IETF Logo Mail Archive

Re: [stir] [IANA #1240945] Expert review for draft-ietf-stir-passport-rcd (JWT)

Ben Campbell <ben@nostrum.com> Thu, 13 July 2023 00:41 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAF1CC1526ED for <stir@ietfa.amsl.com>; Wed, 12 Jul 2023 17:41:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.665
X-Spam-Level:
X-Spam-Status: No, score=-0.665 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, GB_AFFORDABLE=1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, T_FILL_THIS_FORM_SHORT=0.01, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lSJ3EqeGWLd2 for <stir@ietfa.amsl.com>; Wed, 12 Jul 2023 17:41:18 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 178ABC151091 for <stir@ietf.org>; Wed, 12 Jul 2023 17:41:18 -0700 (PDT)
Received: from smtpclient.apple (mta-70-120-133-87.satx.rr.com [70.120.133.87] (may be forged)) (authenticated bits=0) by nostrum.com (8.17.2/8.17.1) with ESMTPSA id 36D0fFY3064872 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 12 Jul 2023 19:41:16 -0500 (CDT) (envelope-from ben@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1689208877; bh=B+r7Ts2h3mKwPwZ7RRT+Hb9MRjuozPNaiXIORVXmhWQ=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=teDF9gBuwMdmlLL281Ul4GwqSwtpGm0s3KXacpySt/MaDEW/vlDMlmVB7T7nLrLc+ UzTrYL8/e2qEGHje1kUAvrKja2l8AHVRxETrTyg0zZQOa4iSSK8Pb0H8NeK2qKTs+1 qEF06ysaKyVR9/S9gRBSW+VCUH/tanQMBSvGHZXA=
X-Authentication-Warning: raven.nostrum.com: Host mta-70-120-133-87.satx.rr.com [70.120.133.87] (may be forged) claimed to be smtpclient.apple
From: Ben Campbell <ben@nostrum.com>
Message-Id: <5F844C71-FDDC-43A5-A84C-30C832618553@nostrum.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_AED5C9F6-9EBA-46AA-B67F-B73180B4E918"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
Date: Wed, 12 Jul 2023 19:41:00 -0500
In-Reply-To: <BN8PR13MB285179ECEF780BBC67D4225CE136A@BN8PR13MB2851.namprd13.prod.outlook.com>
Cc: Richard Shockey <richard@shockey.us>, "stir@ietf.org" <stir@ietf.org>
To: Pierce Gorman <Pierce.Gorman@numeracle.com>
References: <RT-Ticket-1240945@icann.org> <rt-4.4.3-10934-1665523810-1388.1240945-9-0@icann.org> <rt-4.4.3-9442-1665524279-1482.1240945-9-0@icann.org> <SJ0PR00MB1317A60A0856C937B0A8D967F5239@SJ0PR00MB1317.namprd00.prod.outlook.com> <031ADA60-B16A-496B-97CB-06F8BF6B3634@ve7jtb.com> <rt-4.4.3-4482-1665609191-834.1240945-9-0@icann.org> <rt-4.4.3-24921-1669677772-1439.1240945-9-0@icann.org> <SJ0PR00MB13196A037E6F53CA353424F2F5159@SJ0PR00MB1319.namprd00.prod.outlook.com> <rt-5.0.3-729078-1689123902-1006.1240945-37-0@icann.org> <CA+k3eCS=y6hxA+THzKtwWsMgwaBaPVsh26mHXZZfSrKZtPXppA@mail.gmail.com> <E1727E1E-F31F-4B8A-873F-AD72DB31800B@shockey.us> <BN8PR13MB285179ECEF780BBC67D4225CE136A@BN8PR13MB2851.namprd13.prod.outlook.com>
X-Mailer: Apple Mail (2.3731.600.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/yWmbjyw3jGcvHktQUeHSYY7P73o>
Subject: Re: [stir] [IANA #1240945] Expert review for draft-ietf-stir-passport-rcd (JWT)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jul 2023 00:41:23 -0000

Hi,

This is a perfectly good conversation for the STIR list, but we probably don’t want to bother IANA and the various expert reviewers with it. I’ve trimmed the distribution list. Please continue with this list.

Thanks!

Ben.

