IETF Logo Mail Archive

Re: [stir] Summary comments on draft-ietf-stir-* document trio at WG Last Call

Richard Shockey <richard@shockey.us> Sun, 14 August 2016 21:29 UTC

Return-Path: <richard@shockey.us>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B044A12D7E5 for <stir@ietfa.amsl.com>; Sun, 14 Aug 2016 14:29:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.02
X-Spam-Level:
X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (768-bit key) header.d=shockey.us
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m1p27-yp0P61 for <stir@ietfa.amsl.com>; Sun, 14 Aug 2016 14:29:38 -0700 (PDT)
Received: from qproxy4-pub.mail.unifiedlayer.com (qproxy4-pub.mail.unifiedlayer.com [66.147.248.250]) by ietfa.amsl.com (Postfix) with SMTP id ED15E12D12B for <stir@ietf.org>; Sun, 14 Aug 2016 14:29:37 -0700 (PDT)
Received: (qmail 30412 invoked by uid 0); 14 Aug 2016 21:29:30 -0000
Received: from unknown (HELO cmgw4) (10.0.90.85) by qproxy4.mail.unifiedlayer.com with SMTP; 14 Aug 2016 21:29:30 -0000
Received: from box462.bluehost.com ([74.220.219.62]) by cmgw4 with id X9QR1t00v1MNPNq019QUWD; Sun, 14 Aug 2016 15:24:30 -0600
X-Authority-Analysis: v=2.1 cv=TIHWFTVa c=1 sm=1 tr=0 a=jTEj1adHphCQ5SwrTAOQMg==:117 a=jTEj1adHphCQ5SwrTAOQMg==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=1oJP67jkp3AA:10 a=ZZnuYtJkoWoA:10 a=8WrITzYgnNwA:10 a=etTHQkYnwnYA:10 a=7z1cN_iqozsA:10 a=48vgC7mUAAAA:8 a=b8OvNEjoAAAA:8 a=k7Ga1wGzAAAA:8 a=FRid492KAnsWCsXHZr8A:9 a=wiTA9H2bvMg1VP2G:21 a=pMcUkL8X7-NBMFYe:21 a=QEXdDO2ut3YA:10 a=w1C3t2QeGrPiZgrLijVG:22 a=xfJ8-ueq0pyqlCF7aVox:22 a=ijMaxGghyylP-n2pFjDB:22
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=shockey.us; s=default; h=Content-transfer-encoding:Content-type:Mime-version:In-Reply-To :References:Message-ID:CC:To:From:Subject:Date; bh=AVI2YprpBhzxslhsp60tDBYGLZrT6g2yDTGIGXmQ35o=; b=AomePkDsrKmQITNqt8DNDt3Qt7 ZoGpuieIWneXBX5BSlQEBBgfwRouzWVVtEehrZo6EDLCYZeYemsXONX+MiK5eFRV5ZHOxq7z6aJVt RgCfc9a+MTfsgnbm6Wa5iobx2;
Received: from pool-100-36-40-228.washdc.fios.verizon.net ([100.36.40.228]:64437 helo=[192.168.1.152]) by box462.bluehost.com with esmtpa (Exim 4.86_2) (envelope-from <richard@shockey.us>) id 1bZ2tN-0004wz-OK; Sun, 14 Aug 2016 15:24:25 -0600
User-Agent: Microsoft-MacOutlook/f.18.0.160709
Date: Sun, 14 Aug 2016 17:24:23 -0400
From: Richard Shockey <richard@shockey.us>
To: dcrocker@bbiw.net, "Peterson, Jon" <jon.peterson@neustar.biz>
Message-ID: <465A9984-002B-4D8C-8DB8-195F54F067D2@shockey.us>
Thread-Topic: [stir] Summary comments on draft-ietf-stir-* document trio at WG Last Call
References: <D975E88FEBB366379F3D8DB2DDF473C9C3E4F2CF@Janices-iPhone> <c8b90ad2-dd66-9aeb-756b-cf3d95eeacd3@bbiw.net> <17A4057909C5124FBCA624CD7B0C43A20121B4A6A890@HQ1-MAILMB-V1.trade.ftc.gov> <eeb5dd18-94a6-aa60-7f5f-a2f8ee30a61a@dcrocker.net> <D3D40EC6.1A72C6%jon.peterson@neustar.biz> <e7819d83-0bf8-a1ae-4efa-999440d65cd7@dcrocker.net>
In-Reply-To: <e7819d83-0bf8-a1ae-4efa-999440d65cd7@dcrocker.net>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
X-Identified-User: {3286:box462.bluehost.com:shockeyu:shockey.us} {sentby:smtp auth 100.36.40.228 authed with richard+shockey.us}
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - box462.bluehost.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - shockey.us
X-Source-IP: 100.36.40.228
X-Exim-ID: 1bZ2tN-0004wz-OK
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: pool-100-36-40-228.washdc.fios.verizon.net ([192.168.1.152]) [100.36.40.228]:64437
X-Source-Auth: richard+shockey.us
X-Email-Count: 0
X-Source-Cap: c2hvY2tleXU7c2hvY2tleXU7Ym94NDYyLmJsdWVob3N0LmNvbQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/qYY1PLOhT5-DsurwZvf9XV8au4o>
Cc: "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] Summary comments on draft-ietf-stir-* document trio at WG Last Call
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Aug 2016 21:29:41 -0000

