Re: [stir] WGLC: draft-ietf-stir-messaging-02
Christer Holmberg <christer.holmberg@ericsson.com> Thu, 14 July 2022 11:18 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C468CC159482; Thu, 14 Jul 2022 04:18:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.689
X-Spam-Level:
X-Spam-Status: No, score=-2.689 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1nrpAlKot94m; Thu, 14 Jul 2022 04:18:54 -0700 (PDT)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150051.outbound.protection.outlook.com [40.107.15.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B5B3C157B51; Thu, 14 Jul 2022 04:18:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n2HRUOH0zKdF+2cSD+8z3FQUWgxdtfHdQjp27wopeqqvmSiMzZybKs3xrhM1+jq2eDjt0v1Mvne+iXWZaTEOREPApmGGAPbnvtjxr4jOwYEQ8FNSZSvFSD5QiM25Q4VHZQ2pWKish/UXZSLxmvQmkYGLDq8XURzvm2hIPwT1JB9iB3S1+bfF5ZaH6ymlC4ZNxx0VekiN7VfWjA4KV84ihBtgZh3bFajx7td/dgH+iH25bAJr654n4Us0VSNZxHZg14xWHrWPqy1Ic5xhgMjsZZci+m3o0NwcaNI2tn9VfZDej3FVoCfRoiIxYCa/qFrDRbmgF51dB8nKKLDWu8WKWg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=P7ipBeojy+Id7fZjJss6p9NVCYUZbSXImsERqR/cHmU=; b=UWQbcBZuVgjuKeWl9cmYBhelXh1A0/3xRlLAE7uf+NTsfyyGpEd8FqQOZ5BDkXFKUMr27xny16gZ7jD2vIdFvXL+whXhLJPwnWCG7Vs7/NQpISbjjNJQjCDQvfaEfB9n8g+U2w4uKsG6pIHC+n3eWNqP1mtXjgRWKcnUToKuXHVCcjbc4sL5f7Tu6FDi0SXfH5xNuOnn9dB37vmtwevMRq3UmhaRZDNo9QyjuTFjn5ta2uroQXRoby066G7KdzqSuRZSae7EArmhxtz3Ph0MiXqLl6Tdadf4q87oBB+OrZVeXIumi92n/2CDQz0AGSu/jW7KN1/3ICoOLGcAjmOgLQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P7ipBeojy+Id7fZjJss6p9NVCYUZbSXImsERqR/cHmU=; b=G/4TWv7pY5Firum67N6P6yi+ZioHtG1p5NRbLLDSVPQY1rTVJcRSyU3hTkrfYCOuoAILOwxusSeQdSgm2TxWxnAy5FJSXB+zxBB57h2an7tNq4TliuXxX+bm94brHKR4koQ1nZKa9KjQWa46i3X5q2BqH71DQS+Fl0F/p1q/zQo=
Received: from HE1PR07MB4441.eurprd07.prod.outlook.com (2603:10a6:7:9f::27) by HE1PR07MB4444.eurprd07.prod.outlook.com (2603:10a6:7:a0::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5417.12; Thu, 14 Jul 2022 11:18:50 +0000
Received: from HE1PR07MB4441.eurprd07.prod.outlook.com ([fe80::d020:2d2a:6208:6d0a]) by HE1PR07MB4441.eurprd07.prod.outlook.com ([fe80::d020:2d2a:6208:6d0a%3]) with mapi id 15.20.5458.007; Thu, 14 Jul 2022 11:18:50 +0000
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: "Peterson, Jon" <jon.peterson=40team.neustar@dmarc.ietf.org>, IETF STIR Mail List <stir@ietf.org>, "stir-chairs@ietf.org" <stir-chairs@ietf.org>
Thread-Topic: [stir] WGLC: draft-ietf-stir-messaging-02
Thread-Index: AQHYWDaVWdURSqUjnUW374XNAYPJ0K0QfYyAgAgQ+wCAABypgIAJVp7ggFeZawCABJLRMA==
Date: Thu, 14 Jul 2022 11:18:50 +0000
Message-ID: <HE1PR07MB44416325584B6EDCB553714893889@HE1PR07MB4441.eurprd07.prod.outlook.com>
