[stir] Can canonical phone numbers survive SBCs and other middle boxes?
"Rosen, Brian" <Brian.Rosen@neustar.biz> Fri, 07 June 2013 17:20 UTC
Return-Path: <brian.rosen@neustar.biz>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBCE621F994D for <stir@ietfa.amsl.com>; Fri, 7 Jun 2013 10:20:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.045
X-Spam-Level:
X-Spam-Status: No, score=-6.045 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5JAL5K36njN3 for <stir@ietfa.amsl.com>; Fri, 7 Jun 2013 10:20:31 -0700 (PDT)
Received: from neustar.com (keys.neustar.biz [156.154.17.104]) by ietfa.amsl.com (Postfix) with ESMTP id 0A6A121F8EC3 for <stir@ietf.org>; Fri, 7 Jun 2013 10:20:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neustar.biz; s=neustarbiz; t=1370625810; x=1685984552; q=dns/txt; h=From:Subject:Date:Message-ID:Content-Language: Content-Type; bh=DNba1ObznpSIyH2WOOL66mf+rqeLXP+9/7JMzEcuxsE=; b=hRKVgo19anU7nAcsZ3k56L563a9cmDstC5NQMEXgHKLXXQht8Js+8GkViYoLQ5 o8b5KNT+BIrQpek2A4dc/hUw==
Received: from ([10.31.13.242]) by stihiron2.va.neustar.com with ESMTP with TLS id J041124103.24777887; Fri, 07 Jun 2013 13:23:28 -0400
Received: from STNTEXCHCASHT05.cis.neustar.com (10.31.15.157) by STNTEXCHHT03.cis.neustar.com (10.31.13.242) with Microsoft SMTP Server (TLS) id 8.3.279.1; Fri, 7 Jun 2013 13:20:26 -0400
Received: from stntexmb12.cis.neustar.com ([169.254.2.76]) by STNTEXCHCASHT05.cis.neustar.com ([::1]) with mapi id 14.02.0247.003; Fri, 7 Jun 2013 13:20:25 -0400
From: "Rosen, Brian" <Brian.Rosen@neustar.biz>
To: "stir@ietf.org" <stir@ietf.org>
Thread-Topic: Can canonical phone numbers survive SBCs and other middle boxes?
Thread-Index: AQHOY6NMqrzJV4FsFkGjktiLvkAqlg==
Date: Fri, 07 Jun 2013 17:20:24 +0000
Message-ID: <9CC39DA7-8610-4284-B51E-5FA7E2A59C0F@neustar.biz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.33.193.6]
x-ems-proccessed: R64IxjzeHPwwd+efoj3ZcA==
x-ems-stamp: sfTYloxh84kVl1fuu5uqtQ==
Content-Type: multipart/alternative; boundary="_000_9CC39DA786104284B51E5FA7E2A59C0Fneustarbiz_"
MIME-Version: 1.0
Subject: [stir] Can canonical phone numbers survive SBCs and other middle boxes?
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jun 2013 17:20:36 -0000
The fundamental idea that we have here is that you sign a set of information with a credential, and you pass the signature and a pointer to the credential in SIP signaling. We have some disagreements about what is signed. Henning has proposed that we canonicalize the From and To phone numbers, we include a timestamp and some form of call-id, possibly the INSIPID id. There are assertions that you can't use From/To, because middle boxes change them. Some have suggested using P-A-I and other headers instead. Hadriel wrote a draft about why From and To get modified: http://tools.ietf.org/id/draft-kaplan-sip-uris-change-00.txt After reading it, I am unclear if a canonicalized e.164 would make it through. The reasons given seem to indicate they would. They change domains, they change prefixes, but they don't seem to change the actual telephone number. Can we come up with examples where a canonicalized e.164 would NOT pass end to end? Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- [stir] Can canonical phone numbers survive SBCs a… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Bernard Aboba
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Bernard Aboba
- Re: [stir] Can canonical phone numbers survive SB… Stephen Farrell
- Re: [stir] Can canonical phone numbers survive SB… Richard Barnes
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Stephen Farrell
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Michael Hammer
- Re: [stir] Can canonical phone numbers survive SB… Brian Rosen
- Re: [stir] Can canonical phone numbers survive SB… philippe.fouquart
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… philippe.fouquart
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… philippe.fouquart
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dwight, Timothy M (Tim)
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… philippe.fouquart
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dwight, Timothy M (Tim)
- Re: [stir] Can canonical phone numbers survive SB… Richard Barnes
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dan York
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- [stir] DKIM-like key mgmt approach (was: Re: Can … Stephen Farrell
- [stir] selector naming (was - Re: DKIM-like key m… Dave Crocker
- Re: [stir] DKIM-like key mgmt approach (was: Re: … Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] DKIM-like key mgmt approach Paul Kyzivat
- Re: [stir] DKIM-like key mgmt approach Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- [stir] Alternative wording for "legitimate spoofi… Dan York
- Re: [stir] selector naming (was - Re: DKIM-like k… Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Dan York
- [stir] Feeble diagram (was - Re: DKIM-like key mg… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach (was: Re: … Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Dan York
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] DKIM-like key mgmt approach (was: Re: … Richard Shockey
- [stir] clarity (was: Re: DKIM-like key mgmt appro… Stephen Farrell
- Re: [stir] clarity (was: Re: DKIM-like key mgmt a… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] DKIM-like key mgmt approach Michael Hammer
- Re: [stir] Can canonical phone numbers survive SB… Hutton, Andrew
- Re: [stir] Can canonical phone numbers survive SB… Hutton, Andrew
- Re: [stir] clarity Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] Alternative wording for "legitimate sp… Henning Schulzrinne
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Dave Crocker
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] Can canonical phone numbers survive SB… Hutton, Andrew
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] clarity (was: Re: DKIM-like key mgmt a… Richard Shockey
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Dave Crocker
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Henning Schulzrinne
- Re: [stir] DKIM-like key mgmt approach Henning Schulzrinne
- Re: [stir] DKIM-like key mgmt approach Dave Crocker
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Brian Rosen
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach - MITM Henning Schulzrinne
- Re: [stir] DKIM-like key mgmt approach - MITM Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach - MITM Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach PFAUTZ, PENN L
- Re: [stir] DKIM-like key mgmt approach - MITM Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach - MITM Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach - MITM Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Paul Kyzivat
- Re: [stir] DKIM-like key mgmt approach Peterson, Jon
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Richard Shockey