Re: [stir] Stephen Farrell's Discuss on draft-ietf-stir-certificates-11: (with DISCUSS and COMMENT)

Dave Crocker <> Thu, 03 November 2016 20:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CF4BB1297D6; Thu, 3 Nov 2016 13:34:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4j2GGTzeUtkS; Thu, 3 Nov 2016 13:34:46 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400e:c00::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3DB06129801; Thu, 3 Nov 2016 13:34:46 -0700 (PDT)
Received: by with SMTP id d2so37370734pfd.0; Thu, 03 Nov 2016 13:34:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=from:subject:to:references:cc:organization:reply-to:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=51yK+Tq7VPMGingoXBR/JcA5Mtajtb9c1qCx0/MRcfs=; b=0UKr57QBTzYXc9+2gvOn5Z7VH9s0hPAQywVu0hA7FV91G++mfg3SU3uShbReZ2Dbv2 nBGkzGebToJpAj+rA1TnCHu3ZKgbc5Ljew0ZbAtm0Nu0VQO1ztwR5Gn/Iig/MyJVwFHI cGZwVpo85IAYG81W8co5ElIri1oOuJ63Pwc3q6s414djpaAJ/w0tJhYYhUUPWguZIRCA PAou2Wiu46+CO4vRc1TWD5gu+wJ0Hvbc9agU7O+koJzeO7uZQCqSteKhPAOEetLbncJl KA5yB9L7gJ7O0WABm5QBJT/NSe64zBsJGmXpiQfyFyF7sjQI21fKli9W0CfWxERlAcsK Hppw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:from:subject:to:references:cc:organization :reply-to:message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=51yK+Tq7VPMGingoXBR/JcA5Mtajtb9c1qCx0/MRcfs=; b=k2Zx+1cvQ5vCTcM7S0TfI2jdlDlROVmnAiOwDnQB3gYam0eBbeCyKXMqTPbuF11dx/ FQ7BCHPq98oyUjKbuL5iDbhlWYC44sf6XHdMCRWkR/ddeuQ/yoFIf/ikfONaAjnXt+Gj SR7xnxj/QhCJMP9bKboIx95/rdLArp+BAjYIy6f+8vLh8gd8fCL6GHun4cVx5fhlE1x2 5/gXy+MOlnTp0yGjlVtH0HoQdWO+PoGaC1ytAUcPy1DDgTWZaHekSj/8IgkdC8o6m7TU poSzh7G3yyr/MvHp9NkGwp4pRVlbputOgQF4w5Af3awMvLXcNqNbr38zeqvylq2SzjQk WaWg==
X-Gm-Message-State: ABUngvcSca5Lfn3Rong/yI5T5VVtLmALbMKt63Ryq5XfqIC3W72an7m9EiIB71hqg1PHZQ==
X-Received: by with SMTP id p189mr20274837pfb.22.1478205285584; Thu, 03 Nov 2016 13:34:45 -0700 (PDT)
Received: from ?IPv6:2620:10d:c082:101d:b1df:c115:212d:6f0a? ([2620:10d:c090:200::d:5bda]) by with ESMTPSA id 3sm14778568pam.21.2016. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Nov 2016 13:34:44 -0700 (PDT)
From: Dave Crocker <>
X-Google-Original-From: Dave Crocker <>
To: Richard Shockey <>, The IESG <>
References: <>
Organization: Brandenburg InternetWorking
Message-ID: <>
Date: Thu, 03 Nov 2016 13:34:42 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <>
Cc: "" <>, Robert Sparks <>, "" <>, "" <>, Stephen Farrell <>
Subject: Re: [stir] Stephen Farrell's Discuss on draft-ietf-stir-certificates-11: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 03 Nov 2016 20:34:48 -0000

On 11/3/2016 1:08 PM, Richard Shockey wrote:
> The basics of SHAKEN was reported to the FCC by the Industry robocall strikeforce.

Basics.  Yes.  However...

Small point:

      The Shaken activities are by a relatively small, closed group, 
with results that are private, with no public access to the details and 
no ability to contribute.  Were Shaken merely an effort to provide some 
straightforward operational parameters, that might be fine.

      But getting STIR to be an functional service requires rather more 
than just agreeing to some parameters.

      So the public IETF STIR work is inadequate for creating a useful 
service, without the private, details specification work of Shaken.


ps.  From a session at M3AAWG in Paris last week, I was promised that 
the Shaken specs would be made public.  I look forward to that.


   Dave Crocker
   Brandenburg InternetWorking