Again .. it should come as no suprise that I am in agreement with Jon’s comments here.  In addition, if Jon seems rather rude or sarcastic in dismissing your comments /concerns I believe he accurately represents the consensus of many of us on this list.  I prefer to reserve my rude / sarcastic comments for one WG at at time aka MODERN. Even then my rudeness there is based on the observation within the telecom industry that tactically MODERN is barking up the wrong tree.  Right idea, wrong application to start with. 

Dave if this is your attempt to build a case to demand a full stop during IESG review then some of us have to document the counter argument right now. 

First. I restate. The proposed protocol construct is in fact “fit for purpose”.  In fact its better than “fit for purpose”.  It is clearly and demonstrably more flexable and extensible than DKIM for a good reason.  SIP is not SMTP.  Your fundamental objection is a classic case of false equilivency.  Just because DKIM works for SMTP does not imply that it would/should work for SIP.   I catagorically reject the notion that they are the same.  I will go a bit farther. This is Telephony, not the Internet.  The delegations of authority in both naming and addressing (E.164), SIP being realtime,  and the primary nature of nation state regulatory oversight are very very different than in general case of Internet protocols, though in the US with Title II reclassification you can make the argument that the Internet is now Telephony and not the other way around.  I’ll save that discussion for another policy panel at another time and place.

Second, though the immediate needs as defined in the charter were to validate claims about the Caller-ID (E.164) and potentially Calling Name within SIP headers it was clear to most of us that there would be addititional claims put forward about the session by various parties that would not and could not be accmodiated by the DKIM protocols.  What those claims might be do not need to be identified at this time. Nor does the WG need to address how the protocols could be used in different naming and addressing schemes.  Jon is more than capable of sharing with us his views on how this could work for WEBRTC at the appropriate time. We build tools and keeping the protocol construct to the minimum level in order to permit application providers maximum flexibility in how to apply those tools is a “good thing” tm. 

I have certainly made clear my objections to the drafts but those are clearly editorial and not fundamentally archiectural.

Third given the unique issues of nation state plenary authority in the E.164 namespace it is not necessary nor is it proper to define the underlying Certificate Management construct or how either the public or private keys need to be distributed. There is no way the North Americian Telecom industry is going to permit the kind of shenanigans we have seen in the general WEB PKI space. As far as telephone numbers go, for the time being we know how that delegation model works and what the industry agrees to _may_ generally match that model.  I dbout DNS/DANE will ever be considered, but in any event it will not be decided here. 

https://datatracker.ietf.org/doc/draft-iab-web-pki-problems/

Dave you are absolutely correct in several assertions. “Telephone spam is a serious, urgent, global problem, and has been for
some years.” “The technical aspects of global telephony probably preclude ever achieving a solution that will cover all phone service, everywhere.” 

What I reject is the characterization of the proposed solution as some hybrid Medusa that needs to be decapitated by the brave Ulysses before it threatens western civilization or 140 Billion dollars of US Telecom revenue. ( Ok that was a bit over the top even by my standards). 

Its August.  We should know more in the upcoming days and weeks as the powers that be gather.  So I’ll leave Jon with the following thoughts as if I were channeling Chairman Wheeler “Examples, Examples, Examples”.  

