>
> "First, implementations will ascertain if the user portion of the URI
> constitutes a telephone number. Telephone numbers most commonly
> appear in SIP header field values in the username portion of a SIP
> URI"
>
> 8.3:
>
> "Once an implementation has identified a telephone number, it must
> construct a number string."
>
> "o Implementations MUST drop any "+"s, internal dashes, parentheses,
> or other non-numeric characters, except for the "#" or "*" keys
> used in some special service numbers"
>
>
>>
>>
>>
>> On 4/7/21 9:54 AM, Christer Holmberg wrote:
>>> Hi,
>>>
>>>>> Maybe the problem with the To header is the phone-context parameter.
>>>>> The RFC 8224 procedures do not cover the presence of the parameter: the parameter is not removed, nor is it added to the tn. And, the generic SIP canonicalization procedures does not remove the parameter either.
>>>>
>>>> That is not my understanding of RFC 8224 section 8.1 and 8.3.
>>>
>>> What is your understanding?
>>>
>>> Regards,
>>>
>>> Christer
>>>
>>>
>>>
>>>> From: Zerr, Brad <BZerr@tnsi.com<mailto:BZerr@tnsi.com>>
>>>> Sent: keskiviikko 7. huhtikuuta 2021 18.26
>>>> To: Chris Wendt <chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net>>; Christer Holmberg
>>>> <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>>
>>>> Cc: Marc Petit-Huguenin <marc@petit-huguenin.org<mailto:marc@petit-huguenin.org>>; Cullen Jennings
>>>> <fluffy@iii.ca<mailto:fluffy@iii.ca>>; IETF STIR Mail List <stir@ietf.org<mailto:stir@ietf.org>>; Eric Rescorla
>>>> <ekr@rtfm.com<mailto:ekr@rtfm.com>>; Jon Peterson <jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz>>; Toy,
>>>> Arthur <atoy@tnsi.com<mailto:atoy@tnsi.com>>
>>>> Subject: RE: [stir] RFC 8224
>>>>
>>>> Hi Chris,
>>>>
>>>> Here is a little background that got this conversation going.
>>>>
>>>> One of our customers sent us a SIP INVITE so we could perform the Stir-Shaken Signing for them. The customer performed the translations on their MMTEL TAS to translate *55 to a 10 digit number. When we receive the SIP INVITE for signing, it had the REQ-URI with the 10 digit number and the TO header with *55, see below. Our applications rejected this because of the TO header (whether it is right or wrong is to be determined). So we start questioning how * and # short codes should be handled.
>>>>
>>>> FYI, I “x” out information to keep anonymous
>>>>
>>>> INVITE
>>>> sip:+xxxxxxxxxx;phone-context=imsmncXXXmccXXXXgppnetworkorg@ims.mnc
>>>> x x x.mcc3xxx.3gppnetwork.org;user=phone SIP/2.0
>>>> To:
>>>> sip:*99;phone-context=ims.mncxxx.mccxxx.3gppnetwork.org@ims.mncxxx.
>>>> m
>>>> c
>>>> cxxx.3gppnetwork.org;user=phone
>>>> From:
>>>> sip:+1xxxxxxxxxx@ims.mncxxxx.mccxxx.3gppnetwork.org;tag=p65539t1617
>>>> 2
>>>> 0
>>>> 6731m169121c110882s1_1220390100-1617434405
>>>> Call-ID: p65539t1617206731m169121c110882s2
>>>> CSeq: 1 INVITE
>>>> Max-Forwards: 66
>>>> Content-Length: 896
>>>> Via: SIP/2.0/TCP
>>>> xxxxxxxxxx:5060;branch=z9hG4bK1a5ca0b3c42536a59ddec4c723f8774fk5555
>>>> 5
>>>> 5 yaaaaacaaaaaaaaaaaaa3Zqkv7yujk3t0qbaaiaiaaaaabqaaaaaaaqaaaaaa
>>>> Via: SIP/2.0/TCP xxxxxxx:5082;branch=z9hG4bK1220390081-337970536
>>>> Route:
>>>> sip:xxxx.cgah.ims.mncxxx.mccxxx.3gppnetwork.org;callhalf=orig;lr
>>>> Route:
>>>> sip:3Zqkv7%2FcaGmGRV9neaaaacgloTpN3kFNU6jv2EObabaecaSdeaaaadsip%3A%<sip:3Zqkv7%2FcaGmGRV9neaaaacgloTpN3kFNU6jv2EObabaecaSdeaaaadsip%3A%25>
>>>> 2
>>>> B
>>>> xxxxxxxx%40ims.mncxxx.mccxxx.3gppnetwork.orgOLxz6Geaeaqxxxxxxxxxxx%
>>>> 4
>>>> 0 ims.mncxxx.mcc3xxx.3gppnetwork.org@xxxxxxxxxxxx:5060;lr<mailto:ims.mncxxx.mcc3xxx.3gppnetwork.org@xxxxxxxxxxxx:5060;lr>
>>>> Record-Route:
>>>> sip:3Zqkv7%20caqmGRV9ngaaaaaQjv2EObabaeaaaaamsip%3A%2Bxxxxxxx%40ims.