> On Jul 12, 2023, at 5:46 PM, Pierce Gorman <Pierce.Gorman@numeracle.com> wrote:
> 
> It’s like the Affordable Care Act; "We have to pass the bill so that you can find out what is in it…".  😉
>  
> I’m not asking for any changes but would appreciate some assistance understanding a couple of things around “iss”.
>  
> Section 10 covers “Third-Party Uses”.  The last paragraph is pasted below.
>  
> While in the traditional telephone network, the business relationship
> between calling customers and their telephone service providers is
> the ultimate root of information about a calling party's name, some
> other forms of data like crowdsourced reputation scores might derive
> from third parties. When those elements are present, they MUST be in
> a third-party "rcd" PASSporT using "iss" claim described in the next
> section.
>  
> I’m going to use a phrase from the 1st sentence in the paragraph to paraphrase the last sentence.
>  
> When those elements other forms of data like crowdsourced reputation scores are present, they MUST be in
> a third-party "rcd" PASSporT using "iss" claim described in the next
> section.
>  
> I feel confident I did not interpret the intent correctly.
>  
> Questions about Section 10:
>  
> In trying to understand the intent, is it OK to mentally replace the phrase “those elements” with the phrase “other forms of data like crowdsourced reputation scores”?  Surely not.
>  
> If “those elements” did not refer to “other forms of data like crowdsourced reputation scores”, what are the “elements” that may be present?
>  
> If for example an element was a “crowdsourced reputation score”, how should that be represented?
>  
> Are the elements supposed to be in the “iss” claim, or in an a third-party “rcd” PASSporT with an “iss” claim?
>  
> Section 10.1:
>  
> Midway through the 1st paragraph of Section 10.1, the following is stated:
>  
> “…the value of "iss" however MUST reflect the Subject of the certificate used to sign a third-party PASSporT. ”
>  
> I’m not sure what the definition of “reflect” is in this context.
>  
> Below is an example of a Subject of a real certificate used to sign a SHAKEN PASSporT:
>  
>         Subject: C=US, O=ATT, OU=SHAKEN, CN=SHAKEN 4036
>  
> Taken literally I suppose a reflection should be:
>  

