Skip to main content

Last Call Review of draft-ietf-stir-oob-05

Request Review of draft-ietf-stir-oob
Requested revision No specific revision (document currently at 07)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2019-09-17
Requested 2019-09-03
Authors Eric Rescorla , Jon Peterson
Draft last updated 2019-09-17
Completed reviews Secdir Last Call review of -05 by Watson Ladd (diff)
Genart Last Call review of -05 by Suhas Nandakumar (diff)
Opsdir Last Call review of -05 by Shwetha Bhandari (diff)
Genart Telechat review of -06 by Suhas Nandakumar (diff)
Secdir Telechat review of -06 by Watson Ladd (diff)
Assignment Reviewer Shwetha Bhandari
State Completed
Review review-ietf-stir-oob-05-opsdir-lc-bhandari-2019-09-17
Posted at
Reviewed revision 05 (document currently at 07)
Result Ready
Completed 2019-09-17
I have reviewed this document as part of the Operational directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written with the intent of improving the operational aspects of
the IETF drafts per guidelines in RFC5706 .
Comments that are not addressed in last call may be included
in AD reviews during the IESG review.  Document editors and WG chairs should
treat these comments just like any other last call comments.

This is an informational draft that describes use cases and sketches a solution
to deliver PASSporT objects outside of the signaling path as part of
STIR(Secure Telephone Identity Revisited).  The PASSporT format defines a token
that can be carried by signaling protocols, including SIP, to cryptographically
attest the identify of callers. The solution defines a new Call Placement
Service(CPS) that permits the PASSporT object to be stored during call
processing and retrieved for verification purposes. The draft clarifies that
deploying this service and framework would require additional specification
outside the scope of this document.

The draft covers operational considerations per the guidelines defined in RFC
    a) Operational environments section in the draft describes environments in
    which the proposed out-of-band STIR mechanism is intended to operate. b)
    New CPS service and data flows required between existing components -
    caller, callee endpoints and gateways  etc for secure storage and
    validation of PASSportT objects c) Storing and Retrieving PASSporTs objects
    d) Service discovery: Mechanism for CPS discovery

Given that the draft expects additional specification to actually deploy the
new service I am assuming Manageability  consideration such as configuring and
managing CPS, data models for providing operational state and fault
notification for CPS data flows will be detailed in the future specifications.
Also impact of the CPS on network and call setup will have to be covered in
those additional specifications.