Saverio Niccolini | 2 Mar 18:08 2007
Picon

FW: I-D ACTION:draft-niccolini-speermint-voipthreats-01.txt

Dear all,

I submitted a second version of the VoIP Security threats draft
after doing a lot of work helped by Eric Chen (NTT).

I would appreciate if you could find some time to discuss on the
mailing list if you like the new approach we took and what are the
problems/things you like.

The major changes are:
-- adaptation of the threats to the SPEERMINT architecture (LF, SF, MF)
-- introduction of SPEERMINT specific threats

We think this draft is now ready to have more discussion within
the list and we would appreciate you to find some time for this.

Cheers,
Saverio

============================================================
Dr. Saverio Niccolini
Senior Research Staff Member
Network Laboratories, NEC Europe Ltd.
Kurfuerstenanlage 36, D-69115 Heidelberg
Tel.     +49 (0)6221 4342-118
Fax:     +49 (0)6221 4342-155
e-mail:  saverio.niccolini@...
============================================================
NEC Europe Limited
Registered Office: NEC House, 1 Victoria Road, London W3 6BL
(Continue reading)

Internet | 2 Mar 21:50 2007
Picon

I-D ACTION:draft-ietf-speermint-voip-consolidated-usecases-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the Session PEERing for Multimedia INTerconnect Working Group of the IETF.

	Title		: VoIP SIP Peering Use Cases 
	Author(s)	: A. Uzelac, et al.
	Filename	: draft-ietf-speermint-voip-consolidated-usecases-00.txt
	Pages		: 21
	Date		: 2007-3-2
	
        This document will capture the VoIP use case for SIP Peering.  It is 
        a consolidation of other Speermint use cases and will focus 
        exclusively on VoIP. 

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-speermint-voip-consolidated-usecases-00.txt

To remove yourself from the I-D Announcement list, send a message to 
i-d-announce-request@... with the word unsubscribe in the body of 
the message. 
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce 
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the 
username "anonymous" and a password of your e-mail address. After 
logging in, type "cd internet-drafts" and then 
"get draft-ietf-speermint-voip-consolidated-usecases-00.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
(Continue reading)

Cullen Jennings | 12 Mar 04:19 2007
Picon

Comments on draft-newton-peppermint-problem-statement-00 and draft-schwartz-peppermint-e164-provisioning-data-set-00


Many of my questions about the newton doc where answered by the  
schwartz doc and visa versa - they are nicely synchronized. I hope  
there is some thought to just combining these.

Stuff that was unclear to me revolved around who the different actors  
are and who is allowed to provision what - I trying to get at what  
the trust model is and who trusts what from who and why.

The whole ownership concept seem to be imply a someone different  
model that I have seen in existing IETF work  - similarly with the  
view/profile stuff. The document has some stuff about the bits needed  
and that is very helpful to understand, but would be nice to also  
have more on who the actors are and what information they can provide  
and receive in different views.

Trivial note on time-zones - if you can avoid them and make all times  
in UTC or something like that, things will be easier.

Cullen <with my individual hat on>
		
PFAUTZ, PENN L, ATTCORP | 12 Mar 14:23 2007
Picon

RE: Comments ondraft-newton-peppermint-problem-statement-00 anddraft-schwartz-peppermint-e164-provisioning-data-set-00

One problem with the Lewis draft and these other drafts is that they
elide some of the larger context of work on ENUM.
They clearly aren't speaking to user ENUM (RFC 3761). References to
ownership of numbers suggests an Infrastructure ENUM focus, but it seems
to be a private ENUM rather than a public one. It includes the
suggestion of differential response but with the assumption that that
will be handled in the Registry rather than somewhere else in the
resolution chain.
These issues and the choices about how to resolve them (no pun intended
:-) are important but I would like to see them more clearly stated so as
to encourage a real debate about the architecture model as opposed to a
rush to picking an implementation.