References: <24A7B631-43DD-4C49-B69C-90AE098164B6@nostrum.com> <93600224-38FA-4701-8004-34E0C7E39D2F@nostrum.com> <DFD2AC39-DE91-47A8-9E95-BF4295B4C9DB@nostrum.com> <CAHBDyN6KFVUjYec4M=Y6_dd16pTOn9JvXb_fsA1DGyo9+FtJEA@mail.gmail.com> <HE1PR07MB444184677D23B4B3CD90595293CF9@HE1PR07MB4441.eurprd07.prod.outlook.com> <D46EC83E-6B1A-44BE-B106-F74745CDD3D9@team.neustar>
In-Reply-To: <D46EC83E-6B1A-44BE-B106-F74745CDD3D9@team.neustar>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7b47bacd-15e0-43d5-4c43-08da658aa0b1
x-ms-traffictypediagnostic: HE1PR07MB4444:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: chqWrcMJWtG2qVUrMWbHFb8bA6p5RX/kZB0L7eNwGasuz0Pl4x3V8HTeCYdJgq0Iheg+QpkzKlfVhBkrq/7RWomtTmOzmpC26RCcQf6sgDl92SAq2uYAFWcJ4sudZfph0b7/Vs9CC4xlb7QWyGBbaIj78zO3HZF0FRiw4YCbnyghzPZSxma9ME8+5uZ26B9p3AUqxyeDcH1xGEqy5EMfJvdEMz6iCeNGntuXi2JV9B59wTLgmXTbS2NpW/F8CwVoz6mu4t0gluDvmliJYmWXqih2G3sCzrEQ8A5CnuNpawkx5d3DqFVdkLlhms2lr7dkxk87k+Bp9z5ka2WHHc7lNTDNbAWIAsKCcysrhRXZ6eZ37n6EWqH5VVywdBNDIdhcXaHvBmHIYvkhRmw9aBDrwzWzUcGdrg1naArrT7v2L7QXHRqTVa+Nh4JqJPL51BFIAvz0V/La8l0G/qnTvMEjKGJqSWTH/y7XUehRLJI5WL1xdx9jQAdsvXH4c2coPew+pmYVQqXnQbx4Xr+aVnetVvHPGyUOOusJv0UWjrsL21mUa9mKNkVAvyyqNWpPCtELSMFY+LxuDuUWdgKSYJEX4vafqMj+WLbkv91oSsg3DZemKUNkssX5Q9684oMHjFKstwhUxiNI9GZZy8yNg3S9RJRW8Cth4xnKw59JUgwx5xAC5CaBc8Hqe5fRF27wopCqAXrx1SI/dSaXs6Ouk8GeI0Zr0Vgtv6XntvwVS841h8d1O/h5F2VWB7uSDPh4Y6/PY/o4oPJJcfI5QLTMhuCgA8lqb8lrIHT5QrTyVWOYLZHFf7yaIVh3Gdi2mxEcMGRY
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB4441.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(39860400002)(136003)(346002)(396003)(366004)(66446008)(86362001)(64756008)(41300700001)(66946007)(66476007)(76116006)(66556008)(55016003)(478600001)(8676002)(38100700002)(6506007)(7696005)(71200400001)(9686003)(82960400001)(33656002)(122000001)(38070700005)(26005)(5660300002)(83380400001)(8936002)(52536014)(186003)(316002)(2906002)(110136005)(44832011); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 8FuDh1iYB89ol6xdvAi1pm1S7Kq78d4RtiKGXVNi9vcWZpGDEZy9AMHZbyj4MT0O6C4w8b30Ift4P9N/StxGwzaLWVUKUoQAYr4jTfs5dLoXRLF5NszN4ZQx6bZ2qOgH/tlxrZqLEDGBK5k14zG1hy6sd8nwsK110rcGTQuQJg5piLrqAOp2WulW0JGFlp8o/dYU8DQmDuS2r/aDbBGOg6yZj+dIKKZX6U+gYO1f7k6ymiOkTeHwHUaXBa/9RAwaLdq0RbymZZrUAZk0jz9n/Hnx3egbuEXTuhNBe/zTJGVdpKXInnvigodoMD/bQ5gcceiOC6t7WC0HhrA1wRCYz4eFSRe8nmThNouUWs6FABoCxT94Qlg0QWIk2/xnxLfSaVuKG5vJUg+nVmAnASkvWeCgcYBqVW5PeGRy73gA+McAN+OVjaKPr54bERCsDPyakwYR/v+1l2BTtNfp1/BwPgVMSh8PSduI5tdsfNqk4VfphGmNOxmwseQu1m4abrrZBtaqSgISfWKQ+o4RRV1eKz3UPMCJUXihbx1UiSAZsTHsLNxZx5lq0poCKavleyRlxZehjK9JA7v2oUAp/KzOw4Q3kNTpAPISQNCB/+2Ls+I+rT06Xkxa7iH5WDibjQJhI3V96P12riHa8JmKQRO5hdReqqCf2HuS9pQ4ia0/DPR1zIZ0tfHNxxurQ7oW+ASpif+kIBkMqxv9aURWNYFzg9dt5N/qSJHeSksQ7hVubbCxYJZOnWGJRjsizVBasR57yWqHNApVIxFuJNKHOQ4ePri90WUGlBFF8uXn8q0iznR7wECx27Qtoe2qJIyzk5r150x6Qe+MEcE4PS+RgPhGq26jNgskLynw+ifN10vFWyQCaGNpXDk4YLlQdB6u8OJNlTdBwYJzof8LifZ4VbJ6OgeV3oZ/gMg7W7T5oylU6rxzbZIA3ZDBmIy5yaHP5XgKm4bCulj1eylaCLRyh6UKE3ajbSztM0QAmya1Vutlpcoow9FknfUE/GUOuTEcJatayNOU9nvtO5PBxty6n4A6kgSrEdDO8UUcORfnS55t5SLFz6naVI0u+5EcLc5/1G1WJjasA2JKQNvhO9BTaGDGMByiah4qP0yS2z9He8+CH04xduByXfWxJ88aC9Df6QusJK8LkCqgzP23Nr8gak6oMbnHguXn8NtLPlC5++Z3UTzVE7VUTf3f5tMiD30sDh3Lh7AZpxyaG4jlQ4cgAaQH26H32nkTL4TN8i2PRD5lUNuVf9cL10puW4dWVTVWNvkluw72kSLZMmZw7mzQfnVbzbzEF6/4PzaV2Mij1s8X0Y2t2tuetnRisCcU/Uc8yGchYxlwf/SP1ep2zp1353TZL4hFSIpNNpzCSc68QIV6ONDv9UAZTpSXBFMC/QjekHYVAlbNAlNEhE9wBeI/yE0eu3EObalUzJx42HiNiXG9WsdFQIpNwbRGwz/ZfO1veVWCP/oCerPdDGj9eAACWxx98rZNegJDymxU9kySlwY2Jqcc4sVyN2CVLPSJFljd/nVsCPu65QVamkQME9oxv6tWrofqTXf186xiq0SOzYl519ioPitSgQcPbWA235z6MLuLRehvVyzhEMnoJWBGxvBFaA==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB4441.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7b47bacd-15e0-43d5-4c43-08da658aa0b1
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jul 2022 11:18:50.1587 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Ila/TPFz2QTMnCSOQmk3/d0HkwSrhctOOAw0BaE86Fw7Ai7Nb2aV9nFJM42xWExE6jGxNdZcFVBqt1cOb+Y4kj1CfcKqzo4CpFG8hm+KH+I=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4444
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/P0i4AnTWIrNKe-4-0FMa5z-T2EY>
Subject: Re: [stir] WGLC: draft-ietf-stir-messaging-02
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jul 2022 11:18:58 -0000
Hi Jon,
Please see inline.
---
Q1:
>> General:
>>
>> Some times the document talks about "telephone calls", and sometimes about "SIP calls".
>>
>> RFC 8224 is about SIP, and the messaging mechanisms mentioned in the draft are SIP-based, so why do we need to talk about something else?
>
> STIR is not SIP-specific, as all of the discussion about out-of-band has demonstrated. STIR has potential applicability to non-SIP messaging as well as SIP messaging.
> That much said, since STIR implementation has historically been built on top of SIP, that's a focus here - just not an exclusive focus.
I think the document would be easier to read, and implement, if it was exclusively focused on SIP.
Then, IF someone wants to define usage for a non-SIP mechanism, that can be done in a separate draft. After all, you would probably anyway need further specifications if you wanted to standardize for a non-SIP mechanism.
---
Q2:
>> Section 3 says:
>>
>> "first, a PASSporT could be used to securely negotiate a session over which messages will be exchanged;"
>>
>> How do you use a PASSporT to securely negotiate a session?
>>
>> I assume that what you want to say is that, for session-based messaging, a PASSporT can be used to attest the identity of the caller.
>
> As SIPBRANDY (RFC 862) demonstrates, and the existence of "mky" in RFC8225 long foretold, a PASSporT can be used for purposes beyond attesting the identity of the caller, and as a
> bootstrap for exchanging secure media keys during session negotiation. I don't feel this language mischaracterizes that.
