Re: [stir] New Version Notification for draft-ietf-stir-identity-header-errors-handling-01.txt
Chris Wendt <chris-ietf@chriswendt.net> Tue, 03 May 2022 15:54 UTC
Return-Path: <chris-ietf@chriswendt.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63CF3C159A2A for <stir@ietfa.amsl.com>; Tue, 3 May 2022 08:54:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=chriswendt-net.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RL1DsEZH8J5d for <stir@ietfa.amsl.com>; Tue, 3 May 2022 08:54:43 -0700 (PDT)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97354C159A28 for <stir@ietf.org>; Tue, 3 May 2022 08:54:43 -0700 (PDT)
Received: by mail-qt1-x832.google.com with SMTP id x9so13737440qts.6 for <stir@ietf.org>; Tue, 03 May 2022 08:54:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chriswendt-net.20210112.gappssmtp.com; s=20210112; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=JwL1cOZC1dqmt49x79mt7/lPKBazxD1ruTxB3B4rvmY=; b=AKsf7GoMJyhSL4qPnpG61YaR+I0XAQfizL/UI9aiKQ0Z/mk0CWuYWcAGKNGKFbbLvc 1604oLEACpPqyUsu+xtI96JqvgMOAgsVbGYw3dRE0XSta0ZRXFaem6gW+daKz0PG7fD5 XPXJ2t+3aazKcOYl9yDfC/l+wjtcNO82kxVLGk1L0HM49u6nxTP4WhCGQmrfrrbO+cFB 60dMvTNoV29+61y5NAKSOJb/e3573K1nfL/iKm54GPuytF3njG6zlLRQNCycmmbzhlgD eLTSzK8kI7NfVvDrrfwMMth3bpmc89/A4M7ooK2lIB4Dgxkwu/y4k92EEsf9uavSCFjz 3sww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=JwL1cOZC1dqmt49x79mt7/lPKBazxD1ruTxB3B4rvmY=; b=NwQYzub3e1RhjMCilmLgIANf+XZRimKctYVtDd61f7HYuAmRxUim/cJqLWodIKoQ5A jcuM60H1yqY6MVYqw2lKdX856JUDQ+mzNxLNrY7h5AZZDsO7CbYu3vcjHNc1MgxGaFl6 jSDQRrGsZBlw/ZZ2H8L9or4IQTW7do3W2PqZG+oCfNO5uYEINj8QhUa2Eq5jRDS/3ErV Qx41q/ZtX2V73jgC4XlWbuHy96uFj8BWBYeqxgTJTeDVGmeon7pjs6soSBU9I4kEXKlU 1IHvmG7q+Nxt//RSP9VQC0+zSkc/juZg1OB5HFrW0/LxE/yI31P8ayG3+A9Srlxh9Z7v yVsw==
X-Gm-Message-State: AOAM5300oscDftjQd60ZPeMQ5mavjsdtmpnX7s0vS14NOLgrUoxxOmh5 zHhmsBT4p13md7ZkgHJpcieT4S87KyGIEuBL
X-Google-Smtp-Source: ABdhPJxwrSc03Uxsgp7R1xSnS20j0vk6eou87KiphsPQhvF4B4YmwTqfDJnQNfMDH6Yu2Ymxbm3XLg==
X-Received: by 2002:a05:622a:1792:b0:2f3:7c47:6144 with SMTP id s18-20020a05622a179200b002f37c476144mr15625577qtk.89.1651593281757; Tue, 03 May 2022 08:54:41 -0700 (PDT)
Received: from smtpclient.apple ([2601:41:c400:1ad:cc21:ea30:6ed6:72fd]) by smtp.gmail.com with ESMTPSA id b3-20020ac86783000000b002f39b99f6a9sm5761813qtp.67.2022.05.03.08.54.40 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 03 May 2022 08:54:40 -0700 (PDT)
From: Chris Wendt <chris-ietf@chriswendt.net>
Message-Id: <5E2EA537-C428-436C-A315-57D8886CCC72@chriswendt.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_103CAFD8-D9D2-4A2E-8B8B-688028AD83EB"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
Date: Tue, 03 May 2022 11:54:39 -0400
In-Reply-To: <BYAPR02MB416868DED353322DA7BD0AFAD2C19@BYAPR02MB4168.namprd02.prod.outlook.com>
Cc: IETF STIR Mail List <stir@ietf.org>
To: "Gorman, Pierce" <Pierce.Gorman@t-mobile.com>
References: <165041277163.9896.18365696695871976226@ietfa.amsl.com> <DAD8D7FB-1A01-4923-8817-28C84CCE6AA9@chriswendt.net> <BYAPR02MB416868DED353322DA7BD0AFAD2C19@BYAPR02MB4168.namprd02.prod.outlook.com>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/jJBdL1wSD0Q5vp7vv3XWeOW9L84>
Subject: Re: [stir] New Version Notification for draft-ietf-stir-identity-header-errors-handling-01.txt
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2022 15:54:47 -0000
> On May 2, 2022, at 11:24 AM, Gorman, Pierce <Pierce.Gorman@t-mobile.com> wrote: > > Few things. First there is a redundant "enable enable" in the abstract paragraph. Thanks > > Second, are we currently using compact form for STIR/SHAKEN? I can never remember. I'm thinking we use non-compact form. I worry about introducing more than one way to format things because it invariably introduces parsing errors. I know that's not considered a reason for not developing and occasionally requiring multiple formats in a protocol, but it is a reason to not like it. We usually use full form, but i think this is sufficiently separate from other things that it should be fine. It’s really a matter of taking the signature part of the JWT, which is pretty simple text parsing. (after the last period essentially) > > Finally, and probably more importantly, I imagine fault and performance processing regularly uses orig/dest and perhaps especially so if the errors are being captured and analyzed by an autodialer system. So, i think we are just using signature as identifier, not to necessarily carry information, that is the proposal. > > Pierce > > -----Original Message----- > From: stir <stir-bounces@ietf.org <mailto:stir-bounces@ietf.org>> On Behalf Of Chris Wendt > Sent: Monday, May 2, 2022 9:15 AM > To: IETF STIR Mail List <stir@ietf.org <mailto:stir@ietf.org>> > Subject: Re: [stir] New Version