IETF Logo Mail Archive

[stir] draft-ietf-stir-servprovider-oob-03 feedback

Simon Castle <simoncastle@microsoft.com> Fri, 06 January 2023 17:30 UTC

Return-Path: <simoncastle@microsoft.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE78FC14F73D for <stir@ietfa.amsl.com>; Fri, 6 Jan 2023 09:30:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.998
X-Spam-Level:
X-Spam-Status: No, score=-6.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IFw0th9ej4WA for <stir@ietfa.amsl.com>; Fri, 6 Jan 2023 09:30:46 -0800 (PST)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2113.outbound.protection.outlook.com [40.107.22.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7675C14F726 for <stir@ietf.org>; Fri, 6 Jan 2023 09:30:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kvtKSN4xlo+m2/T7L6fV/rHkKCzZxNRCCFFMm/LZ+6I8PNDKVv0C1VDsp78ZYmC2eQ1+06KG9Kz81PiInW4pI5hXWdqVt2U3VK+Sbjqt7Flzyvk8C0R2qDFd56BPGwdZXrAVveliIcAkLjVrEUzO69jrPu49dMjorJ+ctmKrDskvaZForWBcpmYrbe+oN6g42zOHZLjoH+HF+yhvzE3ZGNa+QRWCB92IxIV/HlkavM37v6+t1UHCBBMsThuwXPxtyUJWIXI66taf+Z2QwBpC+eGSarcGIIWh3M8AQkfUUzDbBQP4H2vPHYN8/oh60YyEKYLEIO+G3R04eLQcWVMeRA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=51fg/oV/LM3WyFEjVRHx9TmDn8eJzP/KnA6Q719i5Ac=; b=J73s4pHh195LiJqYW6ZGRQE1tMknAb5TzXLBPCONlZl+pJmXl8jpmlEDKT5Wks4R7HrBO9O8lbkMkkVTkMakgBFT+/5O361/rCIIbjHpXk3ezNeMhUZ6y/U98dn0eNIAIyosNX5UvTtclfd41revwEYYi8m5EQf5KvIDFxdiCM0omJXsJVMMYu2edzU74SgJHNuOVcZdg1JfDmIQJjLs3N2eBOnq/REBPPb9F0YgTG9GIlVJTTo+936vkRT4fdwUK4i9d96Act6ZXyiy3SomEhHVhp7lo0uW8ykLza2NfevWCsKICVMpWWaajlothYe5xUGemmQ6b1Mm2SvdAvbsIQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=51fg/oV/LM3WyFEjVRHx9TmDn8eJzP/KnA6Q719i5Ac=; b=R7pwCsYLDDt66KiaTmOrvRyf1uWXNHpo86CIJcOFKVYWY41fC8sBioK+lC8b0MMebcSLj/A+s1iqX3uJFyTvIt8jk/MSZ0vWzvUL9z4aOdHmA/PflAXPMKZK0mIAue+r7zrFYXf0Df99S7mgE/y1eZsPHFT7EKx0GpmqLtdGr68=
Received: from VI1PR83MB0432.EURPRD83.prod.outlook.com (2603:10a6:800:190::22) by DBAPR83MB0454.EURPRD83.prod.outlook.com (2603:10a6:10:191::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.4; Fri, 6 Jan 2023 17:30:38 +0000
Received: from VI1PR83MB0432.EURPRD83.prod.outlook.com ([fe80::7958:e5ee:1807:5db7]) by VI1PR83MB0432.EURPRD83.prod.outlook.com ([fe80::7958:e5ee:1807:5db7%6]) with mapi id 15.20.6002.005; Fri, 6 Jan 2023 17:30:38 +0000
From: Simon Castle <simoncastle@microsoft.com>
To: "jon.peterson@team.neustar" <jon.peterson@team.neustar>, IETF STIR Mail List <stir@ietf.org>
CC: Jack Rickard <jack.rickard@microsoft.com>
Thread-Topic: draft-ietf-stir-servprovider-oob-03 feedback
Thread-Index: Adkh8xSf5wZ3biXXT5SzuAI7x1G8yg==
Date: Fri, 06 Jan 2023 17:30:24 +0000
Deferred-Delivery: Fri, 6 Jan 2023 17:30:11 +0000
Message-ID: <VI1PR83MB0432C10B93AAF278FA9406C1BBFB9@VI1PR83MB0432.EURPRD83.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: VI1PR83MB0432:EE_|DBAPR83MB0454:EE_
x-ms-office365-filtering-correlation-id: 44eb2741-3a04-4057-744e-08daf00bba05
