IETF Logo Mail Archive

Re: [stir] JWT/JSON (was - Re: Review of: draft-ietf-stir-passport-05)

Richard Shockey <richard@shockey.us> Sun, 07 August 2016 16:51 UTC

Return-Path: <richard@shockey.us>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3903C12B006 for <stir@ietfa.amsl.com>; Sun, 7 Aug 2016 09:51:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.019
X-Spam-Level:
X-Spam-Status: No, score=-2.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (768-bit key) header.d=shockey.us
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WTTcufRHnccL for <stir@ietfa.amsl.com>; Sun, 7 Aug 2016 09:51:09 -0700 (PDT)
Received: from qproxy4-pub.mail.unifiedlayer.com (qproxy4-pub.mail.unifiedlayer.com [66.147.248.250]) by ietfa.amsl.com (Postfix) with SMTP id E3D1B12B013 for <stir@ietf.org>; Sun, 7 Aug 2016 09:51:08 -0700 (PDT)
Received: (qmail 18332 invoked by uid 0); 7 Aug 2016 16:51:02 -0000
Received: from unknown (HELO cmgw2) (10.0.90.83) by qproxy4.mail.unifiedlayer.com with SMTP; 7 Aug 2016 16:51:02 -0000
Received: from box462.bluehost.com ([74.220.219.62]) by cmgw2 with id UGlw1t00f1MNPNq01GlzT5; Sun, 07 Aug 2016 10:46:01 -0600
X-Authority-Analysis: v=2.1 cv=KaJB72oD c=1 sm=1 tr=0 a=jTEj1adHphCQ5SwrTAOQMg==:117 a=jTEj1adHphCQ5SwrTAOQMg==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=1oJP67jkp3AA:10 a=ZZnuYtJkoWoA:10 a=8WrITzYgnNwA:10 a=fGh7L_e3oJcA:10 a=7z1cN_iqozsA:10 a=PeFO9FbFhS32YxYntvkA:9 a=ll-iCDY8AAAA:8 a=M0OflfRGAAAA:8 a=48vgC7mUAAAA:8 a=0FD05c-RAAAA:8 a=hGBaWAWWAAAA:8 a=k7Ga1wGzAAAA:8 a=CN5uK3bRT0i0LWX1e10A:9 a=IVI4u2FyGK6UHZbX:21 a=IIjnzYgihLIJpOUH:21 a=QEXdDO2ut3YA:10 a=ivbTfD_dPm4A:10 a=yMhMjlubAAAA:8 a=SSmOFEACAAAA:8 a=b8OvNEjoAAAA:8 a=UNg5tVRWmCBYOAOt:21 a=EzRislfDozDjlHmX:21 a=Xnni5VY6iXKcIObK:21 a=gKO2Hq4RSVkA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10 a=frz4AuCg-hUA:10 a=NWVoK91CQySWRX1oVYDe:22 a=oEv2QzVjxXEItEogYapJ:22 a=NumKjXolQHiPR4xHErVj:22 a=VpyrLIdO_Ztbr3SWPBuH:22 a=6yl0mh0s51TKORVA8GqK:22 a=w1C3t2QeGrPiZgrLijVG:22 a=l1rpMCqCXRGZwUSuRcM3:22 a=Q-ofuW86YyylptHqTH-7:22 a=ijMaxGghyylP-n2pFjDB:22 a=BKKCjISod1eDJeS0ORpz:22 a=zjWhRoSqWz9hl55Hdlzg:22 a=xfJ8-ueq0pyqlCF7aVox:22
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=shockey.us; s=default; h=Content-type:Mime-version:In-Reply-To:References:Message-ID:CC: To:From:Subject:Date; bh=WjBx56CcI6w4zjUeJVhu/fy4ERKAdRaVcI+47gt7wFs=; b=nL2a b77nNVcgadBZsoCFuIgncU6w1rqc1rgPuyoOh/9wnoNE8X3GxNspDuwtLQh5sEj+Lt88tceWSamzV SzBzVEyXF5dbPERPZe66dmdwruCnvMUR+wHC9F7AiiTMNIv;
