Proposed ATIS Standard for Signing of SIP RPH

Slides:



Advertisements
Similar presentations
STIR Secure Telephone Identity. Context and drivers STIR Working Group Charter Problem Statement Threats Status of work Related work and links Introduction.
Advertisements

9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.
Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.
Proxy Authentication of the Emergency Status of SIP Calls draft-barnes-ecrit-auth-00 Richard Barnes IETF 69, Chicago, IL, USA.
1 SIP WG meeting 73rd IETF - Minneapolis, MN, USA November, 2008 Return Routability Check draft-kuthan-sip-derive-00 Jiri
SIP Authorization Framework Use Cases Rifaat Shekh-Yusef, Jon Peterson IETF 91, SIPCore WG Honolulu, Hawaii, USA November 13,
Trust Anchor Management Problem Statement 69 th IETF Trust Anchor Management BOF Carl Wallace.
DOCUMENT #:GSC15-PLEN-26 FOR:Presentation SOURCE: ATIS AGENDA ITEM: PLEN 6.4 CONTACT(S): James McEachern ATIS Identity Management.
STIR Charter (discussion) STIR BoF Berlin, DE 7/30/2013.
Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.
WS-Trust “From each,according to his ability;to each, according to his need. “ Karl marx Ahmet Emre Naza Selçuk Durna
DHS/NCS Priority Services By An Nguyen. Introduction: National Security/Emergency Preparedness (NS/EP) users rely heavily on public telecommunications.
All Rights Reserved © Alcatel-Lucent 2006, ##### 2G IMS CAVE Based Security Replay Protection Zhibi Wang January, 2007.
Jackie Voss Manager, Global Standards Development ATIS All-IP Transition Initiatives December 1, 2015.
SIP Extensions for Network-Asserted Caller Identity and Privacy within Trusted Networks Flemming Andreasen W. Marshall, K. K. Ramakrishnan,
Public Safety Answering Point (PSAP) Callbacks draft-ietf-ecrit-psap-callback-02.txt H. Schulzrinne, H. Tschofenig, M. Patel.
ATIS Identity Management Standards Development DOCUMENT #:GSC13-PLEN-37 FOR:Presentation SOURCE:ATIS AGENDA ITEM:Plenary; IdM and Identification Systems;
Integrating Identity based Cryptosystem (IBC) with CGA in Mobile IPv6 draft-cao-mipshop-ibc-cga-00.txt Zhen Cao Hui Deng IETF #67.
Timeline – Standards & Requirements
End-to-middle Security in SIP
Status Update -- ATIS Robocalling and Caller ID Initiatives
STIR WG / IETF 94 Yokohama, Nov 2015 Jon
Timeline - ATIS Involvement
Trust Anchor Management Problem Statement
Status Update -- ATIS Robocalling and Caller ID Initiatives
MIG – MIGration of Communication Services to SIP
Improving Security of Real-time Communications
Global Standards Collaboration (GSC) 14
SHAKEN Governance Authority Criteria
STIR WG / IETF 97 Seoul, Nov 2016 Jon
ATIS Cybersecurity DOCUMENT #: GSC13-GTSC6-12 FOR: Presentation
Global Standards Collaboration (GSC) GSC-15
Chris Wendt, David Hancock (Comcast)
SIP Identity issues John Elwell, Jonathan Rosenberg et alia
Timeline - ATIS Involvement
Resource Priority Header
Verstat Related Best Practices
Reference Architecture and Call Flow Example for SIP RPH Signing
Analysis of Use of Separate Identity Header for SIP RPH Signing
NS/EP Service Provider Credential for SIP RPH Signing
RFC PASSporT Construction 6.2 Verifier Behavior
Proposal for Change/Improvements in STIR/SHAKEN Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server.
RFC PASSporT Construction 6.2 Verifier Behavior
RFC PASSporT Construction 6.2 Verifier Behavior
Doug Bellows – Inteliquent 10/4/2018
IETF 101 (London) STIR WG Mar2018
SIP RPH and TN Signing Cross Relationship
STIR WG IETF-100 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-01) November, 2017 Ray P. Singh, Martin Dolly, Subir Das,
TN-PoP Scenarios Jim McEachern Principal Technologist ATIS August 2018.
STIR WG IETF-99 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-00) July, 2017 Ray P. Singh, Martin Dolly, Subir Das, and An.
Change Proposals for SHAKEN Documents
SIP RPH Signing Use Cases
STIR WG IETF-102 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-06) July 18, 2018 Ray P. Singh, Martin Dolly, Subir Das, and.
RFC Verifier Behavior Step 4: Check the Freshness of Date
Proposal for Change/Improvements in STIR/SHAKEN Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server.
Proposal for Change/Improvments in STIR/SHAKEN Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server.
Architecture and Protocols
IPNNI SHAKEN Enterprise Models: LEMON TWIST
SIP Session Timer Glare Handling
STIR/Shaken: Mitigating Illegal Robocalling and Caller ID Scams
Rifaat Shekh-Yusef IETF105, OAuth WG, Montreal, Canada 26 July 2019
SHAKEN for Presented to: Ericsson Contact:
Calling Party Identity
Proposed Changes to STI-VS "iat" freshness check
STIR / SHAKEN for 911 use of SHAKEN 8/7/2019
Calling Party Identity
Rich Call Data Integrity Mechanism
draft-ietf-stir-oob-02 Out of Band
IETF 103 (กรุงเทพฯ) STIR WG Nov 2018
IETF 102 (Montreal) STIR WG Jul 2018
Presentation transcript:

