[stir] STIR update
"Peterson, Jon" <jon.peterson@neustar.biz> Thu, 24 March 2016 17:15 UTC
Return-Path: <jon.peterson@neustar.biz>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBBB312D69C for <stir@ietfa.amsl.com>; Thu, 24 Mar 2016 10:15:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.6
X-Spam-Level:
X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8gA3RFOvWoYJ for <stir@ietfa.amsl.com>; Thu, 24 Mar 2016 10:15:40 -0700 (PDT)
Received: from mx0b-0018ba01.pphosted.com (mx0b-0018ba01.pphosted.com [67.231.157.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4458E12D1D8 for <stir@ietf.org>; Thu, 24 Mar 2016 10:15:40 -0700 (PDT)
Received: from pps.filterd (m0049401.ppops.net [127.0.0.1]) by m0049401.ppops.net-0018ba01. (8.16.0.11/8.16.0.11) with SMTP id u2OHDN2T006326 for <stir@ietf.org>; Thu, 24 Mar 2016 13:15:35 -0400
Received: from stntexhc10.cis.neustar.com ([156.154.17.216]) by m0049401.ppops.net-0018ba01. with ESMTP id 21vjy0gn8j-7 (version=TLSv1 cipher=AES128-SHA bits=128 verify=NOT) for <stir@ietf.org>; Thu, 24 Mar 2016 13:15:35 -0400
Received: from STNTEXMB10.cis.neustar.com ([169.254.5.230]) by stntexhc10.cis.neustar.com ([169.254.4.143]) with mapi id 14.03.0279.002; Thu, 24 Mar 2016 13:15:31 -0400
From: "Peterson, Jon" <jon.peterson@neustar.biz>
To: "stir@ietf.org" <stir@ietf.org>
Thread-Topic: STIR update
Thread-Index: AQHRhfDFE/m+CHVjFkWEf09fp8QOYA==
Date: Thu, 24 Mar 2016 17:15:31 +0000
Message-ID: <D3196EC1.183BC1%jon.peterson@neustar.biz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.7.151005
x-originating-ip: [192.168.128.33]
Content-Type: multipart/alternative; boundary="_000_D3196EC1183BC1jonpetersonneustarbiz_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-03-24_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1601100000 definitions=main-1603240264
Archived-At: <http://mailarchive.ietf.org/arch/msg/stir/d_ZdJ8AcAEH3-ufPWfT4KwqnSr4>
Subject: [stir] STIR update
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 17:15:42 -0000
In advance of the Buenos Aires meeting, Chris and I have updated the core STIR specifications. rfc4474bis and stir-passport are now in closer alignment, though I'm sure there are still a few remaining places where synchronization is needed. We tried to make the extensibility model much clearer: what used to be "spec" or "type" is now "ppt", and front-line extensibility is largely based on using the "ppt" attribute to signal that you've gone beyond the "bare minimum." Also, do note that the new rfc4474bis introduced a small fix in order to handle networks that alter the Date header in transit (if you do that, your network is bad and you should feel bad, btw). But there shouldn't be any shocking changes in here, this is pretty much just continuing the alignment process that the last revisions started. Sean and I also issued a new version of stir-certs. I think this version does a better job of explaining the various ways to use certs with STIR, and explicitly leaves open doors that people seem to want to use. Finally, to demonstrate how we think the extensibility model is supposed to work, Chris and I wrote a draft that extends STIR with a "cna" parameter that can secure the display name of a caller. That spec is draft-peterson-stir-cnam. Securing display name is specifically out of scope of the STIR working group, a provision we created when there was an active "cnit" effort underway, but we're not necessarily seeking a charter update at this point - we just want to make sure that we at least understand how extensibility is supposed to work, and this example seemed like the lowest-hanging fruit. Happy to talk about this here on the list, or in Buenos Aires. Jon Peterson Neustar, Inc.
- [stir] STIR update Peterson, Jon