Minutes IETF101: stir

Meeting Minutes Secure Telephone Identity Revisited (stir) WG
Title Minutes IETF101: stir
State Active
Other versions plain text
Last updated 2018-03-30

Meeting Minutes

Secure Telephone Identity Revisited (stir) - IETF 101 - London
22 March 2018 - 1030-1200 - Viscount

Co-chairs: Russ Housley and Brian Rosen (substitute for Robert Sparks)
Note taker: Christer Holmberg
Jabber scribe: Matt Miller
Meetecho: https://play.conf.meetecho.com/Playout/?session=IETF101-STIR-20180322-0930

Topic: PASSporT Extension for Resource-Priority Authorization
Presenter: Martin Dolly
Draft: draft-ietf-stir-rph-03

   An issue whether ppt values should be quoted or not. Both ways
   appear in documents, and we should agree on one way.  See further
   discussion later in this meeting on 'PASSporT Extension for Divert'.

   NEXT STEP: Submit new version of the Internet-Draft.

Topic: PASSporT Extension for SHAKEN
Presenter: Chris Wendt
Draft: draft-ietf-stir-passport-shaken-01

   Indicated that some minor changes are still to be done, but otherwise
   the document is ready to be moved forwarded.  Nobody objected to
   moving the document forward.

   NEXT STEP: Submit new version of the Internet-Draft.

Topic: PASSporT Extension for Divert
Presenter: Jon Peterson
Draft: draft-ietf-stir-passport-divert-02

   ISSUE: It was suggested to allow Identity in 3xx responses, which the
      original UAC could optionally use in subsequent requests.
   OUTCOME: Not controversial; no one objected.  It does have some
      potentially complex interactions with nesting and multiple
      Identity headers, which will require careful documentation.

   ISSUE: It was discussed on whether we should deprecate the usage of
      nested claims for the in-band solution.
   DISCUSSION: The total size of an INVITE request is not a problem;
      the size will be large even without Identity header fields.  A
      large size of a single header field can cause problems.
   DISCUSSION: We should use the same mechanism for in-band and
      out-of-band.  Nesting is needed for out-of-band.
   DISCUSSION: If nesting is used, it needs to be clear how nesting is
      done when there are multiple incoming Identity header fields.
   OUTCOME: Nesting will stay.

   ISSUE: Ordering for Identity header fields in a SIP message when
      multiple header fields are included.
   OUTCOME: No need to define order of Identity header fields.

   ISSUE: Ordering for claims within a PASSporT as required by RFC 8225.
   OUTCOME: No need to define anything additional, as RFC 8225 already
      defines how to order the claims as part of the serialisation.

   ISSUE: Should 'opt' be independent of 'div' to allow nesting with
      other PASSporT extensions?
   OUTCOME: Will allow 'opt' with other extensions if needed in future.

   ISSUE: Should ppt values be quoted or not?
   OUTCOME: Quoting is mandatory.

   NEXT STEP: Submit new version of the Internet-Draft. WG Last Call
      will follow shortly after the next once the next version of the
      Internet-Draft has been submitted.  More reviewers are needed.

Topic: Out-Of-Band (OOB)
Presenter: Jon Peterson
Draft: draft-ietf-stir-oob-02

   DISCUSSION: More generic guidance for validating PASSportT against
      calls without SIP.
   DISCUSSION: Mocked up a REST interface for a CPS. Initial work; more
      work is needed.
   DISCUSSION: There a need to specify at least one CPS discovery
      mechanism, realising that service discovery in general is a
      complex and much-studied topic.
   NEXT STEP: Work will continue.

Topic: Registry for Country-Specific STIR Root Certificates
Presenter: Eric Burger (remote)
Draft: draft-burger-stir-iana-cert-00

   DISCUSSION: There was much concern about the suggestion.  It would
      come with a big liability and huge responsibility on IANA.  It was
      also unclear what the Expert Reviewer is expected to do.
   DISCUSSION: If such registry is to be created, it could be done by
      ITU-T, for example.  While the problem might be clear, it is not
      within the expertise of IETF or IANA.
   DISCUSSION: Even if such a registry exists, people will not rely on
      the information without doing some vetting of their own.
   NEXT STEP: No decision.

Topic: Connected Identity for STIR
Presenter: Jon Peterson
Draft: draft-peterson-stir-rfc4916-update-00
   DISCUSSION: Described as "STIR backwards". Send an UPDATE request in
      the backwards direction while the call is being established.
   NEXT STEP: No decision; discussions will continue.

Topic: Callback
Presenter: Jonathan Rosenberg
Draft: draft-rosenberg-stir-callback-00
   DISCUSSION: The mechanism should be seen as a complement to RFC 8226.
   DISCUSSION: The callback INVITE will often reach a PSTN gateway that
      does not support the Require header field value, which would
      trigger a call establishment in the PSTN network.
   DISCUSSION: It was indicated that perhaps OOB could be used. 
   NEXT STEP: No decision.

Topic: SIPcoin
Presenter: Jonathan Rosenberg
Draft: draft-rosenberg-stir-sipcoin-00
   DISCUSSION: Short presentation of the mechanism.  It was clarified
      that a blockchain is not needed.  An entity will only do work
      before the call, and then show proof of the work when establishing
      a call.
   DISCUSSION: Interested parties were invited to the lunch talk where
      further discussions will take place.
   NEXT STEP: No decision.