[stir] Protocol Action: 'Secure Telephone Identity Credentials: Certificates' to Proposed Standard (draft-ietf-stir-certificates-14.txt)

The IESG <iesg-secretary@ietf.org> Tue, 30 May 2017 21:58 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: stir@ietf.org
Delivered-To: stir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BE3A1129467; Tue, 30 May 2017 14:58:20 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.52.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, rfc-editor@rfc-editor.org, stir@ietf.org, Robert Sparks <rjsparks@nostrum.com>, draft-ietf-stir-certificates@ietf.org, aroach@mozilla.com, stir-chairs@ietf.org, rjsparks@nostrum.com
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <149618150077.19785.10242528706695406413.idtracker@ietfa.amsl.com>
Date: Tue, 30 May 2017 14:58:20 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/YUpnyMbjsR-EV7C4aC1QREVGFJI>
Subject: [stir] Protocol Action: 'Secure Telephone Identity Credentials: Certificates' to Proposed Standard (draft-ietf-stir-certificates-14.txt)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 May 2017 21:58:21 -0000

The IESG has approved the following document:
- 'Secure Telephone Identity Credentials: Certificates'
  (draft-ietf-stir-certificates-14.txt) as Proposed Standard

This document is the product of the Secure Telephone Identity Revisited
Working Group.

The IESG contact persons are Adam Roach, Alexey Melnikov and Ben

A URL of this Internet Draft is:

Technical Summary

 In order to prevent the impersonation of telephone numbers on the
   Internet, some kind of credential system needs to exist that
   cryptographically asserts authority over telephone numbers.  This
   document describes the use of certificates in establishing authority
   over telephone numbers, as a component of a broader architecture for
   managing telephone numbers as identities in protocols like SIP.

Working Group Summary

This document has undergone heavy review. Interoperability testing at the SIPit
in September identified issues leading to the introduction of the JWT Claim
Constraints, shifting where LOA assertions are made.

The document suite has been through three working group last calls, the third
of which was abbreviated to one week. The first last call stimulated
significant discussion, some of which was heated. 

Document Quality
This document is a component of a toolset for combating robocalling. In the
US, the FCC is applying significant pressure to the industry to deter
robocalling (with deadlines in the last part of 2016). An industry-led strike
force is moving towards deployment of a solution that uses that toolset. The
ATIS/SIP Forum IPNNI Task Force's SHAKEN solution relies on the toolset defined
by STIR and profiles it for deployment in the North American market.


The document shepherd is Robert Sparks. The responsible AD is Adam Roach.

RFC Editor Note

This document contains several IANA-registered values in formal ASN.1
definitions. The definitions speculatively assumed values prior to official
assignment, and two of these presumed values have subsequently been assigned.
As a consequence, the final published ASN.1 syntax will need to be modified to
match actually assigned values. The areas to take note of are listed below.

These two definitions, which each appear _twice_ in the document, will need to
be updated to match the assigned entries in
(these are known to need adjustment, as id-pe 25 has been assigned for another

     id-pe-JWTClaimConstraints OBJECT IDENTIFIER ::= { id-pe 25 }

     id-pe-TNAuthList OBJECT IDENTIFIER ::= { id-pe 26 }

This definition, which appears _twice_ in the document, should match the
assigned value in
(as the codepoint 14 remains unallocated, this may not need adjustment)

     id-ad-stirTNList  OBJECT IDENTIFIER ::= { id-ad 14 }

Finally, the (88) in the following definition from Appendix A needs to be
replaced with the actually assigned value from
(the current value of 88 has already been assigned for another purpose, so
this will require adjustment):

     { iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0) id-mod-tn-module(88) }