IETF Logo Mail Archive

Re: [stir] Secdir last call review of draft-ietf-stir-passport-divert-07

"Peterson, Jon" <jon.peterson@team.neustar> Mon, 13 July 2020 14:42 UTC

Return-Path: <prvs=8463aa7b49=jon.peterson@team.neustar>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EC203A125E; Mon, 13 Jul 2020 07:42:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=team.neustar header.b=r3g38XB/; dkim=pass (1024-bit key) header.d=neustar.onmicrosoft.com header.b=Y4Dy5In5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fT4dx3Ndf3l4; Mon, 13 Jul 2020 07:42:12 -0700 (PDT)
Received: from mx0b-0018ba01.pphosted.com (mx0b-0018ba01.pphosted.com [67.231.157.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 140253A1312; Mon, 13 Jul 2020 07:42:11 -0700 (PDT)
Received: from pps.filterd (m0078668.ppops.net [127.0.0.1]) by mx0b-0018ba01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 06DEWUqp008832; Mon, 13 Jul 2020 10:42:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=team.neustar; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=team-neustar; bh=qx+HbSiSeyVe3nnGBOeF18QZa8wRqqbrp0UJQlv1f/U=; b=r3g38XB/kPqr0T75bgcpaWEeKs8bfNPQqGsPCUh4o1PksJ0RoIGgq8WAmuuuVqaLThzc QzIi8ndcbTdv5cS+Y2xJP9yPgh+Hv8zbPHEOI1jdJesaiPvlM1HnE90xAr5YRr5sRGh5 +mpfIX56ufW2DCw723We9ZIRiCM3d//fT9Lgtj8Ad3i8+u0ePqc0FXZLWLpCOQJMzNfd HSIqQXdcNoTd7Qsn+cqaslSmLTZ+k7++vzrH9UodvQsOtw9tIcbyaOuPwbNvlUzsveSG JwfFINR+cCyClEpGx88PIATuF5v/wfvvrXXtjStD9Jy/2jl8T1IfdelFhHskbdXZ3E8e zw==
Received: from nam04-bn3-obe.outbound.protection.outlook.com (mail-bn3nam04lp2057.outbound.protection.outlook.com [104.47.46.57]) by mx0b-0018ba01.pphosted.com with ESMTP id 327yu7csye-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 13 Jul 2020 10:42:09 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BFeN/cIfDdn5WtCSWM+ykBNiJNbmSjzaw0qtqJuVYwpUKHn6cZJtRaowxpIy/w2I6vucQhAsucIUjJ0wz2DIEjSjmDEyYQq8TveobdVkVviXGznR49l9f//DZFdIQORmm4AZaxvc0zModcq60Aa/UJlpYCGqEFNaz5thzi/bHtMEQa3QTqF57PQ7hZ/KQ+4tH4TTElBmAJd08HrgS/oWBu8E8J7gAHIj9/xeFBYZQKUQdUDAafTS1del8C6spO13n29jK+5Mh4GT0kF2BkQ5DgcsBB8s+la9/diRgpxEtDbRCt3OKmzxkv+35jNi6QUhHFM+QGta8nW16VQeG4sn0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qx+HbSiSeyVe3nnGBOeF18QZa8wRqqbrp0UJQlv1f/U=; b=Qvwpi09PgTgq4/PvZpqKInEeGqLE1VnJq3U/Q4o1/VnRXotG2HigQ2Q354eUpX8u4+Nl3y45lT7KnbP5Qo3+SSiCvCzqmv8so8AfHfX2GoSJJBdu5Sryux3C2+TM6e/wOqsoXgT1FRxv8mZ2LH4+l3B09t1CDmubALHYmevIRfynptdhAIrl4+ThFU6uEyy2e0gp2XaNksrz741TTz8uQBHuZUTHWKoWxIQS10hFAZ+sO50/FkF0wYeZvRQeQj7AakRXx19aC+djW4z7SudYB5OhDuKfPzKEP6ljfrAQzQ1GuAhXHgreFBCBWR4uRh4cuzICCVzU0/zI8CBe1j7Yfg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=team.neustar; dmarc=pass action=none header.from=team.neustar; dkim=pass header.d=team.neustar; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neustar.onmicrosoft.com; s=selector1-neustar-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qx+HbSiSeyVe3nnGBOeF18QZa8wRqqbrp0UJQlv1f/U=; b=Y4Dy5In5bGJ714rMb0jeh879E6wVj7y7ocqSxWhCcn0nRBCswsjJX2/cOFuIQbJmvQ1TJ3yZ6X83oZpcXHZO5tI5+aZl/LFV3fRS2Gu9k2XooPJC4AiBGWIiJlrMy2eGdGGYN3KJDN4r4XNSkm8HJ5u4D8GQkBCOl4oBMcQa7l8=
Received: from BY5PR17MB3569.namprd17.prod.outlook.com (2603:10b6:a03:1b9::20) by BYAPR17MB2936.namprd17.prod.outlook.com (2603:10b6:a03:f1::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.24; Mon, 13 Jul 2020 14:42:08 +0000
Received: from BY5PR17MB3569.namprd17.prod.outlook.com ([fe80::503b:2ce0:8d8b:6b15]) by BY5PR17MB3569.namprd17.prod.outlook.com ([fe80::503b:2ce0:8d8b:6b15%5]) with mapi id 15.20.3174.025; Mon, 13 Jul 2020 14:42:08 +0000
From: "Peterson, Jon" <jon.peterson@team.neustar>
To: Phillip Hallam-Baker <hallam@gmail.com>, "secdir@ietf.org" <secdir@ietf.org>