I submit we have rough consensus and after the next SIPit we may even have running code. 


On 8/14/16, 10:51 AM, "stir on behalf of Dave Crocker" <stir-bounces@ietf.org on behalf of dhc@dcrocker.net> wrote:

    Jon,
    
    On 8/13/2016 12:54 AM, Peterson, Jon wrote:
    > I've only participated in the IETF for half as long as you, but I can say
    > I've never before seen someone decide to burst into a working group at the
    > last minute, dump 150+ objections on a document that is in last call into
    > a single mail, tap their feet impatiently at the lack of a timely public
    
    You have again indulged in ad hominems, seeking to marginalize my 
    postings, but mostly sounding more like the coarse frustrations of a 
    plaintive child.[*]  Professional discourse really is a much healthier 
    approach to these situations.  I encourage you to experiment with that 
    alternative.
    
    As for my bursting in on the scene:  You are well aware that I was quite 
    active during the formation of this working group, including providing 
    text for the charter, as well has my having extensive related experience 
    to the problem being addressed here.  But even if I had had no prior 
    contact, you sound as if you have never before experienced a diligent, 
    cross-area review or the fine-grained inspection of an IESG member 
    during the final approval process.  How odd.
    
    In any event, you are also aware that at that time the effort was 
    getting started I noted that the working group should focus on 
    authenticating the SIP header, but you folk were insistent that you had 
    to take a multi-pronged approach, in spite of very clear warnings that 
    it would not be viable.  I also noted the need for a clear and concrete 
    understanding of precisely how this work would get used and which 
    entities would have what roles.
    
    So here we are, 3 years later, with a proposal for authenticating the 
    SIP header, exactly as I had recommended.  Better still is that it is 
    quite clear that the group still does not yet have a solid and detailed 
    agreement on the way this technology will get used.
    
    Predictably, you've made a point of developing these specifications 
    without trying to benefit from the 10 years of experience that has been 
    gained in doing /exactly/ the same task for email.
    
    The reviews I've done here are in the same form as I've been doing for 
    years.  And yes, they took an extremely large amount of time to perform, 
    so really, your thanks for my community-minded effort are greatly 
    appreciated.
    
    Sometimes, my reviews uncover basic and extensive problems.  You are not 
    the first to be upset by them.  But, again, welcome to the world of open 
    participation and late-stage cross-review.   Typically, the result of my 
    reviews is significant improvement to the specifications.  Sometimes the 
    authors respond constructively from the start, but not always.  It 
    sometimes requires less emotional heads to rule.
    
    
    > vetting of those issues, and expect this all to lead to some kind of
    > productive result. The authors (well, I at least, and I seem to recall
    > some mail from Chris as well) have been willing to engage with you, just
    > apparently not on the terms you feel you are entitled to. From my
    
    You are trying to confuse 'interact' with 'engage'.  They are quite 
    different.
    
    Your postings on the list have been generic, with platitudes and 
    challenges seeking to make me do more work.  They have not contained 
    significant substance, until yesterday.  So no, you did /not/ engage.
    
    Any foot-tapping of mine you might have heard was not impatience but 
    rather frustration with your aggressive efforts to avoid engaging in 
    public discussion of the reviews' substance.
    
    
    > perspective, it is you who have refused to identify what you believe the
    > substantive issues are, instead hiding behind a claim that there are "many
    > and serious issues" buried deep in a mound of imposing comments. The
    > comments are objectively many, yes. Serious is a matter of opinion.
    
    Jon, when someone puts the kind of very considerable time I've put into 
    reviewing these documents and then posts it publicly, there is no 
    hiding.  Or at least, not by me.
    
    That you sought to impose an artificial burden back on me, as a way of 
    limiting your public engagement with the details of the reviews, is your 
    problem, not mine.
    
    
    d/
    
    
    
    [*] For reference, I filed a private complaint with the Chairs and AD, 
    after Jon's second ad hominem posting in this sequence, but Robert chose 
    merely to send a pro forma "let's do better" to both of us.  I noted to 
    him it would not alter Jon's behavior, as indeed we now see it did not.
    
    
    -- 
    
       Dave Crocker
       Brandenburg InternetWorking
       bbiw.net
    
    _______________________________________________
    stir mailing list
    stir@ietf.org
    https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email