[stir] Comments on draft-peterson-passport-divert-01

Robert Sparks <rjsparks@nostrum.com> Fri, 16 June 2017 14:47 UTC

Return-Path: <rjsparks@nostrum.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id E6F1913184E for <stir@ietfa.amsl.com>; Fri, 16 Jun 2017 07:47:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.881
X-Spam-Status: No, score=-1.881 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id THM1ncczDREM for <stir@ietfa.amsl.com>; Fri, 16 Jun 2017 07:47:33 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CD80131928 for <stir@ietf.org>; Fri, 16 Jun 2017 07:42:25 -0700 (PDT)
Received: from unescapeable.local ([]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id v5GEgOxQ042495 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <stir@ietf.org>; Fri, 16 Jun 2017 09:42:24 -0500 (CDT) (envelope-from rjsparks@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host [] claimed to be unescapeable.local
To: stir@ietf.org
From: Robert Sparks <rjsparks@nostrum.com>
Message-ID: <a0c6a481-d948-0706-e7bf-435eca7798e9@nostrum.com>
Date: Fri, 16 Jun 2017 09:42:24 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/tAhE7jD6OWTlGHO-MLQavpODm1s>
Subject: [stir] Comments on draft-peterson-passport-divert-01
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jun 2017 14:47:36 -0000

Are Identity Header field values ordered? (I don't think so - I think 
they form
an unordered set, and if some intermediary reordered them it wouldn't change
what they mean). I ask because this draft talks about "earlier PASSport"s. I
suggest that langauge be changed to say a "different PASSport" and where
applicable "already in the message".

(Aside: I wonder if we created unnecessary complexity by not allowing the
passports to appear comma separated on a single Identity: line so it 
could be
handled like a generic header field.)

The first paragraph of 4.1 could be misread to say you are replacing an
Identity header field value rather than adding a new one. You could 
avoid that
by saying "The resulting compact form Identity header field value to add 
to the
message" or better, expand the example to show before and after.

In the second paragraph of 4.2, I think it would be good to point back to
4474bis for what to do when there are invalid Identity header field values.

The Security Considerations section says "the only consequence will be that
downstream entities will have less confidence that the PASSport was mean 
to be
associated with this call". I don't think that's quite right. If the call is
retargetted and no PASSport is created for the retargetting, the 
recipient must
treat the original PASSport as invalid and thus must ignore it.


Abstract: "originally destination"

Introduction : "numebr"

Section 3: 3rd paragraph. The second sentence (starting 'The "orig" 
value MUST
be copied' is very complex - can it be separated into several sentences?

The document needs to use "header field" and "header field value" a lot of
places it currently uses "header"