CC: "draft-ietf-stir-passport-divert.all@ietf.org" <draft-ietf-stir-passport-divert.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "stir@ietf.org" <stir@ietf.org>
Thread-Topic: Secdir last call review of draft-ietf-stir-passport-divert-07
Thread-Index: AQHVp+v5WPXkxkGne0msFPVEb41+CaiCb34A
Date: Mon, 13 Jul 2020 14:42:08 +0000
Message-ID: <564C75D1-43C3-4B09-922A-55994C96B686@team.neustar>
References: <157516602555.14564.17709496168683829956@ietfa.amsl.com>
In-Reply-To: <157516602555.14564.17709496168683829956@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.17.200615
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=team.neustar;
x-originating-ip: [2600:1700:2ec0:8108::a]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9e3c50fb-4d78-4217-94cc-08d8273aebac
x-ms-traffictypediagnostic: BYAPR17MB2936:
x-microsoft-antispam-prvs: <BYAPR17MB2936ABEF9EFAF82435881530E2600@BYAPR17MB2936.namprd17.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hnCM+5Yd4RywtjB+UFqj0iCR3ac9EhD0SQwjtr7L+rXMtokICxERA/ZsbOQP08MbzwLaEP8QHY5vKMgIUf3kRRhP4IunXZL1OS54o1LfvaLWlfW+B01CdUJonl3mujQAxkqz6uIY5dbsRUV7nf2WQaGfQqBHxOxdswdCCY60HVU/P7hVMELKJ9jHTmFKad524iBgNV28jqBAe2z8jOEGRrIHiUZRQLvBXyfhiS5fxo5/ua/05ZGyLu3g9CAQnEl8QcQjSCcVUYVKTX7wWhShjKiYkwWppMJVdEwxT2EI0f7UIHMQEtRjWk9aVaCJUDPtq7UNp+BKETZDXXOPr+ZJ99O/AzitIFTC6IkUQdlRh/ZhzmwGISJrPIBTIAU6IRxY
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR17MB3569.namprd17.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(366004)(396003)(39860400002)(376002)(136003)(346002)(33656002)(66446008)(64756008)(66556008)(66476007)(66946007)(76116006)(6512007)(186003)(71200400001)(6506007)(2906002)(53546011)(86362001)(8936002)(6486002)(316002)(110136005)(54906003)(478600001)(5660300002)(83380400001)(4326008)(2616005)(8676002)(46492007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: u0SQFVG1558cWJr//t6AoHt78rJ3lJ4QI0RfApKj9+iHVz/THf4inANCX/OdPFR77WU7T8Oxj0Rd/EW9cdkw3AzD4Y6JPClqk1ze4/o7n1CRJdjpPaMcqa7LHei1r/yzAkhiwp1GGgyYVNmkcy25cwloIHFKpaSNYPUZDI98dwIMb5HtzqBHJth6iaHj1ysb00uEv0LTM/5HQYZaALDmb8IZuBE8zT/18Rp0NJ8cLLlCoAFl3+D2rFi5FiT3NP25t5+aU01/cuG6iIuenwGHX0YjWin7e3EtVaPax0DKh1UUCzjIw9hOT7Fg2MHlH3hey/HLbSeubVvEGYMuqVhazIzcL3ntt7alcGdaExMz9d0ii+QPzoKh+esIzA5jcxppQdiy8NGhgvy2I8Bree7y1wWiCt3Cemln6Tx0qHKcds/sr/5t8eCeb4yA630q7cRv625jxpJVHHW6wPr9awro6EogymfSON+OGwTdOBYMBQo3rwX/R3i/ltuLatDA1xPid+pPeLPFhxM4weBd9wdyNw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <C3329B3071C58F488B3E1C330CD11C9E@namprd17.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: team.neustar
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR17MB3569.namprd17.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9e3c50fb-4d78-4217-94cc-08d8273aebac
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jul 2020 14:42:08.6948 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 73a2bbc1-f307-47c4-8f94-5f379c68bc30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 6SaYo3Rfx1jwZdYFKsBD7ZkstWobmZWyeSczJbduNkR/rPvLWfrn2jwYrLoemaCQ71J8aR1+GgIhJKZiRZ9V4yd3Lwf3sH6C8XPIrIF1nwk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR17MB2936
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-07-13_14:2020-07-13, 2020-07-13 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 clxscore=1011 priorityscore=1501 suspectscore=0 mlxlogscore=999 phishscore=0 bulkscore=0 impostorscore=0 lowpriorityscore=0 adultscore=0 mlxscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2007130109
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/TmaDEky9bE7CSYxN8G1GFRps7bo>
Subject: Re: [stir] Secdir last call review of draft-ietf-stir-passport-divert-07
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2020 14:42:13 -0000

