Stir-cnam STIR WG / IETF 95 Buenos Aires, Apr 2016 Jon.

Slides:

Advertisements

Similar presentations

SIP-T Status Update Jon Peterson Level(3) Communications 49 th IETF.

Advertisements

MARTINI WG Interim draft-ietf-martini-reqs-04 John Elwell Hadriel Kaplan (editors)

Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.

INRIA Rhône-Alpes - Planète research group 1 Security and RMT Protocols: TESLA I-D simple-auth I-D rmt-sec I-D IETF 69 th – Chicago meeting, July 2007.

Draft-ietf-abfab-usability-ui- considerations Rhys Smith IETF 90, Toronto.

Registration Revocation in Mobile IP draft-glass-mobileip-reg-revok-00.txt (soon to be -01!) Steven M. Glass - Sun Microsystems

Production Monitoring and QC FCal1 Production Advancement Review February 20, Peter Loch University of Arizona Tucson, Arizona FCal1 Production.

UNITED STATES COPYRIGHT OFFICE Copyright Registration for Musical Compositions.

IETF-78, July Alert-Info URNs for the Session Initiation Protocol (SIP) draft-liess-dispatch-alert-info-urns-02 L. Liess, R. Jesske, D. Alexeitsev.

SIP working group status Keith Drage, Dean Willis.

FUNCTIONSFUNCTIONS Symmetric about the y axis Symmetric about the origin.

STIR Charter (discussion) STIR BoF Berlin, DE 7/30/2013.

Baseline Writing Coombs Room 201. Do Now – 5 Min Due Today: Signed Contracts Student Rights Form Health Hero Application Take Out: Paper & Pencil/Pen.

MASS / DKIM BOF IETF – Paris 4 Août 2005 dkim.org  mipassoc.org/mass IETF – Paris 4 Août 2005 dkim.org  mipassoc.org/mass MIPA.

 A -  B -  C -  D - Yes No Not sure.  A -  B -  C -  D - Yes No Not sure.

XCON WG IETF-73 Meeting Instant Messaging Sessions with a Centralized Conferencing (XCON) System draft-boulton-xcon-session-chat-02 Authors: Chris Boulton.

Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon.

Doc.: IEEE /1001r0 Submission Sept 2012 Jon Rosdahl (CSR)Slide 1 Sept 1 st Vice Chair Report Date: Authors:

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

Page 1IETF 65 ENUM WG IETF 65 – ENUM WG IANA Registration for an Enumservice and “tel” Parameter for Calling Name Delivery (CNAM) Information 20 March.

Rfc4474bis-01 IETF 90 (Toronto) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed,

1 IETF 88 (Vancouver) November 6, 2013 Cullen Jennings V3.

SIP and SIPPING WGsMay, IETF Interim Meeting Orit levin Conferencing Requirements for SIP Based Applications.

SIP Extensions for Caller Identity and Privacy Flemming Andreasen W. Marshall, K. K. Ramakrishnan, E. Miller, G. Russell, B. Beser,

Interworking between SIP and QSIG for call transfer draft-rey-sipping-qsig2sip-transfer-00.txt Jean-Francois Rey Alcatel IETF59.

SIP Extensions for Network-Asserted Caller Identity and Privacy within Trusted Networks Flemming Andreasen W. Marshall, K. K. Ramakrishnan,

SAML for SIP Hannes Tschofenig, Jon Peterson, James Polk, Douglas Sicker, Marcus Tegnander.

End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-03 draft-ono-sipping-end2middle-security-02 Kumiko Ono IETF60.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Security Problems related to Transition Date Submitted: January.

Rfc4474bis-03 IETF 92 (Texas) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed, signer/verifier.

SIPPING Drafts Jonathan Rosenberg dynamicsoft. Conferencing Package Issues Only one – scope Depends on broader work in conferencing May include –Participant.

Doc.: IEEE /1096r2 Submission January 2006 Mike Moreton, STMicroelectronicsSlide 1 Emergency Call Support Notice: This document has been prepared.

SIP Working Group IETF Chairs -- Rohan MAHY Dean WILLIS.

