Stir Status PagesSecure Telephone Identity Revisited (Active WG)
Art Area: Barry Leiba, Adam Roach, Alexey Melnikov | 2013-Aug-30 —Chairs:
IETF-106 stir minutes
Session 2019-11-18 1330-1530: Hullet - Audio stream - stir chatroom
STIR WG Minutes for IETF 106 in Singapore 0. Minute Taker, Jabber Scribe, Bluesheets Cullen Jennings agreed to take notes. Brian Rosen agreed to jabber scribe. 1. Agenda Bash Participants were reminded about NOTE WELL. No changes were made to the agenda. 2. Active Working Group Documents 2.1. draft-ietf-stir-cert-delegation (Jon) No longer talking about the "good bit" because the certificate policy is where one would say what vetting has to be done for the delegation. Plan to WG Last Call in January 2020. 2.2. draft-ietf-stir-passport-rcd (Chris) Jon Peterson brought up issues with CID. Want to avoid MIME multi-part, which is not implemented. A header inside another header is a possible alternative, but it will be large if it has logos or other embedded objects. Jon is not fan of data URL to solve this. We will need some way to do parts by reference. Probably need a profile of jCard that defines how to do this. Brian Rosen pointed out that emergency call has defined a place for "additional data" in order to attach to call info. Might be a way to add this data. Authors took an action to propose a solution to the embedding of objects such as logos. Jon Peterson observed that the reason for a call is likely the wrong type of thing to put in a vCard. The jCard resolves the who is this, but under this document, could have a separate thing that contains info about the call. Chris Wendt thinks that the solution will need to separate the integrity on the two parts. 3. Updates on post-WG LC documents 3.1. draft-ietf-stir-oob (EKR and Jon) The possibility for mitigation for the callback service substitution attack was raised. More text has been added to the document on this topic. Martin Dolly brought up the use case of E911 for transfer. Agent transfers call and sends the original passport. There was a question about the use of quotes in the syntax specified in RFC 8224. The ABNF allows quotes, and quotes are allowed by RFC 3261. Adam Roach suggested a short document to update that clarifies when to include quotes. The plan is to create a short consensus document to address the quote topic, and Adam will AD sponsor that document. 3.2 draft-ietf-stir-passport-divert (Jon) No discussion needed. 4. Any Other Business (if time allows) 4.1 draft-dolly-stir-rph-emergency-services (Martin) Jon Peterson observed that an update to RFC 8824 would be needed, but it can all be part of this document. Chris Wendt pointed out that we need to decide what to do with the originator when there is no phone number due to an emergency call with no SIM card. Brian Rosen sid that we need some identifier. The requirement is that two calls from same phone [without a SIM] will have same identifier. IMEI could work. Jon Peterson suggested some URN for this. Brian Rosen observed that one cannot call back to an uninitiated device. Not suggesting that capability be added. Brian Rosen suggested that we will need to tackle the first responder version of this, and then we should probably consider DoD ones as well. Russ Housley (chair): We could move this document along to address the use case that is already specified, and then address other needs in subsequent documents later. Wie wll have call for WG adoption of this document. 5. Wrap Up Jon Peterson spoke about Connected Identity. This is an issue of increasing importance. We could also consider pre-call info.