IETF Logo Mail Archive

Re: [stir] Review of: draft-ietf-stir-passport-05

"Peterson, Jon" <jon.peterson@neustar.biz> Fri, 29 July 2016 17:46 UTC

Return-Path: <prvs=10182c4863=jon.peterson@neustar.biz>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD8AB12D624 for <stir@ietfa.amsl.com>; Fri, 29 Jul 2016 10:46:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.601
X-Spam-Level:
X-Spam-Status: No, score=-102.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9QtRt6u3XJ4K for <stir@ietfa.amsl.com>; Fri, 29 Jul 2016 10:46:52 -0700 (PDT)
Received: from mx0b-0018ba01.pphosted.com (mx0b-0018ba01.pphosted.com [67.231.157.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E8B212D182 for <stir@ietf.org>; Fri, 29 Jul 2016 10:46:52 -0700 (PDT)
Received: from pps.filterd (m0049401.ppops.net [127.0.0.1]) by m0049401.ppops.net-0018ba01. (8.16.0.17/8.16.0.17) with SMTP id u6THgoNG018210; Fri, 29 Jul 2016 13:46:49 -0400
Received: from stntexhc12.cis.neustar.com ([156.154.17.216]) by m0049401.ppops.net-0018ba01. with ESMTP id 24c4wc6fta-1 (version=TLSv1 cipher=AES128-SHA bits=128 verify=NOT); Fri, 29 Jul 2016 13:46:48 -0400
Received: from STNTEXMB10.cis.neustar.com ([169.254.5.94]) by stntexhc12.cis.neustar.com ([::1]) with mapi id 14.03.0279.002; Fri, 29 Jul 2016 13:46:48 -0400
From: "Peterson, Jon" <jon.peterson@neustar.biz>
To: "dcrocker@bbiw.net" <dcrocker@bbiw.net>, IETF STIR Mail List <stir@ietf.org>
Thread-Topic: [stir] Review of: draft-ietf-stir-passport-05
Thread-Index: AQHR6Pa+qcjKJ8B9hE+IbOWpflw+YqAwC2aA///iyICAACbTAA==
Date: Fri, 29 Jul 2016 17:46:48 +0000
Message-ID: <D3C16040.1A6A09%jon.peterson@neustar.biz>
References: <07e0eb16-6758-cdf1-c571-1f1ed768e741@dcrocker.net> <D3C152B2.1A69BA%jon.peterson@neustar.biz> <b096b541-c8af-9617-c9d7-5a1beb5230e8@dcrocker.net>
In-Reply-To: <b096b541-c8af-9617-c9d7-5a1beb5230e8@dcrocker.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.3.160329
x-originating-ip: [10.96.13.16]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <383604DDD16AC64BB903A7153B652C7F@neustar.biz>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-07-29_12:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1604210000 definitions=main-1607290176
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/ohCEfcA748e5LHebZrJTOzMnPKI>
Subject: Re: [stir] Review of: draft-ietf-stir-passport-05
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jul 2016 17:46:54 -0000

I wouldn't say it's a correction to the STIR charter - the charter was
always clear that it was not limited to SIP (see the bits about "one or
more non-SIP hops" and "out-of-band mechanism" in the charter). But given
that our original signing mechanism was, as I said, a concatenation of SIP
header field values, the intervention was that other protocols would need
something less bound to SIP. JWT turned out to be the solution that the
group had consensus to adopt.

If you want a record of this intervention, I might point you to the Oct 9
2015 virtual interim where this was the focus:

https://www.ietf.org/mail-archive/web/stir/current/msg02140.html


... and then the intense list discussion that followed hard upon it. This
is turn led to some design team calls, and so on. It was not a
particularly isolated or unconsidered decision.

Jon Peterson
Neustar, Inc.

On 7/29/16, 7:27 PM, "Dave Crocker" <dhc@dcrocker.net> wrote:

>On 7/29/2016 10:12 AM, Peterson, Jon wrote:
>> We had a major intervention in the work last fall to the effect that we
>> need to build more generically for real-time communications rather than
>> just SIP.
>
>
>I'm not clear what this means.  Can you point to the record of this
>intervention?  And how it changes the technical requirements?  And how
>the current specifications are responsive to that change in scope?
>
>And since the scope was changed, why wasn't the charter:
>
>      The STIR working group will specify Internet-based mechanisms that
>allow verification of the calling party's authorization to use a
>particular telephone number for an incoming call.
>
>
>
>d/
>-- 
>
>   Dave Crocker
>   Brandenburg InternetWorking
>   bbiw.net

v2.23.0 | Report a Bug | By Email