Re: [stir] Call For Adoption of draft-peterson-stir-servprovider-oob

"Peterson, Jon" <jon.peterson@team.neustar> Sun, 27 September 2020 22:31 UTC

Return-Path: <prvs=05391b31a3=jon.peterson@team.neustar>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 148F13A0967 for <stir@ietfa.amsl.com>; Sun, 27 Sep 2020 15:31:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.598
X-Spam-Level:
X-Spam-Status: No, score=-1.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URI_NOVOWEL=0.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=team.neustar header.b=TSQBPXXS; dkim=pass (1024-bit key) header.d=neustar.onmicrosoft.com header.b=cqmZZFsh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QlP5q6UKF1vS for <stir@ietfa.amsl.com>; Sun, 27 Sep 2020 15:31:23 -0700 (PDT)
Received: from mx0b-0018ba01.pphosted.com (mx0b-0018ba01.pphosted.com [67.231.157.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 393433A0838 for <stir@ietf.org>; Sun, 27 Sep 2020 15:31:23 -0700 (PDT)
Received: from pps.filterd (m0078668.ppops.net [127.0.0.1]) by mx0b-0018ba01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 08RMOa5T021611; Sun, 27 Sep 2020 18:31:22 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=team.neustar; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=team-neustar; bh=o62VbrRanilsmnVxPNKz6XnSgtBQig9pM/ZO0i8fA7A=; b=TSQBPXXS2CKaHOvtoNoTc4QsRIu80HoB2be04BjMkimek4kQgdy2I8DUpyoomB+I1k0a mgT/ZoHAOlAEDZSySZtqA34tvsngn5WCwrDh2IWrS6bbKCJOKzmCthk7QoQWmEsb8yBd IgZwjQPRMZclH+nvh4VqbPXS6oT7p96EVeFQ62xiKg94PkMm5mTt+jU4JD7UZCNoV5xZ mDF6gCiIG+X0Qw9Zqetc/tBXIuByQuzbwOlsA+ZzReuv2bpCoZsjzDGwwS5EHt+vS0Qd Fczqsk85bHc7k4f3QlxIGaApVggFiW8bqHMx6ZYXo4sz/XDnRRXharxXk8J/4Qv3EDKj xQ==
Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2171.outbound.protection.outlook.com [104.47.56.171]) by mx0b-0018ba01.pphosted.com with ESMTP id 33t0enu3qg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 27 Sep 2020 18:31:21 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gXciMracddE79wmYqNT07a6BcL4HTVL73kflwDIJrIohqfFW+Us0hnQgtz4w2aU5mWUxvebDgm5/ONTqMDlsSS4tpMAlCNdReEJuWwektsBv+itlIsYfUpPYmE5Dcq3iDrO3I4b0eGmnqWjm8Ulvoi+wU83EwmBvA1Lebyp80FIbah4IYAa/EBekjjj4eYanMskxMuL0ENJ1gbbkHZVRRIsXTuu9b9o+OORONBnUWMzGiEW1TYgJysitE0PYwcWodAyyaqRliNyUcu22iuRs/XWqGVAD0xJv2z82b73acMAOxK3w05bcjcPBndutyqxCFBzOFnrsFy7MrGHBQD13JA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=o62VbrRanilsmnVxPNKz6XnSgtBQig9pM/ZO0i8fA7A=; b=mRsMdU51RcEeP0VLuqCKBspB/aH5qHLSphA0666md7x+qM/QVek8j3RDUQGMT1YXp2WIZgmYCV5E5PJE7AhHBygEozE1w75JKKYe5QlvbyxLizv51tRTBr2cA7LJE5X7OULoMZAcEIOjGO17bAiKOQrRHBNvwJb9MTwQVy8TXLYr97x27m5p/yOkTxyU63PxxGepDAT3EQjCV4CMLtwJkIeHEn0cEMs2HXBPmdzT4Y6NnXX5NlAVA7ISPXrPn3XBWKy8zFKVOtTkUj8y1UEHQ2F15xP2NszPo4BJCktsR2tmWDund+C27HiKKsdoh+S1vJwPiFjWvkz+xxQL3d7q6Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=team.neustar; dmarc=pass