Re: [stir] error handling 03
Paul Kyzivat <pkyzivat@alum.mit.edu> Fri, 05 August 2022 16:57 UTC
Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F03F7C14F72D for <stir@ietfa.amsl.com>; Fri, 5 Aug 2022 09:57:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.008
X-Spam-Level:
X-Spam-Status: No, score=-2.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alum.mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eAQqsN8INelf for <stir@ietfa.amsl.com>; Fri, 5 Aug 2022 09:57:19 -0700 (PDT)
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2086.outbound.protection.outlook.com [40.107.93.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41523C15A73A for <stir@ietf.org>; Fri, 5 Aug 2022 09:57:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PAdp5uqLhyrsW77cL7edOb0yvaLWODx/BNluFf0M+Cl+tMxcoKvKPIyPFb3L1b+HTGFITibh2sfMA7JfuXekwEtBA+iv6MtQg3hQiDp3rxVBRQ4j6javfynwoGvSeyIhKSnuc6C40U1w9F+9iraldWIn37CDo4b2Z0izqhOteH1dDK6KIGLBM6U0JtZ0w4Ku5G/m2adX5+EUq/l9drd8I56rPKGsFg4Md57Xbhv7fdai1Wv9PyaWc/epeEwpcWF4MexIKTq5tU06TNey4QYjDlmDTjuGULEkGv8SA/XYUqF5mJcrRRamaV+yrTld2Y5rpNAYQPtRICTAIEdCraTiqw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=m3YY+xe9spfkQzS+JriToyAXDBIzW9BqCOPZLS/3w40=; b=BZPeCWOX23UH0g7OtPLWlKh7lc3nfGj8gN6DmlvJvh7em0iEtHowclXp+txHkCPRza/RcwVZlPIi9U6n3HtNaXOyiCcvG21N49/F1DRsxZB45yCIS+CTImMckjkqqHukG0IXrz5namuZ332rm5MK2tKhn+gc5dsV4lTplCgd1/b7exR6u5/qdx1m5f0xBHCiQreSvKaq9gDHkxdOhiccVYBdReYRzLXI012sTLdVM+rGMwgyOEDswE8+MJlYw/xcZb2TSw/lWyrXBYwdw2rmo+LE7pKovzJEF8i74OQ0wETE+mQkkQDvm4Xt3L2d1WXS5kfHQZdbLXDUbFACCfETbw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 18.7.68.33) smtp.rcpttodomain=ietf.org smtp.mailfrom=alum.mit.edu; dmarc=pass (p=none sp=none pct=100) action=none header.from=alum.mit.edu; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alum.mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=m3YY+xe9spfkQzS+JriToyAXDBIzW9BqCOPZLS/3w40=; b=VvnXNtwLjyDdDdIxXQaInC/fA3e+ao8WMKeDnMcmGtdoszZ4tG22v6XJsnccmdF4/4yNwLnp+xEFUnGI3ajdhhjpUDH9TK5bgHdDIgkmDax90WhmkSzAansgREpzmzETsTKG7ALGKkCA5io/RtmBGaQOXZLxYHR9F14XojstPao=
Received: from DM6PR02CA0135.namprd02.prod.outlook.com (2603:10b6:5:1b4::37) by PH7PR12MB5782.namprd12.prod.outlook.com (2603:10b6:510:1d1::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.14; Fri, 5 Aug 2022 16:57:14 +0000
Received: from DM3NAM02FT037.eop-nam02.prod.protection.outlook.com (2603:10b6:5:1b4:cafe::4f) by DM6PR02CA0135.outlook.office365.com (2603:10b6:5:1b4::37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5482.15 via Frontend Transport; Fri, 5 Aug 2022 16:57:14 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 18.7.68.33) smtp.mailfrom=alum.mit.edu; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=alum.mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of alum.mit.edu designates 18.7.68.33 as permitted sender) receiver=protection.outlook.com; client-ip=18.7.68.33; helo=outgoing-alum.mit.edu; pr=C
Received: from outgoing-alum.mit.edu (18.7.68.33) by DM3NAM02FT037.mail.protection.outlook.com (10.13.4.166) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.14 via Frontend Transport; Fri, 5 Aug 2022 16:57:14 +0000
Received: from [192.168.1.52] (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id 275GvCAx024087 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT) for <stir@ietf.org>; Fri, 5 Aug 2022 12:57:13 -0400
Message-ID: <5c1fcba3-5081-0e83-f3f7-631897bbfe3d@alum.mit.edu>
Date: Fri, 05 Aug 2022 12:57:12 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.12.0
Content-Language: en-US
To: stir@ietf.org
References: <7916A2BD-EB30-45A5-B6DD-9AD0FE4DA762@chriswendt.net>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
In-Reply-To: <7916A2BD-EB30-45A5-B6DD-9AD0FE4DA762@chriswendt.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 1b928b5d-3d12-4b55-fcf5-08da77038bff
X-MS-TrafficTypeDiagnostic: PH7PR12MB5782:EE_