>  
> Joking aside, a Subject is to be populated with a Distinguished Name (DN) and per RFC 5280:
>  
> Implementations of this specification MUST
>    be prepared to receive the following standard attribute types in
>    issuer and subject (Section 4.1.2.6 <https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6>) names:
>  
>       * country,
>       * organization,
>       * organizational unit,
>       * distinguished name qualifier,
>       * state or province name,
>       * common name (e.g., "Susan Housley"), and
>       * serial number.
>  
>    In addition, implementations of this specification SHOULD be prepared
>    to receive the following standard attribute types in issuer and
>    subject names:
>  
>       * locality,
>       * title,
>       * surname,
>       * given name,
>       * initials,
>       * pseudonym, and
>       * generation qualifier (e.g., "Jr.", "3rd", or "IV").
>  
> Also per Section 10.1 of the RCD I-D:
>  
> An example of a Third Party issued PASSporT claims object is as follows.
> {  "orig":{"tn":"12025551000"},
>    "dest":{"tn":["12025551001"]},
>    "iat":1443208345,
>    "iss":"Zorin Industries",
>    "rcd":{"nam":"James St. John Smythe"} }
>  
> If I had to guess, “Zorin Industries” would be the value of the “O=” (Organization) field of a certificate Subject DN.
>  
> In the Subject example of the real SHAKEN certificate, however, there are multiple fields, not just the Organization.  How MUST those multiple fields be “reflected”?
>  
> Best regards,
>  
> Pierce
>  
> From: stir <stir-bounces@ietf.org <mailto:stir-bounces@ietf.org>> On Behalf Of Richard Shockey
> Sent: Wednesday, July 12, 2023 11:33 AM
> To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org <mailto:bcampbell=40pingidentity.com@dmarc.ietf.org>>; drafts-expert-review@iana.org <mailto:drafts-expert-review@iana.org>; Michael Jones <michael_b_jones@hotmail.com <mailto:michael_b_jones@hotmail.com>>
> Cc: Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com>; ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>; stir@ietf.org <mailto:stir@ietf.org>; jwt-reg-review@ietf.org <mailto:jwt-reg-review@ietf.org>
> Subject: Re: [stir] [IANA #1240945] Expert review for draft-ietf-stir-passport-rcd (JWT)
>  
>  
> +1 .
>  
> Can we just get on with this?
>  
>  
> Richard Shockey
> Shockey Consulting LLC
> Chairman of the Board SIP Forum
> www.shockey.us <http://www.shockey.us/>
> www.sipforum.org <http://www.sipforum.org/>
> Save the date: Sept 12-14  www.sipnoc.org <http://www.sipnoc.org/>  (2023)
> richard<at>shockey.us <http://shockey.us/>
> Skype-Linkedin-Facebook –Twitter  rshockey101
> PSTN +1 703-593-2683
>  
>  
> From: stir <stir-bounces@ietf.org <mailto:stir-bounces@ietf.org>> on behalf of Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org <mailto:bcampbell=40pingidentity.com@dmarc.ietf.org>>
> Date: Wednesday, July 12, 2023 at 11:27 AM
> To: <drafts-expert-review@iana.org <mailto:drafts-expert-review@iana.org>>, Michael Jones <michael_b_jones@hotmail.com <mailto:michael_b_jones@hotmail.com>>
> Cc: <Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com>>, <ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>>, <stir@ietf.org <mailto:stir@ietf.org>>, <jwt-reg-review@ietf.org <mailto:jwt-reg-review@ietf.org>>
> Subject: Re: [stir] [IANA #1240945] Expert review for draft-ietf-stir-passport-rcd (JWT)
>  
> FYI Mike is now at michael_b_jones@hotmail.com <mailto:michael_b_jones@hotmail.com> (cc'd) 
>  
> I looked at the -23/-26 diff and don't think another review is needed.
>  
> On Tue, Jul 11, 2023 at 7:05 PM Amanda Baber via RT <drafts-expert-review@iana.org <mailto:drafts-expert-review@iana.org>> wrote:
> Hi Brian, John, and Mike (cc: stir),
> 
> Version -26 of this document was just approved for publication. It looks like you reviewed version -23 seven months ago:
> 
> https://datatracker.ietf.org/doc/html/draft-ietf-stir-passport-rcd
> 
> Does this need another review? We'll hold off on making the assignments until we hear back (one response is fine).
> 
> thanks,
> Amanda
> 
> On Wed Nov 30 20:30:48 2022, Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com> wrote:
> > These registrations appear to be fine.
> > 
> > -- Mike
> > 
> > -----Original Message-----
> >  From: Amanda Baber via RT <drafts-expert-review-comment@iana.org <mailto:drafts-expert-review-comment@iana.org>>
> > Sent: Monday, November 28, 2022 3:23 PM
> > Cc: ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>; stir@ietf.org <mailto:stir@ietf.org>; Mike Jones
> > <Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com>>; chuck.mortimore@visa.com <mailto:chuck.mortimore@visa.com>;
> > bcampbell@pingidentity.com <mailto:bcampbell@pingidentity.com>
> > Subject: [IANA #1240945] Expert review for draft-ietf-stir-passport-
> > rcd (JWT)
> > 
> > Dear John, Brian, Michael, and Chuck (cc: stir WG),
> > 
> > This document is on Thursday's telechat agenda:
> > 
> > https://datatracker.ietf.org/doc/html/draft-ietf-stir-passport-rcd-23
> > 
> > Does the new version (you likely reviewed -22) need another review? If
> > we don't hear from you before Thursday, we'll mark this version of the
> > document "IANA OK."
> > 
> > thanks,
> > 
> > Amanda Baber
> > IANA Operations Manager
> > 
> > On Wed Oct 12 21:13:11 2022, ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com> wrote:
> > > +1
> > >
> > > > On Oct 11, 2022, at 3:08 PM, Mike Jones
> > > > <Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com>>
> > > > wrote:
> > > >
> > > > Please proceed with the registrations.
> > > >
> > > > Thanks,
> > > > -- Mike
> > > >
> > > > From: David Dong via RT <drafts-expert-review-comment@iana.org <mailto:drafts-expert-review-comment@iana.org>>
> > > > Sent: Tuesday, October 11, 2022 2:37:59 PM
> > > >  Cc: stir@ietf.org <mailto:stir@ietf.org> <stir@ietf.org <mailto:stir@ietf.org>>; ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>
> > > >  <ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>>; bcampbell@pingidentity.com <mailto:bcampbell@pingidentity.com>
> > > >  <bcampbell@pingidentity.com <mailto:bcampbell@pingidentity.com>>; Mike Jones
> > > >  <Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com>>; chuck.mortimore@visa.com <mailto:chuck.mortimore@visa.com>
> > > > <chuck.mortimore@visa.com <mailto:chuck.mortimore@visa.com>>
> > > >  Subject: [IANA #1240945] Expert review for draft-ietf-stir-
> > > > passport-
> > > > rcd
> > > >
> > > > Dear John, Brian, Michael, and Chuck (cc: stir WG),
> > > >
> > > > We see that the JWT registrations in draft-ietf-stir-passport-rcd-
> > > > 21
> > > > were discussed and approved on September 15th, 2022 on the mailing
> > > > list at:
> > > >
> > > > https://mailarchive.ietf.org/arch/browse/jwt-reg-review/?q=draft-
> > > >  ietf-stir-passport-rcd
> > > > <https://mailarchive.ietf.org/arch/browse/jwt-
> > > > reg-review/?q=draft-ietf-stir-passport-rcd>
> > > >
> > > > Do these registrations require another review, or are these okay to
> > > > proceed?
> > > >
> > > > The due date is Oct 25 2022.
> > > >
> > > > If this is OK, when the IESG approves the document for publication,
> > > > we'll make the registration at
> > > >
> > > > https://www.iana.org/assignments/jwt/
> > > > <https://www.iana.org/assignments/jwt/>
> > > >
> > > > With thanks,
> > > >
> > > > David Dong
> > > > IANA Services Specialist
> > > >
> > 
> 
> 
> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________ stir mailing list stir@ietf.org <mailto:stir@ietf.org> https://www.ietf.org/mailman/listinfo/stir
> _______________________________________________
> stir mailing list
> stir@ietf.org <mailto:stir@ietf.org>
> https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email