IETF Logo Mail Archive

Re: [stir] I-D Action: draft-ietf-stir-passport-rcd-15.txt

Chris Wendt <chris-ietf@chriswendt.net> Mon, 07 March 2022 20:09 UTC

Return-Path: <chris-ietf@chriswendt.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE3173A0A36 for <stir@ietfa.amsl.com>; Mon, 7 Mar 2022 12:09:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=chriswendt-net.20210112.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id szVgzJpzH6ze for <stir@ietfa.amsl.com>; Mon, 7 Mar 2022 12:09:25 -0800 (PST)
Received: from mail-vs1-xe29.google.com (mail-vs1-xe29.google.com [IPv6:2607:f8b0:4864:20::e29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3CCE3A0A1D for <stir@ietf.org>; Mon, 7 Mar 2022 12:09:25 -0800 (PST)
Received: by mail-vs1-xe29.google.com with SMTP id y4so18082694vsd.11 for <stir@ietf.org>; Mon, 07 Mar 2022 12:09:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chriswendt-net.20210112.gappssmtp.com; s=20210112; h=from:content-transfer-encoding:mime-version:subject:date:references :to:in-reply-to:message-id; bh=oxAMAKscuAUYv69O4ryGzOLqyTAHqsVpIiajI4k+gMY=; b=cdf1bqdLfiEaaltibOvWXw+0crgGBeo84mqoemFdEj1hvm7V2HbxXDK9NmUX6TRuPl b3/KucugYP7BC5baAE6Ch6nZOjVC06aUGcLv6PEEvYnVSzVKGUOxE0IwK/VDP0Hx56Oz EjrnGxMx4n05txo5jZNGYMuNOupoPgr/oSTipRBfI1nv2yA+Zy7R30adpgwIA+HJEh8D u2+gV51WZFqBlyrYFow989u6RqQViZoAVm63pnrgooDbfjTwmK0heXkoaaim6QWrLBTz WgpygJ9L33EHIdXFYSd5IH3DbClyAV7MRcdX0OytTWLppUN6ZqRieZ6Yy0SNt9FvT2S4 6VCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:date:references:to:in-reply-to:message-id; bh=oxAMAKscuAUYv69O4ryGzOLqyTAHqsVpIiajI4k+gMY=; b=WDEp6FpG3+6+5NqddcjWXzuDhQS7LEl9MlFMI6+CW7EA7saDRjyKA+2Z7e70ln/mfz zgGMVXMoKhpHP25oqhTp5OcYZJ/v7FP/4BMtDEVgARpC7DdVnfvqjY0NJYnJfMn93U7y SiYYkA8feQKNqY8BgAGzGm0O+lH2Gf+Xm09qRKP0UEHISiurDoe9vjWpKcJimEiUc3Yu PJimPdrz7rKePWiFOUmq9iGSTwcq1qW2Cb38PT2Q0+PSJVIMXFWPJjkKNHmMaagc6L04 iqyh9mpHzYb5p4hV/9T1X140hkbpbNw7dumHkW4ptQx9ZPj0Rdeo6ckkkKvNFQDbKW6o yO2g==
X-Gm-Message-State: AOAM533436EWZSK7peWX6i6CIO0J3oYJoS+BDgkrtRw655KE7yFttlBO kQ+QIyBxBDAgdLIzPwML0xHrVn+Elc+zdS2s
X-Google-Smtp-Source: ABdhPJxebyIWtUMvbX8/CgZSVEQCmxkfoyywKQhB+e5ALjD3+YfY52/i55ORC1blcMbNjpsuD5dX0g==
X-Received: by 2002:a67:cd85:0:b0:320:7c27:4377 with SMTP id r5-20020a67cd85000000b003207c274377mr5382937vsl.32.1646683764084; Mon, 07 Mar 2022 12:09:24 -0800 (PST)
Received: from smtpclient.apple (c-69-242-46-71.hsd1.pa.comcast.net. [69.242.46.71]) by smtp.gmail.com with ESMTPSA id g11-20020ab0598b000000b0034a021faff9sm2102838uad.14.2022.03.07.12.09.23 for <stir@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 Mar 2022 12:09:23 -0800 (PST)
From: Chris Wendt <chris-ietf@chriswendt.net>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
Date: Mon, 7 Mar 2022 15:09:22 -0500
References: <164668265629.3323.12838544005612068993@ietfa.amsl.com>
To: IETF STIR Mail List <stir@ietf.org>
In-Reply-To: <164668265629.3323.12838544005612068993@ietfa.amsl.com>
Message-Id: <7A2F6D11-57BD-4598-A023-B5547CBC4726@chriswendt.net>
X-Mailer: Apple Mail (2.3693.60.0.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/pGzG3o2MFxeX9NAFFhJyQFsn1Gs>
Subject: Re: [stir] I-D Action: draft-ietf-stir-passport-rcd-15.txt
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Mar 2022 20:09:31 -0000