Proposed ATIS Standard for Signing of SIP RPH February 20, 2017 ATIS PTSC Proposed ATIS Standard for Signing of SIP RPH Ray P. Singh formerly Applied Communication Sciences

Outline Overview: Problem Statement Solution Objective and Proposal Proposed IETF STIR Extension Proposed ATIS Standard Using IETF STIR Extension Contribution List

Problem Statement Overview RFC 4412 defines the following namespaces for the SIP “resource-priority” header field (RPH): “DSN,” “DRSN, ” “Q735,” “ETS” and “WPS” The RPH namespace parameters could be spoofed or inserted by unauthorized entities Telephone service providers will drop RPH received from un-trusted networks Lack of means to verify authenticity of received RPH means service providers cannot act with confidence impacting NS/EP Priority Services supported using the “ETS” and “WPS” namespaces

Solution Objective and Proposal Define a mechanism leveraging SHAKEN to validate information populated in the namespace parameters in the SIP “resource-priority” header field (e.g., “ETS” and “WPS”) in support of NS/EP NGN-PS Solution Proposal IETF Define STIR PASSPorT extension to sign the RPH namespace parameters: ATIS Specify ATIS standard using STIR PASSPort extension for support of NS/EP Priority Services

Proposed [draft-ietf-stir-passport] extension: Define extension to sign the RPH namespace parameters: PASSPorT Claim PPT: “rph” “rph” claim Object “namespace” Values: “DSN,” “DRSN, ” “Q735,” “ETS” and “WPS”

ATIS Standard Specify ATIS standard for NS/EP Priority Services Use of PASSPort “rph” claim for “ETS” and “WPS” namespaces Define NS/EP attestations Attestation A. Full NS/EP Attestation The signing provider shall satisfy all of the following conditions: Is responsible for the NS/EP (ETS or WPS) authentication and authorization of the call/session Is responsible for populating the “ETS” or “WPS” namespace in the SIP RPH B. Partial NS/EP Attestation The signing provider shall satisfy all of the following condition: Is responsible for populating the “ETS” or “WPS” namespace in the SIP RPH.

Contribution List PTSC-2017-00028: Proposed New ATIS Issue for RPH Signing PTSC-2017-00029: Draft Standard on Signature-based Handling of SIP RPH Assertion using Tokens PTSC-2017-00030: Proposed [draft-tbd-stir-rph-01] for PASSporT extension

TRANSFORMATIVE RESEARCH