IETF Logo Mail Archive

Re: [stir] WGLC: draft-ietf-stir-passport-rcd-09

Russ Housley <housley@vigilsec.com> Thu, 10 December 2020 23:17 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E37673A132A for <stir@ietfa.amsl.com>; Thu, 10 Dec 2020 15:17:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1AaaylriIy_R for <stir@ietfa.amsl.com>; Thu, 10 Dec 2020 15:17:20 -0800 (PST)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CAE43A1329 for <stir@ietf.org>; Thu, 10 Dec 2020 15:17:20 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id A95C1300BC6 for <stir@ietf.org>; Thu, 10 Dec 2020 18:17:17 -0500 (EST)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id OnJs_n5F3OXK for <stir@ietf.org>; Thu, 10 Dec 2020 18:17:16 -0500 (EST)
Received: from dynamic-005-005-033-020.5.5.pool.telefonica.de (unknown [204.194.23.17]) by mail.smeinc.net (Postfix) with ESMTPSA id 13DF5300ADC; Thu, 10 Dec 2020 18:17:16 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <5393b70d-bfc7-c8ac-eb8d-30c8087a1e89@nostrum.com>
Date: Thu, 10 Dec 2020 18:17:17 -0500
Cc: IETF STIR Mail List <stir@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <04DA61EB-2662-40AF-B0AF-EDD39C019668@vigilsec.com>
References: <5393b70d-bfc7-c8ac-eb8d-30c8087a1e89@nostrum.com>
To: Robert Sparks <rjsparks@nostrum.com>
X-Mailer: Apple Mail (2.3445.104.17)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/nglhnIa0ZKCIcKSB5ROkUBDC4hU>
Subject: Re: [stir] WGLC: draft-ietf-stir-passport-rcd-09
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2020 23:17:23 -0000

The Abstract seems a bit long.  I think these points belong in the Abstract:

  - Extends PASSporT from RFC 8225 to include RCD
  - Extend caller and call specific information beyond human-readable display
   name comparable to the telephone network "Caller ID"
 - RCD is extensible
 - RCD when coupled with STIR provides signature over the information
 - RCD can also be used with SIP Call-Info

General: This appears many times: "Rich Call Data (RCD)".  Once in the Introduction should be enough.

Section 2: Ha ha. Please use:

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

Section 3: "Additionally, [I-D.ietf-sipcore-callinfo-rcd] also ..."  Please drop "also".

Section 5.1: What does "default" mean?  I think you mean that this is the inital set of keys, and more can be added in the future.

Section 5.1.4: Please add a reference to:

   [SHS]      National Institute of Standards and Technology (NIST),
              "Secure Hash Standard", FIPS Publication 180-4, August
              2015.

Also, I I suggest a bit or rewording::

   implementations MUST support the SHA-256, SHA-384, and SHA-512 hash algorithms [SHS].

Finally, if other hash algorithms MAY be supported, do we need an IANA registry for the strings associated with the other algorithms?

Section 6.1: Clearly the phone number should be 1-202-555-0007 ...

Russ


> On Dec 8, 2020, at 4:30 PM, Robert Sparks <rjsparks@nostrum.com> wrote:
> 
> This is a WGLC for draft-ietf-stir-passport-rcd-09.
> 
> Please send reviews to the list by the end of day 22 Dec 2020.
> 
> If you plan to provide a review but need more time, please let us know early.
> 
> See <https://datatracker.ietf.org/doc/draft-ietf-stir-passport-rcd/>
> 
> RjS
> 
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email