Re: [stir] CA Certs (was: Re: Rollout timeframe)
Hadriel Kaplan <hadriel.kaplan@oracle.com> Wed, 17 July 2013 17:22 UTC
Return-Path: <hadriel.kaplan@oracle.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FB0F21F9B07 for <stir@ietfa.amsl.com>; Wed, 17 Jul 2013 10:22:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.482
X-Spam-Level:
X-Spam-Status: No, score=-6.482 tagged_above=-999 required=5 tests=[AWL=0.117, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cnow6xXztDw1 for <stir@ietfa.amsl.com>; Wed, 17 Jul 2013 10:21:55 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id D3A8E21F9C72 for <stir@ietf.org>; Wed, 17 Jul 2013 10:21:55 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r6HHLroT003943 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 17 Jul 2013 17:21:54 GMT
Received: from aserz7021.oracle.com (aserz7021.oracle.com [141.146.126.230]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r6HHLqSY009697 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 17 Jul 2013 17:21:52 GMT
Received: from abhmt120.oracle.com (abhmt120.oracle.com [141.146.116.72]) by aserz7021.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r6HHLq6e027762; Wed, 17 Jul 2013 17:21:52 GMT
Received: from [10.1.21.23] (/10.5.21.23) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 17 Jul 2013 10:21:51 -0700
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Hadriel Kaplan <hadriel.kaplan@oracle.com>
In-Reply-To: <CBD277D8-B273-46FF-8C19-21F6DDEF826E@brianrosen.net>
Date: Wed, 17 Jul 2013 13:21:50 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <84432CF7-A220-46F0-B945-F41F09F7061E@oracle.com>
References: <CE08B40C.6836A%jon.peterson@neustar.biz> <51E371BA.9060009@dcrocker.net> <011601ce818b$7bdd48e0$7397daa0$@shockey.us> <E6A16181E5FD2F46B962315BB05962D01FB88405@fcc.gov> <71E797DB-492C-4731-9888-A3FFBF2BBC5A@oracle.com> <B13DEB6C-26B0-46DC-857D-10F9D9782F0A@brianrosen.net> <EFBA6F31-1242-45D9-A630-3BCB6296E6A7@oracle.com> <29029_1373979285_51E54294_29029_4240_1_B5939C6860701C49AA39C5DA5189448B0B46D9@PEXCVZYM12.corporate.adroot.infra.ftgroup> <00C069FD01E0324C9FFCADF539701DB3BBC17CBA@EX2K10MB1.corp.yaanatech.com> <82BF5645-8B06-4AFF-87E4-7C391D0273B3@brianrosen.net> <00C069FD01E0324C9FFCADF539701DB3BBC17DD5@EX2K10MB1.corp.yaanatech.com> <51E56D2C.2010700@bbn.com> <00C069FD01E0324C9FFCADF539701DB3BBC17F58@EX2K10MB1.corp.yaanatech.com> <51E57813.3070601@bbn.com> <00C069FD01E0324C9FFCADF539701DB3BBC1808B@EX2K10MB1.corp.yaanatech.com> <82C4B977-B099-479B-9FD3-5421788FF1A6@oracle.com> <00C069FD01E0324C9FFCADF539701DB3BBC1827C@EX2K10MB1.corp.yaanatech.com> <971DC811-744! ! ! ! 6-4346-84C1-37738E3AF6C4@oracle.com> <00C069FD01E0324C9FFCADF539701DB3BBC184DD@EX2K10MB1.corp.yaanatech.com> <1134364F-C428-4C98-91D4-6F33D4271299@oracle.com> <00C069FD01E0324C9FFCADF539701DB3BBC18687@EX2K10MB1.corp.yaanatech.com> <7CE281BE-CF34-4E12-992C-D07C838D95CB@oracle.com> <CBD277D8-B273-46FF-8C19-21F6DDEF826E@brianrosen.net>
To: Brian Rosen <br@brianrosen.net>
X-Mailer: Apple Mail (2.1508)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
Cc: "stir@ietf.org List" <stir@ietf.org>
Subject: Re: [stir] CA Certs (was: Re: Rollout timeframe)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2013 17:22:03 -0000
On Jul 17, 2013, at 10:58 AM, Brian Rosen <br@brianrosen.net> wrote: > Small note: > You would have to keep TTLs for at least U.S. zones under a few minutes to allow the 15 minute port. > I'd actually probably set it at a minute or two. I'm not sure if it really matters if the TTL is short, but it doesn't have to be short - at least not with CIDER. The DNS name uses a "key index", which identifies which specific public key was used for signing the call - i.e., a single E.164 can have multiple public keys in DNS. (it's like a DKIM "selector", but an integer instead of string) That key index value is sent in the SIP header. It then becomes part of the generated DNS name used for the lookup. So when a key changes, the DNS full name changes, and there's no cache collision. You have to do something like that no matter what solution we end up with (even HTTP), because the carriers have to be able to change their key whenever they want without affecting in-flight call requests, and give time for the new key to propagate to the local copies carriers might have of the whole DB. Plus it lets two or more agents claim the same phone number, for example the outsourced call-center or medical doctor scenarios. So when a number gets ported, the new carrier uploads a public key into a new/unused key index value, and thus there's no collision when verifiers query for it, and no problem if they have an older key cached locally. The TTL won't affect it. For example, suppose