Penn Pfautz
AT&T Global Access Management
+1-732-420-4962

-----Original Message-----
From: Cullen Jennings [mailto:fluffy@...] 
Sent: Sunday, March 11, 2007 11:20 PM
To: speermint@...
Subject: [Speermint] Comments
ondraft-newton-peppermint-problem-statement-00
anddraft-schwartz-peppermint-e164-provisioning-data-set-00

Many of my questions about the newton doc where answered by the  
schwartz doc and visa versa - they are nicely synchronized. I hope  
there is some thought to just combining these.

Stuff that was unclear to me revolved around who the different actors  
(Continue reading)

David Schwartz | 12 Mar 15:03 2007

RE: Commentsondraft-newton-peppermint-problem-statement-00anddraft-schwartz-peppermint-e164-provisioning-data-set-00

Hi Penn.

I reread the draft I wrote and found no mention of either private or
infrastructure ENUM. The closest match was the following snippet...

QueryType

       There are many protocols that can be used to perform
       the query.  While ENUM is one of the more popular
       protocols there is no reason other protocols (e.g.
       SIP 302) cannot be used as well.  Thus the Type of
       Query field indicates which protocol will be used for
       this profile.

I am not even sure that ENUM can provide the flexibility required in
practice (e.g. the differential response you allude to). The document I
wrote is informational in nature and its purpose is merely to highlight
some of the information that may need to be captured in a provisioning
process. Included in that information is "ownership" as in some
implementations (such as I-ENUM) this has value. The document does not
get involved in the private Vs. Infrastructure Vs Public ENUM debate.

Cheers,

D.

-----Original Message-----
From: PFAUTZ, PENN L, ATTCORP [mailto:ppfautz@...] 
Sent: Monday, March 12, 2007 3:23 PM
To: Cullen Jennings; speermint@...
(Continue reading)

Andrew Newton | 12 Mar 17:36 2007
Picon

Re: Comments ondraft-newton-peppermint-problem-statement-00 anddraft-schwartz-peppermint-e164-provisioning-data-set-00


On Mar 12, 2007, at 9:23 AM, PFAUTZ, PENN L, ATTCORP wrote:

> One problem with the Lewis draft and these other drafts is that they
> elide some of the larger context of work on ENUM.
> They clearly aren't speaking to user ENUM (RFC 3761). References to
> ownership of numbers suggests an Infrastructure ENUM focus, but it  
> seems
> to be a private ENUM rather than a public one. It includes the
> suggestion of differential response but with the assumption that that
> will be handled in the Registry rather than somewhere else in the
> resolution chain.
> These issues and the choices about how to resolve them (no pun  
> intended
> :-) are important but I would like to see them more clearly stated  
> so as
> to encourage a real debate about the architecture model as opposed  
> to a
> rush to picking an implementation.

Penn,

Is your objection that the draft(s) are not clear about the use of  
user ENUM vs infrastructure ENUM vs private ENUM?  Or are you  
objecting to the work being usable and/or targeted against private  
ENUM trees?

-andy
PFAUTZ, PENN L, ATTCORP | 12 Mar 17:48 2007
Picon

RE: Comments ondraft-newton-peppermint-problem-statement-00 anddraft-schwartz-peppermint-e164-provisioning-data-set-00

Andy:
Really just looking for a fuller definition of context and intended use.
I have no desire to prohibit anything.
I would like to see a discussion of merits and demerits of doing policy
in the Registry, for example, versus through subsequent resolution of
what is obtained from the Registry as this is an important technical
issue that most of us will have to make a decision about. 

