IETF Logo Mail Archive

Re: [stir] Review of: draft-ietf-stir-passport-05

Dave Crocker <dhc@dcrocker.net> Fri, 29 July 2016 16:24 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA19112B00B for <stir@ietfa.amsl.com>; Fri, 29 Jul 2016 09:24:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.107
X-Spam-Level:
X-Spam-Status: No, score=-1.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MIHfb5srj5bm for <stir@ietfa.amsl.com>; Fri, 29 Jul 2016 09:24:45 -0700 (PDT)
Received: from simon.songbird.com (unknown [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95EA712D7F1 for <stir@ietf.org>; Fri, 29 Jul 2016 09:24:45 -0700 (PDT)
Received: from [192.168.1.168] (76-218-8-128.lightspeed.sntcca.sbcglobal.net [76.218.8.128]) (authenticated bits=0) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id u6TGPTTZ018215 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT); Fri, 29 Jul 2016 09:25:29 -0700
To: Richard Shockey <richard@shockey.us>, Eric Burger <eburger@standardstrack.com>
References: <07e0eb16-6758-cdf1-c571-1f1ed768e741@dcrocker.net> <F382AB89-E012-4CCC-B61B-0EC8A2FDF491@standardstrack.com> <4C7B58CB-3859-4ED3-97BF-F9E3EF880523@shockey.us>
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
Message-ID: <034f0754-7c81-3ceb-5627-7f7af76efe29@dcrocker.net>
Date: Fri, 29 Jul 2016 09:24:38 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <4C7B58CB-3859-4ED3-97BF-F9E3EF880523@shockey.us>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/lD6HqMKqJULPIt7Y1QAnH2Wl0yo>
Cc: "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] Review of: draft-ietf-stir-passport-05
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jul 2016 16:24:47 -0000

Richard, et al,

On 7/29/2016 8:17 AM, Richard Shockey wrote:
> In general, I agree with Eric’s general characterization of the
> current status of STIR etc.   As to the points Eric makes first yes
> there are use cases for STIR passport that frankly some of us do not
> want to go into extensive detail on. Some of those are ones directly
> related to public safety issues and the validated identity of the
> calling party. I do NOT believe we need text on those issues. Silence
> is often golden.

This being a technical forum, the point I made was about the risk of 
design generalities that are made without demonstrated utility.  An 
argument that says "behind this curtain there are the needed 
demonstrations, but the unwashed won't be allowed to see them" precludes 
meaningful technical analysis in this public forum, where the approval 
is supposed to be made for the design.

If specifications need to be kept private, that's fine.  Keep them 
private.  And keep all the work private.  But that's not the IETF, of 
course.  Otherwise, please don't invoke a 'trust us' placeholder where 
substantive, public technical analysis is required.


> On the second point Eric is entirely correct that the issues of
> certificate/key management are strictly in the domain of
> national/industry policy re E.164 and as such have no business in the
> IETF whatsoever.  We will deal with those issues in other bodies as
> deemed appropriate.

So I do understand the operational point, concerning nationally- and 
internationally-regulated telecom services.  And again, that's fine.

But I did not see anything in the specification that said that this work 
is restricted to that use.  Nor would I expect to, given that SIP and 
other possible applications of Passport might operate in the same sort 
of unregulated and even p2p modes as most other Internet services.

Given that key management has such a long and frustrating history, 
leaving it as an open issue to be decided elsewhere mostly renders the 
current work useless.


> Along with Eric, silence on the existing set of documents in LC is,
> for now, acceptance.

Except that's not how the IETF is supposed to work, especially for a 
relatively new and unstable specification.

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net

v2.23.0 | Report a Bug | By Email