my number is +1-603-555-1000. My carrier has a private key for that, and it had uploaded the public key into the CIDER DB for index "2". When it signs the message, that number "2" gets put into the STIR header info somewhere (draft-kaplan-stir-ikes-out-00 describes where it could be encoded, for SIP/SS7/XMPP). When some verifier receives that message, it sees the "2" and the caller-id of +1-603-555-1000, and creates a DNS query for the name "2._cidkey.0.0.0.1.5.5.5.3.0.6.1.cid.example.org". It gets back a TXT RR with the base64-encoded public key, verifies the message, etc. So suppose I port the number to a new carrier. The porting process happens, and the new carrier now uploads a new public key into the CIDER DB, but will now use/get index "3" or "12" or whatever. It then uses that "3" in its SIP messages. So a verifier will generate a DNS query for name "3._cidkey.0.0.0.1.5.5.5.3.0.6.1.cid.example.org". Thus there's no DNS cache hit to worry about. > Note that you are sure to get a bunch of trawlers looking for TNs that ported recently. That may be a big problem, both for the server and for the idea. It may be a problem, but it's not a problem for the server or the idea. For one thing, CIDER can be deployed in a purely private/controlled manner. That's up to the specific admin of each branch to decide (i.e., each national authority, or national admin, or whatever). There's plenty of evidence of private DNS in use, including in the SIP provider world. But anyway, *any* database-based solution which is deployed as open/unrestricted query access would have that problem. Using HTTP doesn't mean people can't write scripts to generate HTTP queries, and putting certs in HTTP servers certainly doesn't prevent learning when the cert contents change. It's not the protocol that causes the issue... it's how it's administered, deployed, and controlled. -hadriel
- [stir] Draft STIR Charter Russ Housley
- Re: [stir] Draft STIR Charter DOLLY, MARTIN C
- Re: [stir] Draft STIR Charter Stephen Farrell
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter DOLLY, MARTIN C
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Paul Kyzivat
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Peterson, Jon
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Richard Shockey
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Stephen Farrell
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Stephen Farrell
- Re: [stir] Draft STIR Charter Stephen Farrell
- Re: [stir] Draft STIR Charter Henning Schulzrinne
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Dwight, Timothy M (Tim)
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Dwight, Timothy M (Tim)
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Russ Housley
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Russ Housley
- Re: [stir] Draft STIR Charter Henning Schulzrinne
- Re: [stir] Draft STIR Charter Peterson, Jon
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Dwight, Timothy M (Tim)
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Dwight, Timothy M (Tim)
- Re: [stir] Draft STIR Charter Dwight, Timothy M (Tim)
- Re: [stir] Draft STIR Charter Richard Shockey
- Re: [stir] Draft STIR Charter Richard Shockey
- Re: [stir] Draft STIR Charter Baskin, James F (Jim)
- Re: [stir] Draft STIR Charter Richard Shockey
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Richard Shockey
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter DOLLY, MARTIN C
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Hadriel Kaplan
- Re: [stir] Draft STIR Charter Hala Mowafy
- Re: [stir] Draft STIR Charter Stephen Farrell
- Re: [stir] Draft STIR Charter Stephen Farrell
- Re: [stir] Draft STIR Charter Stephen Farrell
- Re: [stir] Draft STIR Charter Henning Schulzrinne
- Re: [stir] Draft STIR Charter philippe.fouquart
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter philippe.fouquart
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Draft STIR Charter philippe.fouquart
- Re: [stir] Draft STIR Charter Dave Crocker
- [stir] Terminolgy (was: RE: Draft STIR Charter) philippe.fouquart
- Re: [stir] Draft STIR Charter Paul Kyzivat
- Re: [stir] Draft STIR Charter hadriel.kaplan@oracle.com
- Re: [stir] Draft STIR Charter Dwight, Timothy M (Tim)
- Re: [stir] Draft STIR Charter Dwight, Timothy M (Tim)
- Re: [stir] Draft STIR Charter Rosen, Brian
- Re: [stir] Terminolgy (was: RE: Draft STIR Charte… Dwight, Timothy M (Tim)
- Re: [stir] Draft STIR Charter hadriel.kaplan@oracle.com
- Re: [stir] Draft STIR Charter hadriel.kaplan@oracle.com
- Re: [stir] Draft STIR Charter Russ Housley
- Re: [stir] Draft STIR Charter Russ Housley
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Russ Housley