Penn

Penn Pfautz
AT&T Global Access Management
+1-732-420-4962

-----Original Message-----
From: Andrew Newton [mailto:andy@...] 
Sent: Monday, March 12, 2007 12:36 PM
To: PFAUTZ, PENN L, ATTCORP
Cc: Cullen Jennings; speermint@...
Subject: Re: [Speermint] Comments
ondraft-newton-peppermint-problem-statement-00
anddraft-schwartz-peppermint-e164-provisioning-data-set-00

On Mar 12, 2007, at 9:23 AM, PFAUTZ, PENN L, ATTCORP wrote:

> One problem with the Lewis draft and these other drafts is that they
> elide some of the larger context of work on ENUM.
> They clearly aren't speaking to user ENUM (RFC 3761). References to
> ownership of numbers suggests an Infrastructure ENUM focus, but it  
> seems
(Continue reading)

Andrew Newton | 12 Mar 18:13 2007
Picon

Re: Comments ondraft-newton-peppermint-problem-statement-00 anddraft-schwartz-peppermint-e164-provisioning-data-set-00

Penn,

To answer your question with regard to how it works today, it works  
both ways in many cases.  The registries apply policy on their side,  
and those querying the registry apply policy post-dip.  However,  
neither change the actual query.  With the policies that are applied  
on both sides for which I am aware, non change the query protocol.

What technical issues are you concerned about?

-andy

On Mar 12, 2007, at 12:48 PM, PFAUTZ, PENN L, ATTCORP wrote:

> Andy:
> Really just looking for a fuller definition of context and intended  
> use.
> I have no desire to prohibit anything.
> I would like to see a discussion of merits and demerits of doing  
> policy
> in the Registry, for example, versus through subsequent resolution of
> what is obtained from the Registry as this is an important technical
> issue that most of us will have to make a decision about.
>
> Penn
>
> Penn Pfautz
> AT&T Global Access Management
> +1-732-420-4962
>
(Continue reading)

Richard Shockey | 12 Mar 18:23 2007
Picon

RE: Commentsondraft-newton-peppermint-problem-statement-00anddraft-schwartz-peppermint-e164-provisioning-data-set-00


Which I hope I can take as your support for forming a PEPPERMINT BOF in
Chicago? :-) 

> -----Original Message-----
> From: PFAUTZ, PENN L, ATTCORP [mailto:ppfautz@...]
> Sent: Monday, March 12, 2007 12:48 PM
> To: Andrew Newton
> Cc: speermint@...
> Subject: RE: [Speermint] Commentsondraft-newton-peppermint-problem-
> statement-00anddraft-schwartz-peppermint-e164-provisioning-data-set-00
> 
> Andy:
> Really just looking for a fuller definition of context and intended use.
> I have no desire to prohibit anything.
> I would like to see a discussion of merits and demerits of doing policy
> in the Registry, for example, versus through subsequent resolution of
> what is obtained from the Registry as this is an important technical
> issue that most of us will have to make a decision about.
> 
> Penn
> 
> Penn Pfautz
> AT&T Global Access Management
> +1-732-420-4962
> 
> _______________________________________________
> Speermint mailing list
> Speermint@...
> https://www1.ietf.org/mailman/listinfo/speermint
(Continue reading)

Saverio Niccolini | 13 Mar 14:14 2007
Picon

draft-niccolini-speermint-voipthreats-01.txt

Dear all,

we (me and Eric) will be in Prague next week and even if our 
draft is not in the agenda we would appreciate some of you to
take some time to read it and to discuss with one of us feedbacks/
comments/suggestions for improvements.

If you plan to be in Prague and want to have some discussion on
this we would appreciate your time, just drop us an email
Saverio Niccolini: saverio.niccolini@...
Eric Chen: dgtlsoul@... or eric.chen@...

Cheers,
Saverio

============================================================
Dr. Saverio Niccolini
Senior Research Staff Member
Network Laboratories, NEC Europe Ltd.
Kurfuerstenanlage 36, D-69115 Heidelberg
Tel.     +49 (0)6221 4342-118
Fax:     +49 (0)6221 4342-155
e-mail:  saverio.niccolini@...
============================================================
NEC Europe Limited
Registered Office: NEC House, 1 Victoria Road, London W3 6BL
Registered in England 2832014

> -----Original Message-----
> From: Saverio Niccolini [mailto:Saverio.Niccolini@...] 
(Continue reading)


Gmane