IETF Logo Mail Archive

[stir] Nature vs. nurture -- semantics vs. encoding (was: Re: current draft charter)

Dave Crocker <dhc@dcrocker.net> Mon, 17 June 2013 17:10 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFAE721F99AC for <stir@ietfa.amsl.com>; Mon, 17 Jun 2013 10:10:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.523
X-Spam-Level:
X-Spam-Status: No, score=-6.523 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4D8kwbEcF9Am for <stir@ietfa.amsl.com>; Mon, 17 Jun 2013 10:10:37 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id 06B0A21F9AE8 for <stir@ietf.org>; Mon, 17 Jun 2013 10:10:37 -0700 (PDT)
Received: from [192.168.1.66] (76-218-9-215.lightspeed.sntcca.sbcglobal.net [76.218.9.215]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id r5HHANxN022935 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 17 Jun 2013 10:10:27 -0700
Message-ID: <51BF42F2.7090507@dcrocker.net>
Date: Mon, 17 Jun 2013 10:10:10 -0700
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6
MIME-Version: 1.0
To: Hadriel Kaplan <hadriel.kaplan@oracle.com>
References: <CDE38BC3.20F76%jon.peterson@neustar.biz> <6BAABF96-8892-4C50-BB30-5F1FC05BDFD8@oracle.com> <F5C27090-FF39-4FBC-BC7E-F2ACFA5A4E6F@cs.columbia.edu> <00C069FD01E0324C9FFCADF539701DB3A03DD0D4@ex2k10mb2.corp.yaanatech.com> <6DE5EBA2-1033-4348-B9CC-2521698941AD@oracle.com>
In-Reply-To: <6DE5EBA2-1033-4348-B9CC-2521698941AD@oracle.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.66]); Mon, 17 Jun 2013 10:10:27 -0700 (PDT)
Cc: "stir@ietf.org" <stir@ietf.org>, Michael Hammer <michael.hammer@yaanatech.com>, "dcrocker@bbiw.net" <dcrocker@bbiw.net>, "jon.peterson@neustar.biz" <jon.peterson@neustar.biz>, "hgs@cs.columbia.edu" <hgs@cs.columbia.edu>
Subject: [stir] Nature vs. nurture -- semantics vs. encoding (was: Re: current draft charter)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jun 2013 17:10:47 -0000

On 6/17/2013 9:58 AM, Hadriel Kaplan wrote:
>
> On Jun 17, 2013, at 12:04 PM, Michael Hammer <michael.hammer@yaanatech.com> wrote:
>
>> First point:  This is about E.164 number delegation and proof of ownership.
>> So, I find much of the discussion that seems to rely on DNS structure or
>> Domain name structuring to be a distraction.
>> How you prove proof of ownership of a domain is a separate, albeit twin
>> problem.
>> But, I think that is out of scope.  I do not believe the answer here is to
>> ask my evil twin if he owns the E.164.
>
>
> There've been a bunch of emails so you've probably missed it, or maybe it wasn't made clear, but the idea behind the DNS proposal is to use reverse-number dotted notation for the E.164.  So an E.164 of '+16035551212' becomes the domain name '2.1.2.1.5.5.5.3.0.6.1.cid.arpa'.

The authorization-checking topic that is driving this list needs to 
distinguish between the basic semantics of what is being done --  who 
are the actors, what are their roles and authorities, what are their 
interactions -- from the low-level mechanics -- such as syntactic 
encoding form -- that are used to permit the 'interesting' stuff.

One thing that seems to be a continuing distraction is "pure" E.164 
number vs. domain name.

As discussed in this venue, to domain name form is a syntactic encoding. 
  On its own, it's no more interesting or terrible than any other 
encoding form.  It makes sense to consider here only to the extent that 
the operational platform using it makes sense.

The significant parts of determining whether a platform makes sense to 
consider are the many aspects of its operational details, ranging from 
beneficial history -- deployed and well-used -- to its administrative 
alignment with what is needed.


> The authority for .cid.arpa is the ITU, and they delegate the country-codes within it to the national number admins for each country (ie, exactly what they do for E.164 numbers).  At that point each nation decides what they want to do, whether to have their whole country-code number tree under one admin authority, or to have it split up.
>
> Oh, and this would all use DNSSEC, which might mean we don't even need to store full certs in this tree, but can just store public keys. (because the DNSSEC info is the same as would be in the certs)

Or possibly not.  DNSSec is still only partially deployed, and the use 
being discussed here is probably a re-purposing of its functionality. 
My own guess is that DNSSec makes sense for providing an important 
enhancement to reassurances about the operational platform, but that 
it's not essential to the core semantics.  But of course, that's just my 
opinion...



d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

v2.23.0 | Report a Bug | By Email