>>>> m
>>>> ncxxx.mccxxx.3gppnetwork.org@scscf2.ims.mncxxxx.mccxxxx.3gppnetwork<mailto:ncxxx.mccxxx.3gppnetwork.org@scscf2.ims.mncxxxx.mccxxxx.3gppnetwork>.
>>>> o
>>>> rg:5060;maddr=xxxxxxxxx;lr
>>>> Contact: sip:p65539t1617206731m169121c110882s1@xxxxxxxx:5082;+g.3gpp.accesstype="cellular";+g.3gpp.icsi-ref="urn%3Aurn-7%3A3gpp-service.ims.icsi.mmtel<sip:p65539t1617206731m169121c110882s1@xxxxxxxx:5082;+g.3gpp.accesstype=%22cellular%22;+g.3gpp.icsi-ref=%22urn%3Aurn-7%3A3gpp-service.ims.icsi.mmtel<sip:p65539t1617206731m169121c110882s1@xxxxxxxx:5082;+g.3gpp.accesstype=%22cellular%22;+g.3gpp.icsi-ref=%22urn%3Aurn-7%3A3gpp-service.ims.icsi.mmtel%3csip:p65539t1617206731m169121c110882s1@xxxxxxxx:5082;+g.3gpp.accesstype=%22cellular%22;+g.3gpp.icsi-ref=%22urn%3Aurn-7%3A3gpp-service.ims.icsi.mmtel>>"
>>>> Content-Type: application/sdp
>>>> Allow: REGISTER, REFER, NOTIFY, SUBSCRIBE, INFO, MESSAGE, PRACK,
>>>> UPDATE, INVITE, ACK, OPTIONS, CANCEL, BYE
>>>> Accept-Contact: *;+g.3gpp.icsi-ref="urn%3Aurn-7%3A3gpp-service.ims.icsi.mmtel"
>>>> Supported: timer, 100rel, path, precondition, replaces
>>>> P-Asserted-Identity:
>>>> sip:xxxxxxxxx@ims.mnc420.mcc312.3gppnetwork.org
>>>> P-Asserted-Identity: tel:xxxxxxxxx
>>>> Proxy-Authorization: Digest
>>>> uri=sip:*99;phone-context=ims.mnc4xxx.mccxxx.3gppnetwork.org@ims.mn
>>>> c
>>>> x
>>>> xx.mccxxx.3gppnetwork.org;user=phone,response="",nonce="",realm="",
>>>> u
>>>> s
>>>> ername=xxxxxxxxxxxxxx@ims.mncxxx.mcc3xxx.3gppnetwork.org<mailto:xxx<mailto:ername=xxxxxxxxxxxxxx@ims.mncxxx.mcc3xxx.3gppnetwork.org%3cmailto:xxx>
>>>> x x xxxxxxxxx@ims.mncxxx.mcc3xxx.3gppnetwork.org<mailto:xxxxxxxxx@ims.mncxxx.mcc3xxx.3gppnetwork.org>>
>>>> P-Visited-Network-ID: ims.mnc420.mcc312.3gppnetwork.org<https://protect2.fireeye.com/v1/url?k=34ec8226-6b77bb1a-34ecc2bd-86b1886cfa64-e171fd55781981c8&q=1&e=0857f501-f35f-4a5a-b9cc-18fdb5033d11&u=http%3A%2F%2Fims.mnc420.mcc312.3gppnetwork.org%2F>
>>>> P-Access-Network-Info:
>>>> 3GPP-E-UTRAN-FDD;local-time-zone="2021-03-31T11:05:31-05:00";utran-
>>>> c
>>>> e
>>>> ll-id-3gpp=xxxxxxxxxxxxxxxxxxxxxxxx
>>>> Min-SE: 900
>>>> Session-Expires: 1800
>>>> P-Charging-Vector:
>>>> icid-value=pcscf2.ims.mncxxx.mcc3xxx.3gppnetw-1617-206731-149675;ic
>>>> i
>>>> d
>>>> -generated-at=pcscf2.ims.mncxxx.mccxxx.3gppnetwork.org;orig-ioi=ims.