Then I suggest that you add a reference to RFC 8862, because as far as I remember there is no text about securing a session in "core" STIR.
---
Q3:
>> Section 3.1 says:
>>
>> "For the first case, where SIP negotiates a session where the media will be text messages,"
>>
>> What is "text message" in the context of SIP? I don't consider MSRP a "text message".
>>
>> I assume that you want to talk about cases where a SIP session is established, and within that session media is then sent in some form of messages.
>
> I'm not sure I see a very meaningful distinction here, but I do agree that MSRP (as RFC4975) defines "a 'message' as a complete unit of MIIME or text content", so we should tweak the text here to be clearer about that.
I suggest saying something like "where SIP negotiates a session to exchange text-based media".
I did see that version -03 now says "text messages or MIME content" which I think is even more confusing, as a text message can be MIME content :)
---
Q4:
>> I suggest to scope section 3.1 to MSRP, section 3.2 to SIP MESSAGE, and say that other SIP-based messaging mechanisms are outside the scope of the document.
>>
>> Because, most of the text is about MSRP and SIP MESSAGE, and trying to make the sections generic only makes the text more confusing, in my opinion.
>>
>> Yes, section 3.2.1 talks about some other mechanisms, but we do we need to cover those in a SIP-based framework?
>
> STIR is not a SIP-exclusive framework.
Correct, but again: that does not prevent us from producing specs that focus on SIP.
Then, again: if you want to do STIR for non-SIP and/or non-MSRP/MESSAGE, you will STILL have to specify more detailed text for those mechanisms for doing that. The "generic" text in the current specs won't take you very far :)
---
Q5:
>> Section 3.2 says:
>>
>> ""msgi" MUST NOT appear in PASSporTs with a type other than "msg","
>>
>> I don't think we should use "MUST NOT appear in" language. There is no way to enforce that.
>
> I kind of don’t know how to respond to that, except to say that normative statements in the IETF describe the conditions under which interoperability between implementations can be tested, and indeed, a protocol conformance
> test could determine an implementation is non-compliant if it generated a non-"msg" PASSporT with "msgi" in it.
We should define what information sending entities MUST/MUST NOT insert in a message, and what information in a message receivers need to process. Other information can by default be discarded.
If we want to say "MUST NOT appear" then we should also say what problems it will cause.
---
Q6:
>> Section 3.2 says:
>>
>> "A "msgi" message digest is computed over the entire MIME body of a
>> SIP message, which per [RFC3428] may any sort of MIME body, including
>> a multipart body in some cases"
>>
> In case of a multipart body, does "entire MIME body" include the delimiters etc?
>
> Yes.
>>
>> What does "in some cases" mean? Isn't the digest always computed over the entire MIME body?
>
> Well, the sentence there does need some repair: it should be "per [RFC3428] may be any sort of MIME body". But with that fix, what it means that in some
> cases a MIME body can be multipart. The final clause of that sentence modifies the object of the previous clause.
Ok, I noted that you have clarified that in version -03, and it looks fine.
---
Q7:
>> Section 3.2 defines a new PASSporT type and a new claim, but that is not mentioned in the Abstract or Introduction. The A&I only talks about "considering" and "exploring" the usage of STIR for messaging.
>
> I can add that to the Intro, sure.
Thanks!
---
Q8:
>> Section 4 says:
>>
>> "As the "orig" and "dest" field of PASSporTs may contain URIs
>> containing SIP URIs without telephone numbers, the STIR for messaging
>> mechanism contained in this specification is not inherently
>> restricted to the use of telephone numbers. This specification
>> offers no guidance on certification authorities who are appropriate
>> to sign for non-telephone number "orig" values."
>>
>> How is this specific to messaging?
>
> This text is just stating that this (often overlooked) general point in RFC8224 applies here to messaging as well.
Ok.
---
Regards,
Christer
_______________________________________________
stir mailing list
stir@ietf.org
- [stir] WGLC: draft-ietf-stir-messaging-02 Ben Campbell
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Ben Campbell
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Ben Campbell
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Mary Barnes
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Jack Rickard
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Christer Holmberg
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Peterson, Jon
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Ben Campbell
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Brian Rosen
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Christer Holmberg
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Christer Holmberg
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Ben Campbell
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Christer Holmberg
- Re: [stir] WGLC: draft-ietf-stir-messaging-02 Peterson, Jon