[stir] Ben Campbell's Discuss on draft-ietf-stir-rph-03: (with DISCUSS and COMMENT)

Ben Campbell <ben@nostrum.com> Tue, 17 April 2018 02:27 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: stir@ietf.org
Delivered-To: stir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8993012D86C; Mon, 16 Apr 2018 19:27:09 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Ben Campbell <ben@nostrum.com>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-stir-rph@ietf.org, Russ Housley <rhousley@vigilsec.com>, stir-chairs@ietf.org, rhousley@vigilsec.com, stir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.78.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152393202955.26114.3853075658304497317.idtracker@ietfa.amsl.com>
Date: Mon, 16 Apr 2018 19:27:09 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/lqyHmPeyLZX0LY3aHmnATvxwzOQ>
Subject: [stir] Ben Campbell's Discuss on draft-ietf-stir-rph-03: (with DISCUSS and COMMENT)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Apr 2018 02:27:10 -0000

Ben Campbell has entered the following ballot position for
draft-ietf-stir-rph-03: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-stir-rph/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

Thanks for this work. I plan to ballot "yes", but I have a couple of points I
think need to be discussed first.

§4.2: " If the signature validation fails, the verification service should infer
   that the calling party is not authorized for ’Resource-Priority’ as
   indicated in the claim.  In such cases, the priority treatment for
   the associated communication service is handled as per the local
   policy."

I suspect there will be deployments where the node making these local policy
decisions is downstream from the verifier. How do they know RPH verification
failed? Should the verifier strip resource priority header fields for which
validation failed?

§7.2:
   o  The verification of the signature MUST include means of verifying
      that the signer is authoritative for the signed content of the
      resource priority namespace in the PASSporT."

I gather the intent is to leave that means to local policy, or to be specified
elsewhere. I think that's a problem from an interoperability standpoint. The
verifier needs a way to know whether the authorizer is authoritative for the
RPH. If we want authorizers and verifiers from different vendors to be able to
interoperate, it seems like at least some mechanism needs to be standardized
and possibly MTI.


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

General: It's probably worth updating the references to 4474bis and passport to
their respective RFCs.

§3, 4th paragraph: The imbedding of ABNF in the middle of a paragraph is
difficult to read. It would be helpful to separate that from the surrounding
text in the conventional fashion.

§3, 5th paragraph and throughout: The repeated use of "r-value ="namespace "."
priority value" is hard to read. Please consider giving that parameter
construct a name, and using the name throughout.

§3, 7th paragraph: "The authority MUST use its credentials (i.e., CERT)"
Does "CERT" mean "Certificate"? I assume it's not "Computer Emergency Response
Team".

§4.1 : A SIP authentication service typically will derive the value of "rph"
   from the ’Resource-Priority’ header field based on policy associated
   with service specific use of the "namespace "." priority value" for
   r-values based on [RFC4412].:
"Typically" usually implies "Most but not all of the time". Is that the intent?

§4.2, last paragraph: Am I correct to guess that this is talking about valid
claims?