>>>> m
>>>> ncxxx.mccxxxx.3gppnetwork.org<https://protect2.fireeye.com/v1/url?k=eeef46a8-b1747f94-eeef0633-86b1886cfa64-e50d414254cbb27d&q=1&e=0857f501-f35f-4a5a-b9cc-18fdb5033d11&u=http%3A%2F%2Fncxxx.mccxxxx.3gppnetwork.org%2F>
>>>> User-Agent: Ericsson MTAS - CXP2010134/1 R20F14
>>>> P-Charging-Function-Addresses: ccf="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
>>>> P-Served-User:
>>>> sip:xxxxxxxxxxx@ims.mnc420.mcc312.3gppnetwork.org;sescase=orig;regs
>>>> t
>>>> a
>>>> te=reg
>>>> Feature-Caps: *;+g.3gpp.registration-token="<63b9cf28>"
>>>> P-Early-Media: supported
>>>> Session-ID: 7c386176b888d13d404845e189d6885b
>>>>
>>>> From: Chris Wendt
>>>> <chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net%3cmailto:chris-ietf@chriswendt.net>>>
>>>> Sent: Wednesday, April 7, 2021 10:10 AM
>>>> To: Christer Holmberg
>>>> <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.c
<mailto:christer.holmberg@ericsson.com%3cmailto:christer.holmberg@ericsson.c%0b>>>>> o
>>>> m
>>>>>>
>>>> Cc: Zerr, Brad <BZerr@tnsi.com<mailto:BZerr@tnsi.com<mailto:BZerr@tnsi.com%3cmailto:BZerr@tnsi.com>>>; Marc
>>>> Petit-Huguenin
>>>> <marc@petit-huguenin.org<mailto:marc@petit-huguenin.org<mailto:marc@petit-huguenin.org%3cmailto:marc@petit-huguenin.org>>>; Cullen
>>>> Jennings <fluffy@iii.ca<mailto:fluffy@iii.ca<mailto:fluffy@iii.ca%3cmailto:fluffy@iii.ca>>>; IETF STIR Mail List
>>>> <stir@ietf.org<mailto:stir@ietf.org<mailto:stir@ietf.org%3cmailto:stir@ietf.org>>>; Eric Rescorla
>>>> <ekr@rtfm.com<mailto:ekr@rtfm.com<mailto:ekr@rtfm.com%3cmailto:ekr@rtfm.com>>>; Jon Peterson
>>>> <jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz%3cmailto:jon.peterson@neustar.biz>>>; Toy,
>>>> Arthur <atoy@tnsi.com<mailto:atoy@tnsi.com<mailto:atoy@tnsi.com%3cmailto:atoy@tnsi.com>>>
>>>> Subject: Re: [stir] RFC 8224
>>>>
>>>> This is a legit question for RFC8224 and agree with the answers, but just in case it’s relevant you would not send these types of SIP URIs as dest in context of STIR/SHAKEN (over NNI/peering relationship) which only supports tel URIs currently. That may not be your use-case but just wanted to clarify in case it was relevant. I would be curious to know the context if you are willing to share though, i am guessing intra network use case between device and app server? Definitely interested in those cases, for me in context of delegate certs.