action=none header.from=team.neustar; dkim=pass header.d=team.neustar; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neustar.onmicrosoft.com; s=selector1-neustar-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=o62VbrRanilsmnVxPNKz6XnSgtBQig9pM/ZO0i8fA7A=; b=cqmZZFshYUCZwcONpvZSb+O3LLGxplf5q6nNr/Ba7emY+qbvQqzzbQP05M7sA140GRtGEc7ccctQiGIE0ys8ovyT/0rx1hdKOkTcbSzHyReeTUpdqg1r61OWCs7XqV+w54aAYKPmykpOLGGNcLlEfbRTlBKOMaosWPctPLNbNg8=
Received: from BY5PR17MB3569.namprd17.prod.outlook.com (2603:10b6:a03:1b9::20) by BY5PR17MB3223.namprd17.prod.outlook.com (2603:10b6:a03:18c::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.26; Sun, 27 Sep 2020 22:31:20 +0000
Received: from BY5PR17MB3569.namprd17.prod.outlook.com ([fe80::d5bd:a57d:6861:79fd]) by BY5PR17MB3569.namprd17.prod.outlook.com ([fe80::d5bd:a57d:6861:79fd%7]) with mapi id 15.20.3412.029; Sun, 27 Sep 2020 22:31:20 +0000
From: "Peterson, Jon" <jon.peterson@team.neustar>
To: Piotr Gregor <piotr@signalwire.com>, Russ Housley <housley@vigilsec.com>
CC: IETF STIR Mail List <stir@ietf.org>, "ekr@rtfm.com" <ekr@rtfm.com>
Thread-Topic: [stir] Call For Adoption of draft-peterson-stir-servprovider-oob
Thread-Index: AQHWZ1BS53Ijc+F8nU+j1K6Ewd9K3KlGUvkAgADpzICAANxpAIA03q+A
Date: Sun, 27 Sep 2020 22:31:19 +0000
Message-ID: <1BFB6605-8327-418A-B764-01EC75976328@team.neustar>
References: <157429966624.922.6336772483106473689.idtracker@ietfa.amsl.com> <41B1930A-2631-47D3-8693-62363B9C5639@vigilsec.com> <C118221E-19F7-4CA6-A2E6-17249380843D@vigilsec.com> <B0B39AC9-F885-4B4D-8729-423C629F6EDC@vigilsec.com> <CA+LnPOeacavNJxQwGh+AX3YF_RW-ruLUL6DiSxpAx1LQrkjf=w@mail.gmail.com> <CA+LnPOf0OFmEgk3bvyyLFFLyie9BnZGqYSkchucUDr4X2wQSwA@mail.gmail.com>
In-Reply-To: <CA+LnPOf0OFmEgk3bvyyLFFLyie9BnZGqYSkchucUDr4X2wQSwA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.1a.200914
authentication-results: signalwire.com; dkim=none (message not signed) header.d=none;signalwire.com; dmarc=none action=none header.from=team.neustar;
x-originating-ip: [2600:1700:2ec0:8108::5]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9f347a07-6024-4a4b-fcbd-08d863350e90
x-ms-traffictypediagnostic: BY5PR17MB3223:
x-microsoft-antispam-prvs: <BY5PR17MB3223B46730D47032EEC1EBC5E2340@BY5PR17MB3223.namprd17.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: recGTqDkN7xsYb/6PznyhlVFnfDEuX2/aEb4Xe1QVMHI5zHb0dcM/lOZHgC01CNkvZowA8s2pHLbMmlFkLk7yD+i/yC7jeam0Kic1rauDD5ejdY6mWCal1WiQmE1I5RoCc0jyyEJGmBknkrEirWtH5lykrWVkL/eYAHNDYZbMjq4MPkCnYKP7e+HkMXutZNIN+uHpJ8vyrKmexROJj3+ccaBP9tTAESFY1Hq7b8eSU1RIkamsClKUdXz50GqfeaUkipWiLID24OySUEmpX+S1+vn/1dvfV6pIJQc9Gj6j6h4bm2o7rp5OZZuI/c4qXIT8SQjms5rDaK89kzlJ8kUGDA0tvR1ai03i7SzBenG3ptADc39COUQigbVq/riMALqSX0DA6+0tKc7WW3/DXvQ+YaTZksUF7HUSDiIag9CMD50TMTX2VbGwrrV4UrF8/VpvxPDwhw0r3R7ZfRzHe4SkiPIdfEOJc7LBcwoDuOU6LVGNFPCgyqOamptXsq3c+jH