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 2fhSqhyemyOmz5sM2TM7kkkVwfRQ3yC7qL5TGyUxej9vOVdahlirz8GXcEd+xsbju/xS4usBvrQDlubSkhfGpfQdiK6HdNr+AIgHxcRo90lJEI8CXTd8jLKHONqiO8KUq8zdDDCcbWDE3madgtXjcOWx4Fuqa1b3flfxWHPgS/EEIDyD9ccKHi15laFa+PEyMWZBbEL/VZe/kPK+SyB4AFzqJkh5owiGanVQ2XFQBjCa/7tSBqBfbQ/r5hxUgrUXxPUpIQrgkGzydOxDa3w0E9wLwKlJYsej2bX5Ytv3y1//3+MICd7K7VizvgA+LW8JcKvuZVG3I8zwXO8Nigy1sUc5o0t/u975uisHQBgIyd3jiIIPWU/mtlvYJEk1Sh/s4fGKPaNfJblDXgmSi7ynq+M5YuCgDXzBkR0txoRLWpFwbEIOBIJb39MviM9deIEO8g2EaDK4RjrP9TOU/HBmRLr6zc+h44BUgETK7H13VDWvWnVFnep+Xv4IrAkI8xHxwA85K8J4dfIBVpoKW6QbMxxtkWvrbw1O+Xoaa1+z5tKMphy+vH1iFa4s283RPSoCjsuZzoJaQd2/+AWd1vDuCQ/wA3/Ugi0tCT6GJFHH4c5cECgEJ+tbXHcISElyGnOL+JMg6a84YcDKix2oSZt2zCWXlrJXLKTutqdKGaI81iTDGMwmE92RUL723D1CfPOG4hzrcv+E00Olt/vTQTXitASzPQUkGwUWUy/EKGxH8/Gd6j0qwij9V1dMOEpOANtbtLwIpo+mTEJbX4s91hpkCIenWobprT7Ipag8ZTkJ0Yx73Sg4m5kSsqAFn/6asVtG+/xdP+07xzaS09aCyQN/0g==
X-Forefront-Antispam-Report: CIP:18.7.68.33; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:outgoing-alum.mit.edu; PTR:outgoing-alum.mit.edu; CAT:NONE; SFS:(13230016)(396003)(39860400002)(376002)(136003)(346002)(36840700001)(46966006)(2616005)(82310400005)(956004)(186003)(41300700001)(31686004)(75432002)(966005)(41320700001)(2906002)(40480700001)(5660300002)(478600001)(36860700001)(8676002)(70586007)(70206006)(31696002)(86362001)(8936002)(356005)(316002)(47076005)(786003)(53546011)(83380400001)(336012)(26005)(82740400003)(6916009)(7596003)(43740500002); DIR:OUT; SFP:1101;
X-OriginatorOrg: alum.mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Aug 2022 16:57:14.1888 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 1b928b5d-3d12-4b55-fcf5-08da77038bff
X-MS-Exchange-CrossTenant-Id: 3326b102-c043-408b-a990-b89e477d582f
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3326b102-c043-408b-a990-b89e477d582f; Ip=[18.7.68.33]; Helo=[outgoing-alum.mit.edu]
X-MS-Exchange-CrossTenant-AuthSource: DM3NAM02FT037.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB5782
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/eb3gSjczTyZdirWV1uHp_FS1S78>
Subject: Re: [stir] error handling 03
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2022 16:57:22 -0000
Chris,
This text pretty much clears up my concerns.
But I think it would also be helpful to change the "Protocol Cause"
field in the registry from "Status code" to something different than for
SIP and more specific to STIR. E.g. "STIR Error Code".
Also, where do you plan on inserting that paragraph? I'm guessing you
intend it after the first paragraph of section 5, before the example.
Thanks,
Paul
On 8/5/22 11:42 AM, Chris Wendt wrote:
> Hi All,
>
> As a follow up from the 114 stir meeting discussion, we went through
> both Christer’s question and Paul’s questions. My action item from the
> meeting was to clarify two of Paul’s comments, specifically:
>
>>>>>
> Also, I think this draft should be more explicit in stating that the new
> STIR protocol it defines permits multiple uses, and perhaps constraints
> on how. (E.g., in what ways the multiple uses must differ, or how to
> resolve ambiguities among them. I *think* the response codes defined in
> RFC 8224 are mutually exclusive for a single passport, so perhaps
> constrain to a single cause per ppi.)
> <<<<
>
> >>>>
> The Protocol Cause for the STIR Protocol Value is specified as "Status
> code". This is the same as is defined for the SIP protocol. The values
> used for STIR as a subset of the SIP Protocol Causes. It isn't clear
> what values are valid for use here. I guess you intend the values
> specified in section 6.2.2 of RFC 8224. But defining that way isn't
> future proof. What if a subsequent extension/update to RFC 8224 defines
> some additional codes?
> <<<<
>
> Based on discussion in the meeting, I plan to cover both of these
> comments with the following:
>
> As implied and defined in {{RFC8224}}, error codes associated with STIR
> targeted at authentication services that produced a specific identity
> header represent a single error occurring with the verification and
> processing of that identity header. Therefore the association of a "ppi"
> parameter with a Reason header using "STIR" protocol MUST only identify
> a single cause code in the context of a call dialog defined in
> {{RFC8224}} or in future documents defining STIR related errors.
>
> Would like to get some initial feedback on that, I plan to create an -03
> version early next week depending on comments.
>
> Thanks!
>
> -Chris
>
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir
- [stir] error handling 03 Chris Wendt
- Re: [stir] error handling 03 Paul Kyzivat
- Re: [stir] error handling 03 Chris Wendt