Certificate Management Service for the Session Initiation Protocol (SIP)
draft-ietf-sip-certs-15
Yes
(Robert Sparks)
No Objection
(Adrian Farrel)
(Dan Romascanu)
(Jari Arkko)
(Lisa Dusseault)
(Pasi Eronen)
(Ralph Droms)
(Ron Bonica)
(Ross Callon)
(Russ Housley)
Recuse
(Cullen Jennings)
No Record
(Tim Polk)
Note: This ballot was opened for revision 15 and is now closed.
Lars Eggert
(was Discuss)
No Objection
Comment
(2009-10-16)
Unknown
Section 6.5., paragraph 3: > Implementations which generate large notifications are reminded to > follow the message size restrictions for unreliable transports > articulated in Section 18.1.1 of SIP. It's pretty much guaranteed that NOTIFYs that have S/MIME certs in them will be longer than 1300 bytes. It's also pretty much guaranteed that the clients will have no idea of the PMTU. According to Section 18.1.1 of RFC3261 this means that these will need to be sent over TCP. How many stacks are really going to support this "upconversion" to TCP? I was under the impression that TCP support wasn't really there? (I may upgrade this to a discuss, but let's see.)
Alexey Melnikov Former IESG member
(was Discuss, No Record, Discuss)
Yes
Yes
(2010-03-05)
Unknown
This part was a DISCUSS: In Section 7.5: The NOTIFY MUST contain a multipart/mixed (see [RFC2046]) body that contains both an application/pkix-cert body with the certificate and an application/pkcs8 body that has the associated private key information for the certificate. The Content-Disposition MUST be set to "signal" as defined in [RFC3204]. A future extension MAY define other NOTIFY bodies. If no "Accept" header field is present in the SUBSCRIBE, the body type defined in this document MUST be assumed. Question: does the Accept header field body contains "multipart/mixed" or "application/pkcs8"? How would this work for future extensions if there is a need to return other media types inside a top level "multipart/mixed"? --------------------------------------- 4. UA Behavior with Certificates The Subscriber needs to decide how long it is willing to trust that the certificate it receives is still valid. If the certificate is revoked before it expires, the Notifier will send a notification with an empty body to indicate that the certificate is no longer valid. If the certificate is renewed before it expires, the Notifier will send a notification with a body containing the new certificate. It would be nice to state the assumption that there is only one certificate per user at any given time earlier in the document. 6.12. State Agents and Lists The certificate server described in this section which serves certificates is a state agent and implementations of the certificate server MUST be implemented as a state agent. Question: which document defines the "state agent" term? 7.6. Subscriber Generation of SUBSCRIBE Requests The UA needs to authenticate with the credential service for these operations. The UA MUST use TLS to directly connect to the server acting as the credential service or to a server that is authoritative for the domain of the credential service. The UA MUST NOT connect through an intermediate proxy to the credential service. Last sentence: it would be helpful if the document pointed out how to achieve this. 7.10. Notifier Processing of PUBLISH Requests If the Subscriber submits a PUBLISH request with no body, this revokes the current credentials and causes all subscriptions to the credential package to be deactivated as described in the previous section. I think you need an explicit section reference number here, section 7.9 is talking about something else. In Section 9.5: The PKCS#8 in the clients MUST implement PBES2 with a key derivation algorithm of PBKDF2 using HMAC with SHA1 I think this needs references to HMAC and SHA1 documents. and an encryption algorithm of DES-EDE2-CBC-Pad as defined in [RFC2898]. It is RECOMMENDED that this profile be used when using PKCS#8. A different passphrase SHOULD be used for the PKCS#8 encryption than is used for server authentication.
Robert Sparks Former IESG member
Yes
Yes
()
Unknown
Adrian Farrel Former IESG member
No Objection
No Objection
()
Unknown
Dan Romascanu Former IESG member
No Objection
No Objection
()
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
()
Unknown
Lisa Dusseault Former IESG member
No Objection
No Objection
()
Unknown
Pasi Eronen Former IESG member
(was Discuss, No Objection)
No Objection
No Objection
()
Unknown
Ralph Droms Former IESG member
No Objection
No Objection
()
Unknown
Ron Bonica Former IESG member
No Objection
No Objection
()
Unknown
Ross Callon Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Sean Turner Former IESG member
(was Discuss)
No Objection
No Objection
(2010-06-21)
Unknown
#1) From [RFC5280]: Throughout: r/self signed/self-signed Throughout: r/certificate authority/certification authority Throughout: r/certificate authorities/certification authorities Throughout: Use either subjectAltName or SubjectAltName; use is mixed throughout the I-D. #2) Section 2: r/A password used to encrypt/A password used to encrypt and decrypt #3) Section 3: There are three styles of deployment. For some protocols, there are statements about what the servers MUST support. I'm not sure how it's done in SIP, are servers required to support all three styles or are they allowed to pick and choose? #4) Section 5: Assuming you're talking about encrypting the private key and sticking it in a PKCS#8: r/The UA MAY encrypt the private key with a password phrase supplied by the user./The UA MAY encrypt the private key with a password phrase supplied by the user, as specified in Section 10.5. #5) Section 6.11: r/certificate server/credential server (X2) #6) Section 7.4: [RFC5208] is obsoleted by [I-D.turner-asymmetrickeyformat]: r/ The application/pkcs8 body contains a DER-encoded [I-D.turner-asymmetrickeyformat] #7) Section 7.8: (yes I know this is nitty - the flag is actually "cA"): r/CA/cA #8) Section 7.9: r/If a CA Basic Constraint is set in the certificate, it is set to false./If a cA Basic Constraint flag is set in the certificate, it is set to false. #9) Section 8: r/SHA1/SHA-1 and r/SHA256/SHA-256 #10) Section 9.1: I know the public key is in the certificate, but I think you meant certificate not public key: r/Alice's public and private keys/Alice's certificate and private key #11) Section 10.3: r/trust CA/trust certification authority (CA) #12) Section 10.5: r/per-standard/pre-standard #13) Section 10.5: In the last sentence, shouldn't that be client authentication? That is the client should use a different password to protect their private key than they use when they authenticate themselves to the server? #14) Section 10.6: Should the "should" be "SHOULD" in the first sentence? #15) Section 13.1: delete reference to RFC 5208 #16) Section 10.6: I know it's in section 5, but is it worth repeating the bit about generating keys with random #s?
Cullen Jennings Former IESG member
Recuse
Recuse
()
Unknown
Tim Polk Former IESG member
(was No Objection, No Record, Discuss)
No Record
No Record
()
Unknown