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR17MB3569.namprd17.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(136003)(366004)(346002)(376002)(39860400002)(66574015)(4326008)(2906002)(6512007)(66476007)(66556008)(64756008)(66446008)(76116006)(66946007)(86362001)(478600001)(83380400001)(186003)(71200400001)(8676002)(33656002)(2616005)(166002)(53546011)(6486002)(8936002)(6506007)(316002)(5660300002)(110136005)(54906003)(46492007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: 2P/y0W6CikBaq2oSr35rbZfPHvHdy3P0Xc2W7l8QkZYr4ubWr+XyE9V6cUE8S4+Jhx4U2g2XQFZTUhJxN+x2MKSk8lvnaNS0rJwMAVCxUaSbAzLFmbjqzoIX5UL1aDp2rIjUTLDruMA6qMLqzrSS+Hra/hMacYGDcU+nBIzz2/cI2gaIMQog7PLL9ppKV/hgqy846SvOtgaJZ5HqTOqMbBR8R0Rq2F6GgWXTeSP+yeDNZ3rJj/GtQr4DsghePXPLMAtJbb0ZMpe8xU8bafvXXvbXAEIlzWILJIaaNLjhbmhhWulN0c2/EJ/uYnCUDa39qOvtnMAFaYYpY3rHqxM1S3sM+vdWarCDwlkUJzfXXk1Hf8uAwufTtx5v3ruuEjSMd3H1NAl2Bz9CXNKyQ5rlexrmMSluJ9NU1WDtXstPH5O8rMco8OnioyN9vrydiDL1F6CDL84FK0Ty27XungaMfIbv2BRUaiYMaKFzMf6pEWEaToRCEcVhSwTWvY15wIkD8/dIEiC+fWci0i6IncV99Wpjo3ancUfOEQd3XhYxfz5ryCkgbhdbButQQTtg2TcptQlGG0aIWYyZMnFarJirrBsRcGtQRuZyF0hGUWLgBXG+8QPsb6FP68nwxbYbXn5mC7CsCBMiZyucn/AUDyicXvg+fszsPgkmCNJNbYT3nMc=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_1BFB66058327418AB76401EC75976328teamneustar_"
MIME-Version: 1.0
X-OriginatorOrg: team.neustar
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR17MB3569.namprd17.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9f347a07-6024-4a4b-fcbd-08d863350e90
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2020 22:31:19.9795 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 73a2bbc1-f307-47c4-8f94-5f379c68bc30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7sP7HYor1e23xvw8TPeN9aoDrYnBqaU7mR61FrYCpVtrQPAsU8isYCIYxB+BhZ/buLes2uPUJ4dBTvKZnyUGNCXHqjoRGAllJf6ST2ZS07g=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR17MB3223
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-09-27_18:2020-09-24, 2020-09-27 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 clxscore=1011 malwarescore=0 spamscore=0 priorityscore=1501 suspectscore=0 bulkscore=0 lowpriorityscore=0 adultscore=0 mlxlogscore=999 phishscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2009270214
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/arIDJQVeaKX74r4Za9m5yGfuaQw>
Subject: Re: [stir] Call For Adoption of draft-peterson-stir-servprovider-oob
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Sep 2020 22:31:25 -0000