>>>>
>>>> -Chris
>>>>
>>>>
>>>>
>>>> On Apr 7, 2021, at 9:52 AM, Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com%3cmailto:christer.holmberg@ericsson.com>>> wrote:
>>>>
>>>> Hi,
>>>>
>>>> ´*´ can be used as such in a SIP-URI, but ‘#’ would have to be escaped.
>>>>
>>>> So:
>>>>
>>>> To:
>>>> sip:*55;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc420.
>>>> m
>>>> c
>>>> c312.3gppnetwork.org;user=phone
>>>>
>>>> …is ok, but;
>>>>
>>>> To:
>>>> sip:#55;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc420.
>>>> m
>>>> c
>>>> c312.3gppnetwork.org;user=phone<sip:*55;phone-context=ims.mnc420.mc<https://protect2.fireeye.com/v1/url?k=de790f19-81e23625-de794f82-86b1886cfa64-8040fe565ed6c82c&q=1&e=0857f501-f35f-4a5a-b9cc-18fdb5033d11&u=http%3A%2F%2Fims.mnc420.mc%2F>
>>>> c
>>>> 3 12.3gppnetwork.org@ims.mnc420.mcc312.3gppnetwork.org;user=phone<mailto:12.3gppnetwork.org@ims.mnc420.mcc312.3gppnetwork.org;user=phone>>
>>>>
>>>> …is NOT ok. Instead:
>>>>
>>>> To:
>>>> sip:%2355;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc420.
>>>> mcc312.3gppnetwork.org;user=phone
>>>>
>>>> …will have to be used.
>>>>
>>>> Regards,
>>>>
>>>> Christer
>>>>
>>>>
>>>>
>>>> From: Zerr, Brad <BZerr@tnsi.com<mailto:BZerr@tnsi.com<mailto:BZerr@tnsi.com%3cmailto:BZerr@tnsi.com>>>
>>>> Sent: keskiviikko 7. huhtikuuta 2021 14.27
>>>> To: Christer Holmberg
>>>> <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.c
<mailto:christer.holmberg@ericsson.com%3cmailto:christer.holmberg@ericsson.c%0b>>>>> o
>>>> m
>>>>>> ; Marc Petit-Huguenin
>>>> <marc@petit-huguenin.org<mailto:marc@petit-huguenin.org<mailto:marc@petit-huguenin.org%3cmailto:marc@petit-huguenin.org>>>; Cullen
>>>> Jennings <fluffy@iii.ca<mailto:fluffy@iii.ca<mailto:fluffy@iii.ca%3cmailto:fluffy@iii.ca>>>; IETF STIR Mail List
>>>> <stir@ietf.org<mailto:stir@ietf.org<mailto:stir@ietf.org%3cmailto:stir@ietf.org>>>
>>>> Cc: chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net%3cmailto:chris-ietf@chriswendt.net>>;
>>>> Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com<mailto:ekr@rtfm.com%3cmailto:ekr@rtfm.com>>>; Jon Peterson
>>>> <jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz%3cmailto:jon.peterson@neustar.biz>>>; Toy,
>>>> Arthur <atoy@tnsi.com<mailto:atoy@tnsi.com<mailto:atoy@tnsi.com%3cmailto:atoy@tnsi.com>>>
>>>> Subject: RE: [stir] RFC 8224
>>>>
>>>> Good Morning.
>>>>
>>>> Would you mind providing an example of what the TO header should look like for both a * and # dial to help clear up? Assume they are leading characters in the TO header.
>>>>
>>>> Example of what is being sent today:
>>>>
>>>> To:
>>>> sip:*55;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc420.
>>>> m
>>>> c
>>>> c312.3gppnetwork.org;user=phone
>>>>
>>>> To:
>>>> sip:#55;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc420.
