Hedge notes from IETF 119 STIR WG
Secure Telephony Identity Revisited
Chairs
- Ben Campbell
- Robert Sparks
- Russ Housley
Agenda
1) Administrivia
- Agenda Bashing
- Minute Taker
- Jabber Scribe
- Bluesheets - Meetecho tool
2) Certificates
- draft-ietf-stir-certificates-ocsp-06
- draft-peterson-stir-certificates-shortlived-05 (Candidate for
adoption)
- Jon Peterson and Sean Turner
- draft-wendt-stir-certificate-transparency-00
- Chris Wendt
3) STIR+MLS
- draft-peterson-stir-mls-01
- Jon Peterson and Richard Barnes
4) Any Other Business (if time permits)
Actions (note-taking by Simon Castle)
- 07 is now out! (as of this morning) building in stapling.
- Examples included.
- Request that implementers review the new draft to evaluate the
impact of the size of the staple.
- Question for attendees/reviewers: should there be a decoding of the
PEM in the example
- Question for attendees/reviewers: should there be something
specifying the algorithms in the PASSporT, or is that built in to
OCSP?
- No new version, since it's being called for adoption already.
-
Eric Rescorla has sent feedback on the mailing list
- Questions about x5u/x5c (and typo of x5y)
- Suggestion for highlight of normative change (move from x5u to
x5c)
- Should certs be listed in both x5u AND x5c?
-
Alec Fenichel
- nothing precluding users from doing both if the URL is in both.
Jon Peterson doesn't see an issue
- Example in the text (for OCSP) - mismatch in certificate
extension (example ends .cer, frequently .pem is the extension
for PEM format)
- Jon Peterson to look at RFC 5280 to make sure this draft
doesn't conflict!
- Russ Housley to find a reference about specifying a chain of
certs in DER.
-
Summary of direction forwards:
- Stick with PEM
- Change examples to reflect
- Keep x5c as written up but also add note to keep the x5u field
in those shortlived
-
No objections for adoption of the short-lived draft.
-
Chris Wendt presenting
- One key decision looking for input on: Current certificate
transparency document provides three patterns, which we might be
able to simplify - do we need any mechanisms other than
pre-certificates? (See RFC 9162)
-
Orie Steele (in chat) offered route to using just the "SCT" part
without the rest of RFC 9162, which is rarely implemented.
-
Jon Peterson:
- This only works if everyone signs up otherwise a rogue CA
doesn't list their certs (or their real certs) and all verifiers
choose to trust.
-
Recommends use of the 'observatory' approach, based on the way
the old SSL Observatory used to work.
- Observes and detects changes to existing certificates in use
when that's not expected to flag suspicious new actors.
-
Chris: could be applied primarily to delegates, where we don't
have as many established processes today.
- Jon: Ownership of individual numbers is complex, makes this
harder.
-
Eric Rescorla: needs a threat analysis before this can be adopted
- Jon Peterson: needs more work on the list, not ready for adoption.
- Conclusion: not being adopted at this time, will continue
discussion.
- Jon Peterson and Richard Barnes
- Interaction with the MIMI WG (Jon Peterson also talking there.
- More coordination and integration to be done.
- draft-peterson-mimi-idprover is a strawman draft covering the
discovery problem in MIMI, reuses some ideas from ACME integration.
- Conclusion: Too early for adoption, more work to be done in
MIMI.
Any Other Business (if time permits)
- Time does not permit!
- What's the future of the WG? Are we on the long tail for closing
down?
- Call for discussion on the mailing list.