Received: from [100.36.21.178] (port=59008 helo=[192.168.1.152]) by box462.bluehost.com with esmtpa (Exim 4.86_2) (envelope-from <richard@shockey.us>) id 1bWRD4-00032G-F6; Sun, 07 Aug 2016 10:45:58 -0600
User-Agent: Microsoft-MacOutlook/f.18.0.160709
Date: Sun, 07 Aug 2016 12:45:58 -0400
From: Richard Shockey <richard@shockey.us>
To: Christer Holmberg <christer.holmberg@ericsson.com>, "Peterson, Jon" <jon.peterson@neustar.biz>
Message-ID: <925FA026-4821-4A9B-822F-EAA2A5851AF2@shockey.us>
Thread-Topic: [stir] JWT/JSON (was - Re: Review of: draft-ietf-stir-passport-05)
References: <07e0eb16-6758-cdf1-c571-1f1ed768e741@dcrocker.net> <D3C152B2.1A69BA%jon.peterson@neustar.biz> <b096b541-c8af-9617-c9d7-5a1beb5230e8@dcrocker.net> <D3C16040.1A6A09%jon.peterson@neustar.biz> <d66d91f0-9ea2-6295-e749-e48ea37b4892@dcrocker.net> <cfd714ce-6145-1b60-aca2-ae702a8c133d@dcrocker.net> <7594FB04B1934943A5C02806D1A2204B4771FF73@ESESSMB209.ericsson.se> <5fdf4ad3-1528-3d79-6bdb-b5eb350e5c2a@alum.mit.edu> <dbb24381-55fd-fa64-d32b-fcc50265ccab@dcrocker.net> <7594FB04B1934943A5C02806D1A2204B47723C55@ESESSMB209.ericsson.se> <503738d8-c166-dfc1-d153-338d56b844c1@dcrocker.net> <7594FB04B1934943A5C02806D1A2204B4BBB1D69@ESESSMB208.ericsson.se> <51D45AE5-67D2-4120-BCA2-7BFC845E2126@neustar.biz> <7594FB04B1934943A5C02806D1A2204B4BBB7359@ESESSMB208.ericsson.se>
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B4BBB7359@ESESSMB208.ericsson.se>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3553418758_749855961"
X-Identified-User: {3286:box462.bluehost.com:shockeyu:shockey.us} {sentby:smtp auth 100.36.21.178 authed with richard+shockey.us}
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - box462.bluehost.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - shockey.us
X-Source-IP: 100.36.21.178
X-Exim-ID: 1bWRD4-00032G-F6
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: ([192.168.1.152]) [100.36.21.178]:59008
X-Source-Auth: richard+shockey.us
X-Email-Count: 0
X-Source-Cap: c2hvY2tleXU7c2hvY2tleXU7Ym94NDYyLmJsdWVob3N0LmNvbQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/llbKb-VJYeB3QphlsZO2s9A1r38>
Cc: "stir@ietf.org" <stir@ietf.org>, "dcrocker@bbiw.net" <dcrocker@bbiw.net>, Paul Kyzivat <pkyzivat@alum.mit.edu>
Subject: Re: [stir] JWT/JSON (was - Re: Review of: draft-ietf-stir-passport-05)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Aug 2016 16:51:12 -0000