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vWPamio53HqCi8m8+CFRzaqrbPy7f1S6lJ76EmTEjXHCX2TtJbeQ9m/Agel6qwhIzUXLcoo9giBLt2zmztIDwLNwJ4cdkjSatQv5oCSC1QXq5o2hcENiyY3cHWS/CddZj3W/ZatSz0+5pjblKX0UHrz8pexL7+CO9z2TCDZJAygp/b1dFMcc2wKdFI5BXmTx8FkrTRZAHkLjCnZ7ASRatrYLAMcuNqfnt6XcP9V3yIMfNW7KFptuRcM6vvWCOKcP7EPzMdYCr2h7XWcFXqc0EF9aQmCY5oOAXU4uzAeitfgVv50ovZHyjLbYqaimjJNjAQ5dtLqAfJKEU5R49TE276E5HfdyRhdyaI5wQzJMgfXAoOHp4Fmd//uRllT5d5JaZlXh503wvKOWXGtTY9HsptxA16jKEsVCy63anfPkC/FqX6e+0RS2K8/NIODo7AWqPjWU970wOy57vVCTEznCMZinfIWYH5wzY7WBuPhqxbhoAITQH9mK3d40KMjHSxJJSUSfMYmBkhPlsAhNRZduNjUK8mE/8yHon2H6SsOwR6XOryISqY6ynrIXIubESHn1oA7D/U+sclBSy56F9viW693w9GHDWkSxLUQpqVQXmRYbLrBZP9aNY75le8vSdqoNNaUmJtJyl/WJnQ1VJdKbdckqzFo1Qf5WyoAbm0PuLhW10IZ4e2a0KVFZXODUP09YFjJ3BNukgmI/HzwAfLBVUQqgMW1n5+0zzsnO9ABOoHODO9oWkmYDAAdIZLdJkicwbpO+L6jfRqhAl41lZ89nzw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR83MB0432.EURPRD83.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(39860400002)(136003)(346002)(376002)(396003)(366004)(451199015)(82950400001)(9686003)(122000001)(2906002)(8990500004)(99936003)(33656002)(41300700001)(55016003)(86362001)(10290500003)(316002)(166002)(82960400001)(38100700002)(66446008)(66946007)(38070700005)(66556008)(8676002)(83380400001)(5660300002)(76116006)(66476007)(64756008)(6506007)(478600001)(110136005)(7696005)(6666004)(107886003)(52536014)(186003)(26005)(8936002)(71200400001)(4326008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: XOdqgT+Oc0N9+/UdszzycaphxM7P2w88i0rqGYN7wVhxxdk5tpzJxjvYmqaYi2kl1oa+mE1uf0vxqdeUGFq3H6T5ScALsa5tdIQbNfrp7y4QSNcNCP1JfHjcIrfOrg4AIeibKMdXFTDO8WHRwXfIYWviQBNpBQFxflv/3zMoeLCuIF5EbmSOe4VuVmHlKLuMMEGTovQDbNvIxJnOCvsvFrEOOiZdehVTPmSFSwsv8m22I6bPx+xhH7cstECqOY1H/BXSQqx7uu+1g51JReqIqUp4FNCjOiqecyJ4Q6CMibFmIyf02BUzsKijVI9wkP2c3pKLqe6s9hQB8aqV6Fm8PbdBV+/jQpUUKttNsEa7jnT/Qh4a3FqQUXnNAkEe9RNvorsyeGEpsqVu5N+Dbz4Gs7qCH3fhiWn4Vabw4dqgcgOdvLgrZsuonKfhHtlGZrqd/BNqlZJm6iREi1T9+dm++HlKkhYfs7SI1cDXm5QM7wkG9X/JLLG08HE+P5W5KperGf5EXh5lE6Nz93RSetLNn2YYoPXOkljJUo8t4wkv5OojQxuziPFOzdajOmOCJZU9AYLsW3vaTZD/+9m2dczKt+D3H6x9VhMK3EyswTUj+XKJ52wzHgjzUYsOrp2+W1agiNFiYcOpjeDuHLk1qOTqbYeTIeiksoCgIqnauPIiv9hTWSkPbkrE84ScMq1fe8Qef5SpdRX/pIQ4GXo9KmYewl8YlFdM/YRXKI2KqG9UQQH6zGt5aT7RVMEvFmliomsJA6b4SkFI9YOTQa01DpbEXLJlb4RRkhjW3cLW1vqezLeiFAUjiqF3WGSyyu2SyIybxHixRO9onHf9YleSamre+BlQgoWMWzNiE4sFblfLVFF/rzfpaDjbzSliadhEIqlhBnUiqvUYWD1jivfLq/0QncFrPcYE5fg42Uw4UURKiZHj4uguL+Z6tsRK64uq+DUK9B5G1FMJfJrI0OHs7xWpZ5hXCgUxB7p8XpZ+u3iCF3bW7tgdl9JLWj+zIdyUWvh7Nw+Gm5Byvrki4KfQP0VsMnv+VvppQSI7zcjj5XqvB2dtA7tN9y087EuAFQCO/lcyh47toQc+/vVqGd6MaJ+thqVy3Vi0jvtyi8D5a/bua4M18Q6ikjsYQgqibwWPje6Qg8fXdXQQD8TIQO6ia72NtBjfWZI3g/3gjdaucZcltgj3P9IZAuxTUEg3++LW2ZtMTmgZdFIh37t+uOZl89MZXylrT6jtEAX6JbzjhkB3vgo6fmFwEIprCqC1H7wJtQk68LcmRXQw2KXMSqhrZYfqbU1i2NWKGVomXBJGxDf/uP6KVlcvzciF3n++49SFRaLkf4vmp8vjYegwNvA6W7hlJgsAV25Cb1yJjTEtNNqGkaj+BqYQOnadpucqR0GkCgOJHIWXCd3WhvHwRNV5HBoAhpKxDCUGWgm7eV+YbM5AX75SC5zl5rhhCb9reS4gknO2ClxsTIxirjPuBJeJdqhiHrCPdI+LLXG9wfroAHmh8d2fqqb5vqzg4Xj8qnMoL08k3pzEYzBnw7iV6Y+mEC55+A==
Content-Type: multipart/related; boundary="_004_VI1PR83MB0432C10B93AAF278FA9406C1BBFB9VI1PR83MB0432EURP_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR83MB0432.EURPRD83.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 44eb2741-3a04-4057-744e-08daf00bba05
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jan 2023 17:30:38.2416 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Vk/vS5v9eL53hkZr2D/W2HPFjgLISKJXxNuvqNt0H5ZhJl5kXtqfGi5TIE6s8g+CC9HfcXoUCsxk4cg8hg63iBz9SAgFtLD+jwOhcpmeqzU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR83MB0454
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/nW_d2hR8fUpn_gfvkFD40-r_Nbk>
Subject: [stir] draft-ietf-stir-servprovider-oob-03 feedback
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jan 2023 17:30:50 -0000

