Personal Assertion Token (PASSporT) Extension for Resource Priority Authorization
draft-ietf-stir-rph-06

Received changes through RFC Editor sync (created alias RFC 8443, changed title to 'Personal Assertion Token (PASSporT) Extension for Resource Priority Authorization', changed abstract to 'This document extends the Personal Assertion Token (PASSporT) specification defined in RFC 8225 to allow the inclusion of cryptographically signed assertions of authorization for the values populated in the Session Initiation Protocol (SIP) 'Resource-Priority' header field, which is used for communications resource prioritization.', changed standardization level to Proposed Standard, changed state to RFC, added RFC published event at 2018-08-31, changed IESG state to RFC Published)

[Ballot comment]
Thank you for addressing my first discussion point and comments. I still have a concern on the second discuss point:

§7.2:
  o  The verification of the signature MUST include means of verifying
      that the signer is authoritative for the signed content of the
      resource priority namespace in the PASSporT."

The authors explained via email that they expect this to depend on some ATIS work. I understand that such work is in progress, but has not reached the point of being citable. I don't want to see this document blocked on that work, so I cleared my discuss. However, I still think it would be a good idea to add some scoping text early in the document to the effect that this mechanism is intended for environments where some means of verifying that the signer is authoritative is available. (In addition to keeping the normative text in §7.2)

This document is awaiting the conclusion of JWT review.

On 5/1/18, Amanda Baber via RT wrote: "If this document is going to be revised to request a JSON Web Token Claims registration, according to Section 10.1 of RFC 7519, the authors need to send that registration proposal to the jwt-reg-review@ietf.org mailing list for a three-week review."

[Ballot comment]
I support Ben's discuss.

Thank you for working with the secdir reviewer to address those
comments; I think it will really improve the document.

In a similar vein, I wonder if this document would be easier to read
if it used less formal description terms for protocol elements that
are currently referred to by using the actual protocol element (with
quotes around the name).  For example, "SIP resource priority
header" instead of "'Resource-Priority' header field", or "priority
indicator" instead of "'namespace"."priority value"'.

I'm a little confused why the new registry created in Section 6.2 is
tied to the "resource priority header" (rph) name, when the discussion
in Section 5 has some potential envisioned use cases that are
broader than resource priority.

As Ben notes, there are some stale references.  Please double-check
the referred section numbers as well; in particular "Section 10.1 of
[4474bis]" does not exist in the only February-2017 verions of that
draft.

Section 7.2 uses "authority" in a couple of different senses; it
might be easier on the reader to refer to the authority (protocol
participant) as being "authoritative for the content of [stuff] that
it signs".

[Ballot discuss]
Thanks for this work. I plan to ballot "yes", but I have a couple of points I think need to be discussed first.

§4.2: " If the signature validation fails, the verification service should infer
  that the calling party is not authorized for ’Resource-Priority’ as
  indicated in the claim.  In such cases, the priority treatment for
  the associated communication service is handled as per the local
  policy."

I suspect there will be deployments where the node making these local policy decisions is downstream from the verifier. How do they know RPH verification failed? Should the verifier strip resource priority header fields for which validation failed?

§7.2:
  o  The verification of the signature MUST include means of verifying
      that the signer is authoritative for the signed content of the
      resource priority namespace in the PASSporT."

I gather the intent is to leave that means to local policy, or to be specified elsewhere. I think that's a problem from an interoperability standpoint. The verifier needs a way to know whether the authorizer is authoritative for the RPH. If we want authorizers and verifiers from different vendors to be able to interoperate, it seems like at least some mechanism needs to be standardized and possibly MTI.

[Ballot comment]
General: It's probably worth updating the references to 4474bis and passport to their respective RFCs.

§3, 4th paragraph: The imbedding of ABNF in the middle of a paragraph is difficult to read. It would be helpful to separate that from the surrounding text in the conventional fashion.

§3, 5th paragraph and throughout: The repeated use of "r-value ="namespace "." priority value" is hard to read. Please consider giving that parameter construct a name, and using the name throughout.

§3, 7th paragraph: "The authority MUST use its credentials (i.e., CERT)"
Does "CERT" mean "Certificate"? I assume it's not "Computer Emergency Response Team".

§4.1 : A SIP authentication service typically will derive the value of "rph"
  from the ’Resource-Priority’ header field based on policy associated
  with service specific use of the "namespace "." priority value" for
  r-values based on [RFC4412].:
"Typically" usually implies "Most but not all of the time". Is that the intent?