- Re: [stir] Draft STIR Charter Hadriel Kaplan
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Stephen Farrell
- Re: [stir] Draft STIR Charter Eric Rescorla
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Peterson, Jon
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter philippe.fouquart
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Hadriel Kaplan
- Re: [stir] Draft STIR Charter Richard Shockey
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Draft STIR Charter Cannon, Matthew
- Re: [stir] Draft STIR Charter Henning Schulzrinne
- Re: [stir] Draft STIR Charter Henning Schulzrinne
- Re: [stir] Draft STIR Charter Brian Rosen
- Re: [stir] Draft STIR Charter Michael Hammer
- [stir] self-signing certificates ( was Re: Draft … Dave Crocker
- Re: [stir] self-signing certificates ( was Re: Dr… Michael Hammer
- Re: [stir] self-signing certificates ( was Re: Dr… Dave Crocker
- Re: [stir] self-signing certificates ( was Re: Dr… Dan York
- [stir] Out-of-bound STIR (was: Re: Draft STIR Cha… Hadriel Kaplan
- Re: [stir] Out-of-bound STIR (was: Re: Draft STIR… Brian Rosen
- Re: [stir] Draft STIR Charter Hadriel Kaplan
- Re: [stir] self-signing certificates ( was Re: Dr… Michael Hammer
- Re: [stir] Draft STIR Charter Brian Rosen
- Re: [stir] Out-of-bound STIR Dave Crocker
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] Draft STIR Charter Peterson, Jon
- Re: [stir] Out-of-bound STIR (was: Re: Draft STIR… Peterson, Jon
- Re: [stir] Draft STIR Charter Hadriel Kaplan
- Re: [stir] Draft STIR Charter philippe.fouquart
- [stir] Rollout timeframe (was: RE: Draft STIR Cha… philippe.fouquart
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Michael Hammer
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Brian Rosen
- Re: [stir] Out-of-bound STIR (was: Re: Draft STIR… Hadriel Kaplan
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Brian Rosen
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Richard Shockey
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Hadriel Kaplan
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… philippe.fouquart
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Hadriel Kaplan
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Brian Rosen
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Brian Rosen
- Re: [stir] Rollout timeframe Dave Crocker
- Re: [stir] Draft STIR Charter Stephen Kent
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Stephen Farrell
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Richard Shockey
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Michael Hammer
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Michael Hammer
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Michael Hammer
- Re: [stir] Rollout timeframe (was: RE: Draft STIR… Hadriel Kaplan
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Michael Hammer
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Brian Rosen
- Re: [stir] Rollout timeframe Michael Hammer
- [stir] Using the NPAC (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Rollout timeframe Brian Rosen
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Using the NPAC (was: Re: Rollout timef… Peterson, Jon
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Using the NPAC (was: Re: Rollout timef… Michael Hammer
- Re: [stir] Using the NPAC (was: Re: Rollout timef… Hadriel Kaplan
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Rollout timeframe Hadriel Kaplan
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Rollout timeframe Hadriel Kaplan
- Re: [stir] Draft STIR Charter Peterson, Jon
- [stir] Replay threat (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Peterson, Jon
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Rollout timeframe Hadriel Kaplan
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Draft STIR Charter Russ Housley
- Re: [stir] Draft STIR Charter Russ Housley
- Re: [stir] Rollout timeframe Henning Schulzrinne
- Re: [stir] Draft STIR Charter Hadriel Kaplan
- Re: [stir] Rollout timeframe Hadriel Kaplan
- Re: [stir] Rollout timeframe Richard Shockey
- Re: [stir] Rollout timeframe Brian Rosen
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Draft STIR Charter Michael Hammer
- [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- [stir] CA certs (was Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA certs (was Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA certs (was Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA certs (was Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Brian Rosen
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] Rollout timeframe Michael Hammer
- Re: [stir] Rollout timeframe Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] Rollout timeframe Brian Rosen
