Registry for Country-Specific Secure Telephone Identity (STIR) Trust Anchors
draft-burger-stir-iana-cert-01

Document Type Active Internet-Draft (individual)
Last updated 2020-03-08
Stream (None)
Intended RFC status (None)
Formats plain text xml pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
STIR                                                           E. Burger
Internet-Draft                                     Georgetown University
Intended status: Standards Track                           March 8, 2020
Expires: September 9, 2020

  Registry for Country-Specific Secure Telephone Identity (STIR) Trust
                                Anchors
                     draft-burger-stir-iana-cert-01

Abstract

   National policy defines telephone numbering governance.  One area of
   such governance are the policies applied to the Secure Telephone
   Identity Credentials defined in RFC 8226.  Nations have policies for
   the acceptable trust anchors for these credentials.  This document
   defines an IANA registry that enables a SIP call recipient in one
   country to validate the signature, as defined in RFC 8224, that
   originates in another country useing an appropriate trust anchor for
   the signer's certification path, per the origination country's trust
   anchor policy.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on September 9, 2020.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents

Burger                  Expires September 9, 2020               [Page 1]
Internet-Draft             STIR Trust Anchors                 March 2020

   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

1.  Introduction

   One problem that plagues some communications applications is a caller
   deliberately misrepresenting their identity with the intent to
   defraud, cause harm, or wrongfully obtain anything of value.  The
   IETF Secure Telephone Identity Revisited (STIR) work group has
   developed a series of RFCs specifying the mechanisms for
   cryptographically signing the asserted identity and other elements in
   Session Initiation Protocol (SIP) [RFC3261] messages.  One kind of
   identity used in SIP is an E.164 [E.164] telephone number.  A
   telephone number is a string of digits, where the first one to three
   digits indicate a country code.  The International Telecommunications
   Union - Telecommunications Sector (ITU-T) defines country codes and
   delegates the authority for numbers under a country code to the
   respective national communications authority for that country, as
   listed in E.164 Annex D [E.164D].  Note the country code does not
   itself necessarily uniquely identify a country.  For example, in
   country codes +1 and +7, multiple countries share the country code.
   In the cases of +1 and +7, further digits in the E.164 number, known
   as national significant digits (also known as area codes in +1)
   further identify the country.  As well, there are non-geographic
   services with country codes assigned to them.

   Section 7 of Authenticated Identity Management in the Session
   Initiation Protocol [RFC8224] describes the process for signing
   identity tokens.  Correspondingly, the STIR Certificates document
   [RFC8226] describes the format of the signing certificate.  The
   protocol and formats are independent of and can have uses beyond that
   of signing originating telephone numbers.  As well, given that for
   the most part governments are responsible for managing the numbering
   resources within their country code, governmental policy may impact
   who is authorized to issue signing certificates and what constitutes
   a valid certification path.  As such, the base STIR documents defer
   certificate and validation policy to other documents.  This document
   describes a registry for finding a STIR trust anchor for a given
   country code for signed telephone numbers.  This document only
   enables policies for E.164 number identity assertions.  Moreover,
   while this document describes the STIR trust anchor registry for
   various national STIR trust anchors, it does not mandate any
Show full document text