Telechat Review of draft-ietf-stir-oob-06
review-ietf-stir-oob-06-genart-telechat-nandakumar-2019-12-04-00
Request | Review of | draft-ietf-stir-oob |
---|---|---|
Requested revision | No specific revision (document currently at 07) | |
Type | Telechat Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2019-12-03 | |
Requested | 2019-11-14 | |
Authors | Eric Rescorla , Jon Peterson | |
Draft last updated | 2019-12-04 | |
Completed reviews |
Secdir Last Call review of -05
by Watson Ladd
(diff)
Genart Last Call review of -05 by Suhas Nandakumar (diff) Opsdir Last Call review of -05 by Shwetha Bhandari (diff) Genart Telechat review of -06 by Suhas Nandakumar (diff) Secdir Telechat review of -06 by Watson Ladd (diff) |
|
Assignment | Reviewer | Suhas Nandakumar |
State | Completed | |
Review |
review-ietf-stir-oob-06-genart-telechat-nandakumar-2019-12-04
|
|
Posted at | https://mailarchive.ietf.org/arch/msg/gen-art/YnDIPZoiAMatA3R7HWejcySTaRw | |
Reviewed revision | 06 (document currently at 07) | |
Result | Ready with Nits | |
Completed | 2019-12-04 |
review-ietf-stir-oob-06-genart-telechat-nandakumar-2019-12-04-00
Summary: The document is a well written summary and covers the ideas clearly. I don't have major concerns but do have few minor concerns and Nits that might help with some clarifications Major issues: None Minor issues: 1. Section 7.2 para 2 states : "The CPS responds with any such PASSporTs (assuming they exist)." Given CPS will always respond with a dummy PASSporT, the statement in the parentheses doesn't hold. (Referring to section 6.2) 2. Section 7.4 Call flow: "Call from CS (forged caller-id info)" . Since its the attacker making the call here, we probably need to change it as "Call from Attacker (forged caller-id info)". 3. Section 7.5 has the following: Sign(K_cps, K_temp) Sign(K_temp, E(K_receiver, PASSporT)) ---> This is a clarification question for my understanding. What happens when one of the 2 messages sent gets lost when storing the PASSporT. Should we need to add any clarifications to that extent ? 4. Section 7.5 last para: clarification question Since PASSporT is encrypted at CPS , how is it aged out based on the "iat" value. Is it a function to VS to age out PASSporTs at a given CPS ? Nits/editorial comments: 1. Section 5.2 para 1: would be nice to add reference to Section 10 2. Section 7.2 Call Flow: "Store PASSporT" --> "Store Encrypted PASSporT" 3. Section 7.2 Call Flow: "Ring phone with callerid" --> "Ring phone with verified callerid" 4. Section 8.2 Step 3: "number number" --> "number" 5 Section 8.3 para 2: "Per Step 3" --> "Per Step 3 of Section 8.1"