Thanks for the heads-up, and yes, this has been repaired in the AUTH 48 process for stir-oob.

Jon Peterson
Neustar, Inc.

From: Piotr Gregor <piotr@signalwire.com>
Date: Monday, August 24, 2020 at 5:09 PM
To: Russ Housley <housley@vigilsec.com>
Cc: IETF STIR Mail List <stir@ietf.org>, "Peterson, Jon" <jon.peterson@team.neustar>, Eric Rescorla <ekr@rtfm.com>
Subject: Re: [stir] Call For Adoption of draft-peterson-stir-servprovider-oob

I believe there is an error in draft-ietf-stir-oob-07, here in section 9 it is said that call originates for destination 2.222.555.2222
but then 2.222.222.2222 appears in places I highlighted:

9<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-ietf-stir-oob-07*section-9__;Iw!!N14HnBHF!qGWhl_lldmfxuAhX9SKZInSk2i34niQESzkNmAFSMCHw3jkCsoxihluS9UpnvdTjMWlRsw$>.  Example HTTPS Interface to the CPS



(...)

   Assume that an authentication service has created the following

   PASSporT for a call to the telephone number 2.222.555.2222

(...)

   Through some discovery mechanism (see Section 10<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-ietf-stir-oob-07*section-10__;Iw!!N14HnBHF!qGWhl_lldmfxuAhX9SKZInSk2i34niQESzkNmAFSMCHw3jkCsoxihluS9UpnvdQ2wNRsUA$>), the authentication

   service discovers the network location of a web service that acts as

   the CPS for 2.222.555.2222.

(...)

   Having concluded the numbered steps in Section 8.1<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-ietf-stir-oob-07*section-8.1__;Iw!!N14HnBHF!qGWhl_lldmfxuAhX9SKZInSk2i34niQESzkNmAFSMCHw3jkCsoxihluS9UpnvdSkY1ufcw$>, including

   acquiring any token (per Section 6.1<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-ietf-stir-oob-07*section-6.1__;Iw!!N14HnBHF!qGWhl_lldmfxuAhX9SKZInSk2i34niQESzkNmAFSMCHw3jkCsoxihluS9UpnvdTPr31zLw$>) needed to store the PASSporT at

   the CPS, the authentication service then stores the encrypted

   PASSporT:







Rescorla & Peterson    Expires September 10, 2020              [Page 20]

________________________________

 <https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-ietf-stir-oob-07*page-21__;Iw!!N14HnBHF!qGWhl_lldmfxuAhX9SKZInSk2i34niQESzkNmAFSMCHw3jkCsoxihluS9UpnvdR0UBsvaQ$>

Internet-Draft              STIR Out-of-Band                  March 2020





      POST /cps/2.222.555.2222/ppts HTTP/1.1

      Host: cps.example.com<https://urldefense.com/v3/__http:/cps.example.com__;!!N14HnBHF!qGWhl_lldmfxuAhX9SKZInSk2i34niQESzkNmAFSMCHw3jkCsoxihluS9UpnvdTqcnHCLg$>

(...)



   The web service assigns a new location for this encrypted PASSporT in

   the collection, returning a 201 OK with the location of

   /cps/2.222.222.2222/ppts/ppt1.

^^^^^^^^^^^^^^^^^^^^^^

->>>>>>>>>>>>> should be /cps/2.222.555.2222/ppts/ppt1





Now the authentication service can

   place the call, which may be signaled by various protocols.  Once the

   call arrives at the terminating side, a verification service contacts

   its CPS to ask for the set of incoming calls for its telephone number

   (2.222.222.2222).

^^^^^^^^^^^^^^^^^^^^^^^^^^^

->>>>>>>>>>>>> should be 2.222.555.2222





      GET /cps/2.222.555.2222/ppts

      Host: cps.example.com<https://urldefense.com/v3/__http:/cps.example.com__;!!N14HnBHF!qGWhl_lldmfxuAhX9SKZInSk2i34niQESzkNmAFSMCHw3jkCsoxihluS9UpnvdTqcnHCLg$>



   This returns to the verification service a list of the PASSporTs

   currently in the collection, which currently consists of only

   /cps/2.222.222.2222/ppts/ppt1.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

->>>>>>>>>>>>> should be /cps/2.222.555.2222/ppts/ppt1



  The verification service then sends a

   new GET for /cps/2.222.555.2222/ppts/ppt1/ which yields:

(...)



cheers,

Piotr

  |  Ask me about SignalWire Work<https://urldefense.com/v3/__https:/signalwire.com/products/work__;!!N14HnBHF!qGWhl_lldmfxuAhX9SKZInSk2i34niQESzkNmAFSMCHw3jkCsoxihluS9UpnvdRgBc1c8Q$>, our new digital office alternative.