Thanks for these notes Phillip. I added some text to address your second point to the Security Considerations text. As to the first, regarding Alice and Bob, I believe the usage here is consistent with IETF practice, as misguided as that may be, and I don't think amending it would clarify anything.
 
Jon Peterson
Neustar, Inc.

On 11/30/19, 6:06 PM, "Phillip Hallam-Baker via Datatracker" <noreply@ietf.org> wrote:

    Reviewer: Phillip Hallam-Baker
    Review result: Has Issues
    
    Section 1: Introduction
    
    "If Alice calls Bob, for example, Bob might attempt to ..."
    
    Alice, Bob and Carol are people. People do not emit JSON strings, create
    signatures or do any of the things they are described as being engaged in. Only
    the machines the people might possess can do such things. Anthropomorphising
    Turing machines results in language that is hard to follow at best and renders
    any attempt to consider UI issues impossible.
    
    Section 12: Security Considerations
    
    Is this going to create new means of injecting spam? It looks like it might.
    Consider the case in which Sue the spammer sets up a single genuine call
    between X and Y, then creates forwarding associations for 10,000 endpoints
    Z0-9999. Also consider reflection type attacks in which callers responding to
    spam have their numbers harvested for spoof source addresses for further spam.

v2.23.0 | Report a Bug | By Email