>>>> m
>>>> c
>>>> c312.3gppnetwork.org;user=phone<sip:*55;phone-context=ims.mnc420.mc<https://protect2.fireeye.com/v1/url?k=8b69ba29-d4f28315-8b69fab2-86b1886cfa64-770258b0ccf0eabc&q=1&e=0857f501-f35f-4a5a-b9cc-18fdb5033d11&u=http%3A%2F%2Fims.mnc420.mc%2F>
>>>> c
>>>> 3 12.3gppnetwork.org@ims.mnc420.mcc312.3gppnetwork.org;user=phone<mailto:12.3gppnetwork.org@ims.mnc420.mcc312.3gppnetwork.org;user=phone>>
>>>>
>>>> From: Christer Holmberg
>>>> <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.c
<mailto:christer.holmberg@ericsson.com%3cmailto:christer.holmberg@ericsson.c%0b>>>>> o
>>>> m
>>>>>>
>>>> Sent: Wednesday, April 7, 2021 3:14 AM
>>>> To: Marc Petit-Huguenin
>>>> <marc@petit-huguenin.org<mailto:marc@petit-huguenin.org<mailto:marc@petit-huguenin.org%3cmailto:marc@petit-huguenin.org>>>; Cullen
>>>> Jennings <fluffy@iii.ca<mailto:fluffy@iii.ca<mailto:fluffy@iii.ca%3cmailto:fluffy@iii.ca>>>; Zerr, Brad
>>>> <BZerr@tnsi.com<mailto:BZerr@tnsi.com<mailto:BZerr@tnsi.com%3cmailto:BZerr@tnsi.com>>>; IETF STIR Mail List
>>>> <stir@ietf.org<mailto:stir@ietf.org<mailto:stir@ietf.org%3cmailto:stir@ietf.org>>>
>>>> Cc: chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net%3cmailto:chris-ietf@chriswendt.net>>;
>>>> Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com<mailto:ekr@rtfm.com%3cmailto:ekr@rtfm.com>>>; Jon Peterson
>>>> <jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz%3cmailto:jon.peterson@neustar.biz>>>; Toy,
>>>> Arthur <atoy@tnsi.com<mailto:atoy@tnsi.com<mailto:atoy@tnsi.com%3cmailto:atoy@tnsi.com>>>
>>>> Subject: RE: [stir] RFC 8224
>>>>
>>>> Hi,
>>>>
>>>>> I think the question was about the format to use before canonicalization.
>>>>>
>>>>> My understanding of RFC 3986 is that `#` should be escaped because it is the delimiter for an URI fragment. Fragments are not defined in SIP URIs, but a generic URI parser may still remove everything after and including '#'.
>>>>
>>>> "#" will have to be escaped in a SIP-URI, e.g., in a To header field.
>>>>
>>>> But, Section 8.3 of RFC 8224 has nothing to do with a SIP-URI or the To header field.
>>>>
>>>> Regards,
>>>>
>>>> Christer
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> OTOH there is no need to escape '*' as it is part of the `sub-delims` rule.
>>>>
>>>> so
>>>>
>>>> ....
>>>> To:
>>>> sip:*55;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc420.
>>>> m
>>>> c
>>>> c312.3gppnetwork.org;user=phone
>>>> ....
>>>>
>>>> is fine, but dialing directly an extension would be:
>>>>
>>>> ....
>>>> To: sip:+14085550460%2377@example.org;user=phone
>>>> ....
>>>>
>>>> On 4/6/21 5:43 AM, Christer Holmberg wrote:
>>>>> Hi,
>>>>>
>>>>> %2A is not the ASCII format of *, it is the escaped (see RFC 3261).
>>>>>
>>>>> And, the syntax allows both * and #, so no need to escape (in fact, it is not even possible to escape in this case):
>>>>>
>>>>> tn-spec = 1*tn-char
>>>>> tn-char = "#" / "*" / DIGIT
>>>>>
>>>>> Also, note that RFC 8224 does not define the syntax of the To header field - that is done in RFC 3261. The telephone number described in Section 8.3 of RFC 8224 will be included in the PASSPort (RFC 8225).