Hi All,

I have submitted version 15 of this draft which incorporates quite a bit of discussion on a number of topics.  Given we won’t have a meeting until after IETF two weeks from now, i’d like to get as much list feedback on 15 so that I can potentially incorporate into a 16 going into the virtual STIR meeting when it is scheduled and hopefully be in a good position to start really sending off for WGLC this time, if possible.  I think taking the time to get this right was valuable, but there is now starting to be a lot of implementation, so time to really wrap things up.

The changes from 14->15 are as follows:

Added a new “icn” key/value to the “rcd” claim, the intent of this is to correspond to the Call-Info purpose of “icon” and provide a default mechanism for adding an image icon for calls.  There was a lot of discussion about use of jCard if the only use was for including an image, and i think this hopefully is well received change by all.

By far the largest change is around the rules for integrity and constraints for direct values vs URI referenced content. I have made the document state that integrity and constraints for direct values is optional, but still have a preference to do so.  It is absolutely true that you can constrain direct values through JWTClaimConstraints and including the direct value in the permitted values.  However, there is one small concern about size of certificate, but i think a much bigger concern about including RCD information in a publicly accessible certificate. So, i try to detail that concern in the document.

I have also made a number of editorial changes, i’ve fixed some of the examples, made them lexicographic order, clarified a number of things here and there.

Please review and us know your thoughts and feedback. 

Thanks everyone!

-Chris

> On Mar 7, 2022, at 2:50 PM, internet-drafts@ietf.org wrote:
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Secure Telephone Identity Revisited WG of the IETF.
> 
>        Title           : PASSporT Extension for Rich Call Data
>        Authors         : Chris Wendt
>                          Jon Peterson
> 	Filename        : draft-ietf-stir-passport-rcd-15.txt
> 	Pages           : 33
> 	Date            : 2022-03-07
> 
> Abstract:
>   This document extends PASSporT, a token for conveying
>   cryptographically-signed call information about personal
>   communications, to include rich meta-data about a call and caller
>   that can be signed and integrity protected, transmitted, and
>   subsequently rendered to the called party.  This framework is
>   intended to include and extend caller and call specific information
>   beyond human-readable display name comparable to the "Caller ID"
>   function common on the telephone network.  The JSON element defined
>   for this purpose, Rich Call Data (RCD), is an extensible object
>   defined to either be used as part of STIR or with SIP Call-Info to
>   include related information about calls that helps people decide
>   whether to answer an incoming set of communications from another
>   party.  This signing of the RCD information is also enhanced with a
>   integrity mechanism that is designed to protect the authoring and
>   transport of this information between authoritative and non-
>   authoritative parties generating and signing the Rich Call Data for
>   support of different usage and content policies.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-stir-passport-rcd/
> 
> There is also an htmlized version available at:
> https://datatracker.ietf.org/doc/html/draft-ietf-stir-passport-rcd-15
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-stir-passport-rcd-15
> 
> 
> Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
> 
> 
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir

v2.8.7 | Report a Bug | By Email