 

Did someone mention examples? 

 

— 

Richard Shockey

Shockey Consulting LLC

Chairman of the Board SIP Forum

www.shockey.us

www.sipforum.org

richard<at>shockey.us

Skype-Linkedin-Facebook rshockey101

PSTN +1 703-593-2683

 

 

From: stir <stir-bounces@ietf.org> on behalf of Christer Holmberg <christer.holmberg@ericsson.com>
Date: Sunday, August 7, 2016 at 7:10 AM
To: "Peterson, Jon" <jon.peterson@neustar.biz>
Cc: "stir@ietf.org" <stir@ietf.org>, "dcrocker@bbiw.net" <dcrocker@bbiw.net>, Paul Kyzivat <pkyzivat@alum.mit.edu>
Subject: Re: [stir] JWT/JSON (was - Re: Review of: draft-ietf-stir-passport-05)

 

Hi Jon,

My point is that (as you also wrote) how PASSporT is used with SIP is covered in 4424bis. Whether the current text is sufficient enough or not is a separate discussion, not related to draft-passport.

Regards,

Christer

Sent from my Windows Phone

From: Peterson, Jon
Sent: ‎06/‎08/‎2016 20:50
To: Christer Holmberg
Cc: dcrocker@bbiw.net; Paul Kyzivat; stir@ietf.org
Subject: Re: [stir] JWT/JSON (was - Re: Review of: draft-ietf-stir-passport-05)

Briefly, there is and always has been a "bare minimum" set of headers and claims that are mandatory for PASSporT. Ultimately, the question of what headers and claims are mandatory in PASSporT is a stir-passport question. SIP as a using protocol of PASSporT defines only which fields in a SIP request will populate those mandatory components of a PASSporT object, and that information is given in considerable detail in RFC 4474bis today. 

 

Extensions may propose additional claims that will appear in PASSporT objects. The extensibility model of PASSporT is similarly a matter for the PASSporT spec rather than RFC 4474bis, though we anticipate that extensions may want to specify some initial using protocol behavior as well. We should have a few examples of that soon. 

 

Jon Peterson

Neustar, Inc.

Sent from my iPad


On Aug 5, 2016, at 4:03 PM, Christer Holmberg <christer.holmberg@ericsson.com> wrote:

Hi Dave,

I don't know whether the WG has yet decided whether there will be options and alternatives (i.e. whether sending of claims/headers will be mandatory, optional or forbidden) - so we don't yet know whether there will be an "if" :)

But, if there will be an "if", 4424bis needs to describe how to correctly handle the different options and alternatives.

Regards,

Christer

Sent from my Windows Phone

From: Dave Crocker
Sent: ‎05/‎08/‎2016 17:20
To: Christer Holmberg; Paul Kyzivat
Cc: stir@ietf.org
Subject: Re: [stir] JWT/JSON (was - Re: Review of: draft-ietf-stir-passport-05)

Christer,


On 8/4/2016 11:45 PM, Christer Holmberg wrote:
>
> The receiver needs to be able to parse JSON if the sender includes the
> claims, in order to verify the signature.

Alternatives and options make specifications more complex and often 
introduce potential non-determinacies.  So the 'if' that you cite is not 
a small matter.

In practical terms, the 'if' means that verifiers must be able to parse 
json as well as encode it.


> Also, whatever headers we include, I assume the receiver should be able
> to parse them.
>
> But, parsing JSON is not a difficult thing to do, and there are
> available libraries for those who don't want to implement the parser
> themselves.

Just to make sure this sub-thread retains its context:  I did not 
comment on the choice of JSON/JWT in the actual review.  It's not an 
irrational or horrible choice.

But it does add overhead.  It adds it to the effort needed to understand 
the specifications.  And it adds it to the software.  (It might also add 
it to the execution of the software, but I suspect that is, at worst, a 
negligible difference here.)

One of the more deceptive parts of writing standards is the seduction of 
"is not a difficult thing to do".  In most cases where that sort of 
comment is offered, it is quite true.  The problem is with incremental 
complexities.  A not-difficult here; a not-difficult there... They 
really do mount up.

By way of example, having to send the reader off to become proficient in 
two additional specifications is not a small increment in developmental 
overhead, especially when those specification have no natural -- ie, 
pre-occurring -- relevance to the current work.

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net

_______________________________________________
stir mailing list
stir@ietf.org
https://www.ietf.org/mailman/listinfo/stir

_______________________________________________ stir mailing list stir@ietf.org https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email