- Re: [stir] Draft STIR Charter Russ Housley
- Re: [stir] Draft STIR Charter Michael Hammer
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Brian Rosen
- Re: [stir] Rollout timeframe Stephen Farrell
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Brian Rosen
- Re: [stir] Rollout timeframe Hadriel Kaplan
- Re: [stir] Rollout timeframe Dave Crocker
- Re: [stir] Rollout timeframe Stephen Farrell
- [stir] The number stats (was: Re: Rollout timefra… Hadriel Kaplan
- Re: [stir] The number stats (was: Re: Rollout tim… Brian Rosen
- Re: [stir] The number stats (was: Re: Rollout tim… Hadriel Kaplan
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] Rollout timeframe Dave Crocker
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Richard Shockey
- Re: [stir] Rollout timeframe Stephen Farrell
- Re: [stir] Rollout timeframe Dave Crocker
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Henning Schulzrinne
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Peterson, Jon
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Henning Schulzrinne
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs Dave Crocker
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Cullen Jennings (fluffy)
- Re: [stir] Out-of-bound STIR (was: Re: Draft STIR… Cullen Jennings (fluffy)
- Re: [stir] Draft STIR Charter - Privacy Cullen Jennings (fluffy)
- Re: [stir] Draft STIR Charter - out of band Cullen Jennings (fluffy)
- Re: [stir] Draft STIR Charter - out of band DOLLY, MARTIN C
- Re: [stir] Draft STIR Charter - Privacy Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Brian Rosen
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] Draft STIR Charter - out of band Hadriel Kaplan
- Re: [stir] Draft STIR Charter Dave Crocker
- Re: [stir] CA Certs Henning Schulzrinne
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Stephen Farrell
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Henning Schulzrinne
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Henning Schulzrinne
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] Draft STIR Charter philippe.fouquart
- Re: [stir] Draft STIR Charter philippe.fouquart
- Re: [stir] CA Certs Dave Crocker
- Re: [stir] CA Certs Dan York
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] Draft STIR Charter - out of band Richard Shockey
- Re: [stir] Rollout timeframe philippe.fouquart
- Re: [stir] CA Certs Peterson, Jon
- Re: [stir] Draft STIR Charter - out of band Peterson, Jon
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs Henning Schulzrinne
- Re: [stir] Draft STIR Charter - out of band Cullen Jennings (fluffy)
- Re: [stir] CA Certs Richard Shockey
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs Hadriel Kaplan
- Re: [stir] CA Certs Dave Crocker
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Dave Crocker
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] Rollout timeframe Stephen Kent
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Dan York
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Richard Shockey
- Re: [stir] Draft STIR Charter - out of band Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Stephen Farrell
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Peterson, Jon
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Stephen Farrell
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Stephen Farrell
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Dave Crocker
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Brian Rosen
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Dwight, Timothy M (Tim)
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Brian Rosen
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Henning Schulzrinne
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Dave Crocker
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Dave Crocker
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Brian Rosen
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) … Michael Hammer
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Hadriel Kaplan
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Dave Crocker
- Re: [stir] Draft STIR Charter - out of band Cullen Jennings (fluffy)
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Cullen Jennings (fluffy)
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Cullen Jennings (fluffy)
- Re: [stir] Draft STIR Charter - out of band Cullen Jennings (fluffy)
- Re: [stir] Draft STIR Charter - out of band Richard Shockey
- [stir] Revised STIR BOF Aganda Russ Housley
- Re: [stir] CA Certs (was: Re: Rollout timeframe) Michael Hammer
- Re: [stir] Draft STIR Charter - out of band Jan-Tilo Kirchhoff
- Re: [stir] Replay threat (was: Re: Rollout timefr… Hadriel Kaplan