Jim McEachern Senior Technology Consultant ATIS July 8, 2015.

draft-rescorla-fallback-01

Emergency Call Support

STIR WG / IETF 94 Yokohama, Nov 2015 Jon

Timeline - ATIS Involvement

Improving Security of Real-time Communications

STIR WG / IETF 97 Seoul, Nov 2016 Jon

Chris Wendt, David Hancock (Comcast)

Timeline - ATIS Involvement

Microsoft FrontPage 2003 Illustrated Complete

Proposed ATIS Standard for Signing of SIP RPH

Microsoft powerpoint - google slides - apple keynote

Analysis of Use of Separate Identity Header for SIP RPH Signing

RFC PASSporT Construction 6.2 Verifier Behavior

Proposal for Change/Improvements in STIR/SHAKEN Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server.

RFC PASSporT Construction 6.2 Verifier Behavior

RFC PASSporT Construction 6.2 Verifier Behavior

IETF 101 (London) STIR WG Mar2018

SIP RPH and TN Signing Cross Relationship

STIR WG IETF-100 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-01) November, 2017 Ray P. Singh, Martin Dolly, Subir Das,

STIR WG IETF-99 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-00) July, 2017 Ray P. Singh, Martin Dolly, Subir Das, and An.

Change Proposals for SHAKEN Documents

STIR WG IETF-102 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-06) July 18, 2018 Ray P. Singh, Martin Dolly, Subir Das, and.

RFC Verifier Behavior Step 4: Check the Freshness of Date

Proposal for Change/Improvements in STIR/SHAKEN Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server.

Proposal for Change/Improvments in STIR/SHAKEN Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server.

IPNNI SHAKEN Enterprise Models: LEMON TWIST

Rifaat Shekh-Yusef IETF105, OAuth WG, Montreal, Canada 26 July 2019

Calling Party Identity

Proposed Changes to STI-VS "iat" freshness check

STIR / SHAKEN for 911 use of SHAKEN 8/7/2019

Rich Call Data Integrity Mechanism

IETF-104 (Prague) DHC WG Next steps

draft-ietf-stir-oob-02 Out of Band

IETF 103 (กรุงเทพฯ) STIR WG Nov 2018

IETF 102 (Montreal) STIR WG Jul 2018

Presentation transcript:

stir-cnam STIR WG / IETF 95 Buenos Aires, Apr 2016 Jon

Twofold STIR extensibility model First, “ppt” – For adding claims beyond the bare minimum Any new claims signed in addition to the baseline – Requires normal JWS IANA registration procedures for claims Second, defining new MIME types – For eliminating/replacing the bare minimum JWS claims Say, if you wanted a PASSporT app that used neither otn/dtn nor ouri/duri We have heard some interest in this – Requires MIME IANA registration procedures

Testing extensibility Before we ship rfc4474bis/PASSporT – Be nice to know if the extensibility model works In this case, the “ppt” extensibility mechanism – We could do a separate dry run for a new MIME type Added a single new claim for display-name – “cna” – short for CNAM – Basically captures display-name in SIP – This is a first-party attestation: originating auth service supplies the data Yes, we know display-name is not in STIR’s scope – Although… CNIT? Anyone?

The “cna” extension Header: { "typ":”passport", "alg":"RS256“, "ppt":”cna“, "x5u":" } Claims: { "otn":" ", "dtn":" ", "cna":" ", "iat": " ” }

Elaborating on “cna” Adding more claims that optionally appear with “cna” is signaled in “ppt” – Could include information about organizations – Location, potentially Likely be reference rather than by value – Other rich data associated with the originating persona If there’s interest, we could go there – Maybe in STIR after a recharter, or a new WG

Should we test MIME as well? One potential MIIME development would be third- party “cna” – Attestation is independent of the bare minimum, is solely about the originating number/name Possibly date too This Identity header could be added by an intermediary auth service – Even an intermediary associating with the terminating administrative domain of the call Some CNAM functions work this way today – We could specify this to show another use of the extensibility mechanisms in PASSporT

Sanity checking Mostly, though, we want to make sure people understand extensibility for STIR – If we’re getting it wrong, this is the time to say Not immediately seeking WG status for this doc – Let’s finish the key work on our plate first