Notification for draft-ietf-stir-identity-header-errors-handling-01.txt > > [External] > > > Hi All, > > Based on some of the recent comments in the meeting and on the list, I'm thinking that perhaps it might be best to only use compact form (i.e. just signature) as key for identifying the PASSporT associated with the right error. I thought maybe there was some value to send back the orig/dest or origID parts of PASSporT as well as keys, but maybe i'm thinking that's not as valuable versus keeping the security properties simple. > Would anyone have any heartburn if I made that change? I suspect not, but thought i would send a note to confirm. > > Thanks! > > -Chris > >> On Apr 19, 2022, at 7:59 PM, internet-drafts@ietf.org wrote: >> >> >> A new version of I-D, >> draft-ietf-stir-identity-header-errors-handling-01.txt >> has been successfully submitted by Chris Wendt and posted to the IETF >> repository. >> >> Name: draft-ietf-stir-identity-header-errors-handling >> Revision: 01 >> Title: Identity Header Error Handling >> Document date: 2022-04-19 >> Group: stir >> Pages: 7 >> URL: https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-stir-identity-header-errors-handling-01.txt&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=PB1PafUgk2YgaiVt3blLwOZNmRqKBTJi8kj7EKBNOb8%3D&reserved=0 <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-stir-identity-header-errors-handling-01.txt&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=PB1PafUgk2YgaiVt3blLwOZNmRqKBTJi8kj7EKBNOb8%3D&reserved=0> >> Status: https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-stir-identity-header-errors-handling%2F&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=nWPrQqhZibaite8HbMABi5T62ZS6zkWUNDz%2BqKQEDdI%3D&reserved=0 <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-stir-identity-header-errors-handling%2F&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=nWPrQqhZibaite8HbMABi5T62ZS6zkWUNDz%2BqKQEDdI%3D&reserved=0> >> Htmlized: https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-stir-identity-header-errors-handling&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=FuwVQdfoWJRkq9%2BreVYojR50NG78PZbABQ6cfF40NlQ%3D&reserved=0 <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-stir-identity-header-errors-handling&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=FuwVQdfoWJRkq9%2BreVYojR50NG78PZbABQ6cfF40NlQ%3D&reserved=0> >> Diff: https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-stir-identity-header-errors-handling-01&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=73LVIjO5YDoEJgNHeb5QoRVyVGU9U7G6uoQ3As6xa3k%3D&reserved=0 <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-stir-identity-header-errors-handling-01&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=73LVIjO5YDoEJgNHeb5QoRVyVGU9U7G6uoQ3As6xa3k%3D&reserved=0> >> >> Abstract: >> This document extends STIR and the Authenticated Identity Management >> in the Session Initiation Protocol (SIP) error handling procedures to >> include the mapping of verification failure reasons to STIR defined >> 4xx codes so the failure reason of an Identity header field can be >> conveyed to the upstream authentication service when local policy >> dictates that the call should continue in the presence of a >> verification failure. This document also defines procedures that >> enable enable a failure reason to be mapped to a specific Identity >> header for scenarios that use multiple Identity header fields where >> some may have errors and others may not and the handling of those >> situations is defined. >> >> >> >> >> The IETF Secretariat >> >> > > _______________________________________________ > stir mailing list > stir@ietf.org <mailto:stir@ietf.org> > https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fstir&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=70Qx1Cqb4wmnEwwozA1agPcIcKxNlGIwsR0I7WWihQo%3D&reserved=0 <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fstir&data=05%7C01%7Cpierce.gorman%40t-mobile.com%7Cb80319c8faf9448d32d708da2c462c60%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637870977169154119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=70Qx1Cqb4wmnEwwozA1agPcIcKxNlGIwsR0I7WWihQo%3D&reserved=0>
- Re: [stir] New Version Notification for draft-iet… Chris Wendt
- Re: [stir] New Version Notification for draft-iet… Gorman, Pierce
- Re: [stir] New Version Notification for draft-iet… Christer Holmberg
- Re: [stir] New Version Notification for draft-iet… Chris Wendt
- Re: [stir] New Version Notification for draft-iet… Chris Wendt
- Re: [stir] New Version Notification for draft-iet… Christer Holmberg
- Re: [stir] New Version Notification for draft-iet… Chris Wendt
- Re: [stir] New Version Notification for draft-iet… Christer Holmberg