Handling of Identity Header Errors for Secure Telephone Identity Revisited (STIR)
draft-ietf-stir-identity-header-errors-handling-08
Yes
Murray Kucherawy
No Objection
Erik Kline
Roman Danyliw
(Andrew Alston)
(Martin Duke)
(Robert Wilton)
Note: This ballot was opened for revision 07 and is now closed.
Murray Kucherawy
Yes
Erik Kline
No Objection
Francesca Palombini
No Objection
Comment
(2022-12-01 for -07)
Not sent
Thank you for the work on this document. Many thanks to Martin Dürst for his ART ART review: https://mailarchive.ietf.org/arch/msg/art/Jqiy69abgnAMBuSH7oLpt1Ae62I/, and to the author for addressing his comments.
John Scudder
No Objection
Comment
(2022-11-29 for -07)
Sent
Thanks for this short, readable, and to the point document. I did find a couple of nits. In both cases I leave it to you to decide if a change is called for, no need to reply. 1. In Section 5, I had trouble with this sentence: "As implied and defined in [RFC8224], error codes associated with STIR targeted at authentication services that produced a specific identity header field represent a single error occurring with the verification and processing of that identity header field." I'm willing to believe that for someone expert in STIR, SIP, et al, that sentence might be parsable into something that makes sense. It defied me, though, so I mention it in case you want to re-word it. 2. In Section 6, isn't this a comma splice and it should really be two sentences? "As mentioned previously, the potential use of multiple Reason header fields defined in [RFC3326] is updated in [I-D.ietf-sipcore-multiple-reasons] allowing multiple Reason header fields with the same protocol value, for this specification "STIR" should be used for any STIR error defined in [RFC8224] or future specifications."
Paul Wouters
No Objection
Comment
(2022-11-30 for -07)
Sent
# Sec AD review of draft-ietf-stir-identity-header-errors-handling-07 CC @paulwouters See https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions for more information about how to handle DISCUSS and COMMENT positions. This review uses the format specified in https://github.com/mnot/ietf-comments/ which allows automated tools to process items (eg to produce github issers) ## Comments ### "ppi" parameter ``` The association of a Reason header field and error to a specific Identity header field is accomplished by adding a PASSporT identifier, "ppi", parameter containing the PASSporT string as an identifier for the identity header and corresponding PASSporT that generated the error to the Reason header field. The "ppi" parameter for the Reason header field is RECOMMENDED in particular [...] ``` It feels like the "is accomplished" really means the "ppi" parameter MUST be used, yet further on it states the "ppi parameter" is only RECOMMENDED ? Should this RECOMMENDED not be REQUIRED? Also the construct of "RECOMMENDED in particular" is a little odd. Why not: For a SIP INVITE containing multiple Identity header fields, the "ppi" parameter for the Reason header field is REQUIRED. ### 7 lines is a lot for a single sentence ``` In cases where local policy dictates that a call should continue regardless of any verification errors that may have occured, including 4XX errors described in [RFC8224] Section 6.2.2, then the verification service MUST NOT send the 4XX as a response, but rather include the error response code and reason phrase in a Reason header field, defined in [RFC3326], in the next provisional or final responses sent to the authentication service. ``` This sentence does not parse (due to the ", then the"). It is also 7 lines long so it would improve readability to split this in various sentences.
Roman Danyliw
No Objection
Éric Vyncke
No Objection
Comment
(2022-11-24 for -07)
Sent
# Éric Vyncke, INT AD, comments for draft-ietf-stir-identity-header-errors-handling-07 CC @evyncke Thank you for the work put into this document. Please find below one nit. Special thanks to Ben Campbell for the shepherd's detailed write-up including the WG consensus and the justification of the intended status. I hope that this review helps to improve the document, Regards, -éric ## NITS ### Placement of ';' in the examples Just to exhibit my lack of SIP/STIR knowledge, I was wondering about the placement of ';' in the different examples, e.g., ``` Reason: STIR ;cause=436 ;text Reason: STIR ;cause=438 ; text ``` I guess that this is not a SIP violation but it looks weird to the reader. ## Notes This review is in the ["IETF Comments" Markdown format][ICMF], You can use the [`ietf-comments` tool][ICT] to automatically convert this review into individual GitHub issues. [ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md [ICT]: https://github.com/mnot/ietf-comments
Andrew Alston Former IESG member
No Objection
No Objection
(for -07)
Not sent
Martin Duke Former IESG member
No Objection
No Objection
(for -07)
Not sent
Robert Wilton Former IESG member
No Objection
No Objection
(for -07)
Not sent