§4.2, last paragraph: Am I correct to guess that this is talking about valid claims?

(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has completed its review of draft-ietf-stir-rph-03. If any part of this review is inaccurate, please let us know.

The IANA Services Operator has a question about one of the actions requested in the IANA Considerations section of this document.

The IANA Services Operator understands that, upon approval of this document, there are two actions which we must complete.

First, in the Personal Assertion Token (PASSporT) registry located at:

https://www.iana.org/assignments/passport/

a single, new registration will be made as follows:

ppt value: rph
Reference: [ RFC-to-be ]

As this document requests registrations in a Specification Required (see RFC 8126) registry, we will initiate the required Expert Review via a separate request. If there is no expert designated for the registry, we will work with the IESG to have one assigned. Expert review will need to be completed before your document can be approved for publication as an RFC.

Second, a new registry is to be created called the rph types registry. The new registry has two fields: the name of the "rph type" and the reference. The registry is to be managed via Specification Required as defined in RFC 8126.

There is a single, initial registration in the new registry as follows:

rph type Reference
---------+---------------
auth [ RFC-to-be ]

IANA Question --> Where should this new registry be located? Should it be added to an existing registry page? If not, does it belong in an existing category at http://www.iana.org/protocols?

The IANA Services Operator understands that these are the only actions required to be completed upon approval of this document.

Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the list of actions that will be performed.

Thank you,

Sabrina Tanamal
Senior IANA Services Specialist

The following Last Call announcement was sent out (ends 2018-04-06):

From: The IESG
To: IETF-Announce
CC: adam@nostrum.com, stir@ietf.org, rhousley@vigilsec.com, draft-ietf-stir-rph@ietf.org, stir-chairs@ietf.org, Russ Housley
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (PASSporT Extension for Resource-Priority Authorization) to Proposed Standard


The IESG has received a request from the Secure Telephone Identity Revisited
WG (stir) to consider the following document: - 'PASSporT Extension for
Resource-Priority Authorization'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2018-04-06. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.

Abstract


  This document extends the Secure Telephone Identity Revisited (STIR)
  Personal Assertion Token (PASSporT) specification defined in
  [I-D.ietf-stir-passport] to allow the inclusion of cryptographically
  signed assertions of authorization for the values populated in the
  Session Initiation Protocol (SIP) 'Resource-Priority' header field,
  which is used for communications resource prioritization.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-stir-rph/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-stir-rph/ballot/


No IPR declarations have been submitted directly on this I-D.

Given the excessive number of documents currently in last call, I'm going to wait last call on this document until after London, to give the last-call queue some time to drain.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

  Standards track RFC is requested.  Yes, this appears on the
  title page of the Internet-Draft.

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

  This document extends the STIR PASSporT specification to allow the
  inclusion of cryptographically-signed assertions of authorization
  for values that might appear in the SIP 'Resource-Priority' header
  field, which is used for communications resource prioritization.

Working Group Summary

  The STIR WG reached consensus, and there is strong support for
  publication of this document.

Document Quality

  Several people have expressed interest in implementing this
  specification.

Personnel

  Russ Housley is the Document Shepherd.
  Adam Roach is the Responsible Area Director.

(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

  The document shepherd did a complete review of -01, and all items
  of concern were corrected with the posting of -02.

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

  No concerns at all.

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

  No additional review is needed.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

  No concerns at all.

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

  Each of the authors has confirmed that they are unaware of any
  IPR disclosures that need to be submitted.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

  No IPR disclosures have been submitted against this document.

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it? 

  The STIR WG reached consensus, and there is strong support for
  publication of this document.

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

  No one has threatened to appeal or expressed discontent.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

  IDnits raises one warning.  It is the result of a typo, not a
  serious problem.  IDnits could not find the reference in the
  body of the document to RFC 7340, but it appears on line 95 of
  the Internet-Draft.  There ought to be a space after the ']'.

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

  No additional formal review is needed for this document.

(13) Have all references within this document been identified as
either normative or informative?

  Yes, informative and normative references appear is separate
  sections in the document.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

  Two normative references are in the RFC Editor queue.

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

  There are no downrefs.

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

  No, publication of this document will not change the status of
  any other documents.

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

  The IANA considerations appear to be complete.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

  No new IANA registries are created.  Two entries are added to
  existing IANA registries.

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.

  None is needed for this document.