IETF Logo Mail Archive

Re: [stir] Moving from BOF to Charter

Hadriel Kaplan <hadriel.kaplan@oracle.com> Fri, 09 August 2013 14:42 UTC

Return-Path: <hadriel.kaplan@oracle.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDE3321F9962 for <stir@ietfa.amsl.com>; Fri, 9 Aug 2013 07:42:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.53
X-Spam-Level:
X-Spam-Status: No, score=-6.53 tagged_above=-999 required=5 tests=[AWL=0.069, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IdR170JIWuf8 for <stir@ietfa.amsl.com>; Fri, 9 Aug 2013 07:42:44 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 1ED5E21F9994 for <stir@ietf.org>; Fri, 9 Aug 2013 07:42:33 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r79EgWK9020990 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 9 Aug 2013 14:42:32 GMT
Received: from userz7021.oracle.com (userz7021.oracle.com [156.151.31.85]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r79EgVXH025099 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 9 Aug 2013 14:42:32 GMT
Received: from abhmt113.oracle.com (abhmt113.oracle.com [141.146.116.65]) by userz7021.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r79EgVBN008823; Fri, 9 Aug 2013 14:42:31 GMT
Received: from [192.168.1.108] (/66.31.4.117) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 09 Aug 2013 07:42:30 -0700
Content-Type: text/plain; charset="iso-8859-1"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Hadriel Kaplan <hadriel.kaplan@oracle.com>
In-Reply-To: <CABcZeBNpefYC16epGzhBwSBFAxySi2i8uwLQQH45faouwPb4Qg@mail.gmail.com>
Date: Fri, 09 Aug 2013 10:42:29 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <85E501C1-2FDD-4918-910E-D3B5287493F1@oracle.com>
References: <61480B59-61DC-48A1-9D82-336838C22548@vigilsec.com> <27422711-5E4B-4DE4-820A-A9FD395278FD@vigilsec.com> <CB4F45DE-7275-4A0E-AE68-D24CB028C227@vigilsec.com> <5201649F.3050701@bbn.com> <34CCEB09-BD08-485F-924F-45972785F612@vigilsec.com> <alpine.BSF.2.00.1308081219000.6303@hiroshima.bogus.com> <CAOPrzE0fZwgSWsHuOzAw25_mAxQ5XN6d+St1fyL_=4jkTdtGpw@mail.gmail.com> <E8F13724-0BB5-439D-9FA4-4700BAD650DB@vigilsec.com> <CABcZeBNpefYC16epGzhBwSBFAxySi2i8uwLQQH45faouwPb4Qg@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
X-Mailer: Apple Mail (2.1508)
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
Cc: IETF STIR Mail List <stir@ietf.org>
Subject: Re: [stir] Moving from BOF to Charter
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Aug 2013 14:42:50 -0000

SHIP IT.


-hadriel
p.s. I too just sent some grammatical nits to Russ directly, but don't care if they don't get done - just a Type A personality issue.


On Aug 9, 2013, at 10:29 AM, Eric Rescorla <ekr@rtfm.com> wrote:

> This looks basically good to me. Some wordsmithing below.
> 
> -Ekr
> 
> On Fri, Aug 9, 2013 at 7:00 AM, Russ Housley <housley@vigilsec.com> wrote:
> Below is the current charter text.  Is it ready for the IESG?
> 
> Russ
> 
> > Thanks.
> >
> > Is that it?  Is everyone okay with the charter language now?  Russ will post a new complete version just to make sure, but can we send this to the IESG and ask for the work group?
> >
> > Brian
> 
> = = = = = = = =
> 
> Name: Secure Telephone Identity Revisited (stir)
> Area: RAI
> 
> Chairs: TBD
> Area Advisor: Richard Barnes
> 
> Mailing list: stir@ietf.org
> To Subscribe: https://www.ietf.org/mailman/listinfo/stir
> 
> The STIR working group will specify mechanisms for the validation of
> source telephone number for an incoming call.  Since it
> has become fairly easy to present an incorrect source telephone number, a
> growing set of problems have emerged over the last decade.  As with
> email, the claimed source identity of a SIP request is not verified,
> permitting unauthorized use of the source identity as part of deceptive
> and coercive activities, such as robocalling (bulk unsolicited commercial
> communications), vishing (voicemail hacking, and impersonating banks)
> 
> this may need an e.g.,
> 
> and
> swatting (impersonating callers to emergency services to stimulate
> unwarranted large scale law enforcement deployments).  In addition, use
> of an incorrect source telephone number facilitates wire fraud or lead to
> 
> maybe "or can lead to"
>  
> a return call at premium rates.  This working group will define
> mechanisms that verify the authorization of the calling party to use a
> particular telephone number.
> 
> Do the mechanisms verify or "allow verification of..."
> 
>  
> SIP is one of the main VoIP technologies used by parties that want to
> present an incorrect origin, in this context an origin telephone number.
> Several previous efforts have tried to secure the origins of SIP
> communications, including RFC 3325, RFC 4474, and the VIPR working group.
> To date, however, true validation of the source of SIP calls has not seen
> any appreciable deployment.  Several factors contributed to this lack of
> success, including: failure of the problem to be seen as critical at the
> time; lack of any technical means of producing a proof of authority over
> telephone numbers; misalignment of the mechanisms proposed by RFC 4474
> with the complex deployment environment that has emerged for SIP; lack of
> end-to-end SIP session establishment; and inherent operational problems
> with a transitive trust model.  To make deployment of this solution more
> likely, consideration must be given to latency, real-time performance,
> computational overhead, and administrative overhead for the legitimate
> call source and all verifiers.
> 
> As its priority mechanism work item, the working group will specify a SIP
> header-based mechanism to verify the originator of a SIP session is
> authorized to use the claimed source telephone number, where the session
> is established with SIP end to end.  This is called an in-band mechanism.
> The mechanism will use a canonical telephone number representation
> specified by the working group, including any mappings that might be
> needed between the SIP header fields and the canonical telephone number
> representation.  The working group will consider choices for protecting
> identity information and credentials used, but will likely be based on a
> digital signature mechanism that covers a set of information in the SIP
> header fields, and verification will employ a credential that contains
> the public key and is associated with the one or more telephone numbers.
> In order to be authoritative, credentials used with this mechanism will
> be derived from existing telephone number assignment and delegation
> models.  That is, when a telephone number or range of telephone numbers
> is delegated to an entity, relevant credentials will be generated (or
> modified) to reflect such delegation.  The mechanism must allow a
> telephone number holder to further delegate and revoke use of a telephone
> number without compromising the global delegation scheme.
> 
> In addition to its priority mechanism work item, the working group will
> consider session establishment where there are one or more non-SIP hops,
> most likely using an out-of-band mechanism.
> 
> I feel like some words are missing here. Perhaps
> "providing authorization for session establishment...."
> "most likely requiring an out-of-band authorization mechanism"
> 
> 
>  However, the in-band and the
> out-of-band mechanisms should share as much in common as possible,
> especially the credentials.  The in-band mechanism must be sent to the
> IESG for approval and publication prior to the out-of-band mechanism.
> 
> Expansion of the authorization mechanism to identities using the
> user@domain form deferred since the main focus of the working group is to
> develop a solution for telephone numbers.
> 
> The working group will coordinate with the Security Area on credential
> management.
> 
> The working group will coordinate with other working groups in the RAI
> Area regarding signaling through existing deployments.
> 
> Authentication and authorization of identity is closely linked to
> privacy, and these security features sometimes come at the cost of
> privacy.  Anonymous calls are already defined in SIP standards, and this
> working group will not propose changes to these standards.  A called
> party will receive an indication that the source telephone number is
> unavailable in order to provide anonymity.
> 
> Perhaps:
> "In order to support anonymity, the output of the WG will provide a mode
> in which the called party receives an indication..."
> 
> 
>  This working group, to the
> extent feasible, will specify privacy-friendly mechanisms that do not
> reveal any more information to user agents or third parties than a call
> that does not make use of secure telephone identification mechanisms.
> 
> Input to working group discussions shall include:
> 
>   - Private Extensions to the Session Initiation Protocol (SIP)
>     for Asserted Identity within Trusted Networks
>     [RFC 3325]
> 
>   - Enhancements for Authenticated Identity Management in the
>     Session Initiation Protocol (SIP)
>     [RFC 4474]
> 
>   - Secure Call Origin Identification
>     [draft-cooper-iab-secure-origin-00]
> 
>   - Secure Origin Identification: Problem Statement, Requirements,
>     and Roadmap
>     [draft-peterson-secure-origin-ps-00]
> 
>   - Authenticated Identity Management in the Session Initiation
>     Protocol (SIP)
>     [draft-jennings-dispatch-rfc4474bis-00]
> 
> The working group will deliver the following:
> 
>   - A problem statement detailing the deployment environment and
>     situation that motivate work on secure telephone identity
> 
>   - A threat model for the secure telephone identity mechanisms
> 
>   - A privacy analysis of the secure telephone identity mechanisms
> 
>   - A mechanism document describing the SIP end-to-end with telephone
>     number-based identities
> 
>   - A document describing the credentials required to support
>     telephone number identity authentication
> 
>   - A fallback mechanism to allow out-of-band identity establishment
>     during call setup
> 
> Milestones
> 
> Sep 2013   Submit problem statement for Informational
> Nov 2013   Submit threat model for Informational
> Nov 2013   Submit in-band mechanism for Proposed Standard
> Feb 2014   Submit credential specification for Proposed Standard
> Apr 2014   Submit Privacy analysis for Informational
> Jun 2014   Submit out-of-band mechanism for Proposed Standard
> 
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir
> 
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email