Hi all,

I have a few comments on the Out-of-Band STIR for Service Providers draft (https://datatracker.ietf.org/doc/draft-ietf-stir-servprovider-oob/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-stir-servprovider-oob%2F&data=05%7C01%7Csimoncastle%40microsoft.com%7Cc86b8fbfdf514e506ef908dade94657d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638067026224047968%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=7caoXSMmSt3xV7t%2B5Qm663lB4czPBb%2BWI8X1KP4xEpg%3D&reserved=0>), relating to the use of TnAuthLists for the identification of the CPS in the OoB framework (Section 4: "Advertising a CPS").


  *   The AS must select which CPS to send the signed identity to.  The suggestion is that the choice of CPS can be made based on associating the TnAuthList to the CPS URI based on the received advertisements.  However, if the CPS uses SPCs to advertise itself, as opposed to TN Ranges, there is no way proposed for the AS to correlate a call's destination number to the destination.
     *   I wasn't clear if this is what is being referred to in Section 10 (Security Considerations) with the comment "determining whether a given SPC entitles a service provider to access PASSporTs for a given telephone number is not trivial, but is a necessary component of this CPS architecture" or if that was referring to the AS being able to authenticate the CPS; either way, this gap feels like it should be highlighted in Section 4 with the core advertisement proposal (if only to say something like "CPSs must advertise their TN Ranges rather than an SPC value, or else determine another method by which AS recipients can identify the numbers they have authority for").
  *   TNAuthLists provide no method of describing URIs, which can also be the recipient of calls, unless through an (undefined) association with an SPC.  Should this document provide support for OoB calls to destination URIs as well as to TNs?
  *   The example in-line `{ "1234":"https://cps.example.com<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcps.example.com%2F&data=05%7C01%7Csimoncastle%40microsoft.com%7Cc86b8fbfdf514e506ef908dade94657d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638067026224047968%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=4iT31sZ8mz67C07hmAXj6pvcbDtpVirANuNiKu0e28I%3D&reserved=0>" }` is incomplete; the key should be a TnAuthList but in the example there'd be no way to distinguish "1234" between being an SPC or a TN (although the length suggests it's intended as an SPC).

Thanks,
Simon

Simon Castle (he/him)
Software Engineer
simoncastle@microsoft.com<mailto:simoncastle@microsoft.com>

[Microsoft Logo]

v2.23.0 | Report a Bug | By Email