>>>>>
>>>>> Regards,
>>>>>
>>>>> Christer
>>>>>
>>>>> From: stir <stir-bounces@ietf.org<mailto:stir-bounces@ietf.org<mailto:stir-bounces@ietf.org%3cmailto:stir-bounces@ietf.org>>>
>>>>> On Behalf Of Cullen Jennings
>>>>> Sent: tiistai 6. huhtikuuta 2021 15.30
>>>>> To: Zerr, Brad <BZerr@tnsi.com<mailto:BZerr@tnsi.com<mailto:BZerr@tnsi.com%3cmailto:BZerr@tnsi.com>>>; IETF STIR
>>>>> Mail List <stir@ietf.org<mailto:stir@ietf.org<mailto:stir@ietf.org%3cmailto:stir@ietf.org>>>
>>>>> Cc: chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net%3cmailto:chris-ietf@chriswendt.net>>;
>>>>> Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com<mailto:ekr@rtfm.com%3cmailto:ekr@rtfm.com>>>; Jon Peterson
>>>>> <jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz<mailto:jon.peterson@neustar.biz%3cmailto:jon.peterson@neustar.biz>>>; Toy,
>>>>> Arthur <atoy@tnsi.com<mailto:atoy@tnsi.com<mailto:atoy@tnsi.com%3cmailto:atoy@tnsi.com>>>
>>>>> Subject: Re: [stir] RFC 8224
>>>>>
>>>>>
>>>>> Adding to STIR mailing list …
>>>>>
>>>>>
>>>>> On Apr 5, 2021, at 9:19 AM, Zerr, Brad <BZerr@tnsi.com<mailto:BZerr@tnsi.com<mailto:BZerr@tnsi.com%3cmailto:BZerr@tnsi.com<mailto:BZerr@tnsi.com%3cmailto:BZerr@tnsi.com%3cmailto:BZerr@tnsi.com%3cmailto:BZerr@tnsi.com>>>> wrote:
>>>>>
>>>>> Good Morning.
>>>>>
>>>>> This may not be the correct process, so let me know if I should ask this in a different forum.
>>>>>
>>>>> I had a question regarding section 8.3 when it comes to * and #
>>>>> handling. Is this stating that when a * or # proceeds a digit
>>>>> string (i.e. *55), it should be in ASCI Format for the * (i.e.
>>>>> %2A)
>>>>>
>>>>> <image001.png>
>>>>>
>>>>> So Instead of this:
>>>>>
>>>>> To:
>>>>> sip:*55;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc420.
>>>>> m
>>>>> cc312.3gppnetwork.org;user=phone
>>>>>
>>>>> It should be this
>>>>>
>>>>> To:
>>>>> sip:%2A55;phone-context=ims.mnc420.mcc312.3gppnetwork.org@ims.mnc4
>>>>> 2
>>>>> 0
>>>>> .mcc312.3gppnetwork.org;user=phone
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>> --




--
Marc Petit-Huguenin
Email: marc@petit-huguenin.org<mailto:marc@petit-huguenin.org>
Blog: https://protect2.fireeye.com/v1/url?k=28d0d527-774bedc5-28d095bc-86073b36ea28-f2c358423b8421cd&q=1&e=78d08abe-b951-45e0-a93d-4a2bc670a4be&u=https%3A%2F%2Fmarc.petit-huguenin.org%2F
Profile: https://www.linkedin.com/in/petithug

________________________________

This e-mail message is for the sole use of the intended recipient(s) and may
contain confidential and privileged information of Transaction Network Services.
Any unauthorized reviews, use, disclosure or distribution is prohibited. If you are not
the intended recipient, please contact the sender by reply e-mail and destroy all copies
of the original message.


________________________________
This email has been scanned for email related threats and delivered safely by Mimecast.
For more information please visit http://www.mimecast.com<https://protect2.fireeye.com/v1/url?k=42ec3a2d-1d770311-42ec7ab6-86b1886cfa64-3d8237f494010d10&q=1&e=0857f501-f35f-4a5a-b9cc-18fdb5033d11&u=http%3A%2F%2Fwww.mimecast.com%2F>
________________________________

v2.23.0 | Report a Bug | By Email