[stir] Getting PASSPORT Published
Adam Roach <adam@nostrum.com> Thu, 21 February 2019 22:24 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7372131245 for <stir@ietfa.amsl.com>; Thu, 21 Feb 2019 14:24:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.98
X-Spam-Level:
X-Spam-Status: No, score=-1.98 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yUnCMGOMIPOd for <stir@ietfa.amsl.com>; Thu, 21 Feb 2019 14:23:59 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1BBD12D4E7 for <stir@ietf.org>; Thu, 21 Feb 2019 14:23:58 -0800 (PST)
Received: from MacBook-Pro.roach.at (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x1LMNuTD067146 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 21 Feb 2019 16:23:58 -0600 (CST) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1550787838; bh=mTXOekVDZJM52zfwUdBt4YP4tUAKKDSQ19Ahdcug6ic=; h=To:Cc:From:Subject:Date; b=OoReAoB+aoSKrLn12bXdjEvSYxVL6JUc9+QVhhxk6p/8DCiy0a3CXDKjWVXWARydQ JyGbTcHmvDqo6WdUwtshB/XNxn8skQ/z+yywanowK5zz4oc54X4QjrDQ5+jfvhXif2 G/vfbaWqINraZz1Lo4KJW8PM3MDsz8V5XBrEVcb0=
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be MacBook-Pro.roach.at
To: draft-ietf-stir-passport-shaken.all@tools.ietf.org
Cc: "stir@ietf.org" <stir@ietf.org>
From: Adam Roach <adam@nostrum.com>
Message-ID: <17d7e50b-5012-74ec-d1a5-9c8b80d60f4e@nostrum.com>
Date: Thu, 21 Feb 2019 16:23:51 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/VFBgBL86NRxyM9BGmOf_pkVWVk0>
Subject: [stir] Getting PASSPORT Published
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2019 22:24:01 -0000
[as area director] tl;dr: I'd like to propose publishing SHAKEN as Informational instead of Standards Track, and tweaking the Privacy Considerations section. Details below. The draft-ietf-stir-passport-shaken document still has a DISCUSS remaining on it from IESG evaluation: > I would like to discuss the privacy properties of origids. As I read > this text, it does not actually require them to be unlinkable or that > it not be possible to determine whether two ids represent the same > person behind the origid generator, and I believe it should do so. > Practically implementing that may require an ID that is longer than a > UUID. While it's true that this behavior is defined in the ATIS document, publication of an IETF Proposed Standard carries with it the explicit indication that the IETF as a whole (including the IESG during their evaluation) thinks the approach being described is a Good Idea. In this particular case, the fact that the underlying mechanism does not inherently provide unlinkability for the underlying identifiers has been identified as problematic. At the same time, I'll note that the primary reason for this document to exist is to populate two IANA registries. Both of these registries are "Specification Required," which doesn't require the publication of a Standards Track document. An acceptable path to address this situation would be to instead publish draft-ietf-stir-passport-shaken as Informational, and to tighten up the privacy considerations slightly. I believe this could be achieved with a small change to the final sentence of section 10; we would replace: > If the operator of an element is concerned about the > correlation of 'origid' values, the element could be configured to > use a unique 'origid' value per call in such a way that the operator > can associate those 'origid' values to the correct element when doing > lookups in their backend systems. With: > Absent a compelling reason not to do so, operators should configure > their > network elements to use a unique and externally unlinkable 'origid' > value > per call in such a way that the operator can associate those 'origid' > values to the correct element when doing lookups in their backend > systems. Does this sound like a reasonable path forward? /a
- [stir] Getting PASSPORT Published Adam Roach
- Re: [stir] Getting PASSPORT Published Mary Barnes
- Re: [stir] Getting PASSPORT Published Ben Campbell
- Re: [stir] Getting PASSPORT Published Adam Roach
- Re: [stir] Getting PASSPORT Published Mary Barnes
- Re: [stir] Getting PASSPORT Published Mary Barnes
- Re: [stir] Getting PASSPORT Published Peterson, Jon
- Re: [stir] Getting PASSPORT Published Adam Roach
- Re: [stir] Getting PASSPORT Published Chris Wendt