A SIP Response Code for Unwanted Calls
draft-ietf-sipcore-status-unwanted-06

[Ballot comment]
I agree with Warren - short, clear, and to the point.

I agree with EKR and Kathleen about requiring authentication.

In this text,

  Thus, the call is rejected due to the called party's
  (temporary) disposition.
 
I'm having trouble matching dictionary definitions to the use of "disposition" here. I guess it's an OK use of the word, and I know what's intended based on context clues, but if another word would be clearer, that would be helpful.

This text,

  The particular response code number
  was chosen to reflect the distaste felt by many upon receiving such
  calls.
 
is unchanged from the previous version, where the response code number was 666. Is that intentional?

Just checking - in this text,

  The service
  provider delivering calls or messages to the user issuing the
  response MAY take a range of actions, for example, add the calling
  party to a personal blacklist specific to the called party, use the
  information as input when computing the likelihood that the calling
  party is placing unwanted calls ("crowd sourcing"), initiate a
  traceback request, or report the calling party identity to consumer
  complaint databases operated by government authorities.
 
there's no standardized way for the called party to signal that this action should be reversed, is there? I ask, because the next paragraph says,

  The user experience is envisioned to be somewhat similar to email
  spam buttons where the detailed actions of the email provider remain
  opaque to the user.
 
and I use the "this is not spam" button on email fairly frequently. The security considerations section does talk about the protected party notifying the service provider using unstandardized mechanisms - I see that. Maybe a forward pointer to that discussion would be helpful.

[Ballot comment]
I agree with EKR's comment and would like to see additional security considerations that spell out the dangers of not sending this over secure network or without mutual authentication (MiTM attack he describes). 

I just noticed the text called out by the SecDir review and would like to know if the following change could be made since it is just part of a list of examples:
OLD:
  or report the calling party identity to consumer
  complaint databases operated by government authorities.
NEW:
  or report the calling party identity to consumer
  complaint databases.
It doesn't seem necessary to call out government authorities here and there is the potential for abuse with such databases (government or otherwise managed).

I was glad to see the explanation for the existence of this draft in the shepherd report and ballot text, but think the explanation should be in the draft as well.  I was curious about implementations as there is the potential for trouble with this option.  It seems like it should be experimental first, but I guess we could always make it historic later if unforeseen problems arise.

[Ballot comment]
I agree with EKR's comment and would like to see additional security considerations that spell out the dangers of not sending this over secure network or without mutual authentication (MiTM attack he describes). 

I was glad to see the explanation for this draft in the shepherd report and ballot text, but think the explanation should be in the draft as well.  I was curious about implementations as there is the potential for trouble with this option.  It seems like it should be experimental first, but I guess we could always make it historic later if unforeseen problems arise.

[Ballot comment]
It seems like the security considerations here probably need
to cover what's needed to prevent forged 607 responses. This
seems like an issue for on-path attackers, who could block
the real response and inject a 607. This isn't usually
that great an attack, but if you can use it in a sort of
bounce attack to really gag a sender, that would be bad.

Probably what's needed here is text about only accepting
607s over TLS (and filtering at the other endpoint). It's
also worth mentioning that in a post-STIR world, you could
send the PASSporT object as proof of the existence of
the call (though not of its unwantedness).

[Ballot comment]
I actually have one mostly technical question: It is not fully clear to me if the Unwanted response code always indicates a user action or if the same code is used when an automated system declines the call? My understanding is that the idea is that this could also be automated if the user has some kind of control of the system (which is probably hard to verify). Or would it make sense to distinct between the cases where the user actively rejects a call or an automated system is generating the response code (on behalf of the user)?

[Ballot comment]
Thanks, short, sweet and to the point.

One minor comment:
"These may use call characteristics such as call duration and call volumes for a particular caller, as well changes in those metrics over time"
s/as well changes/as well as changes/
(missing a word)

Please also see Al Morton's OpsDir comment at: https://www.ietf.org/mail-archive/web/ops-dir/current/msg02571.html
(for an earlier version)

(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has completed its review of draft-ietf-sipcore-status-unwanted-04.txt. If any part of this review is inaccurate, please let us know.

The IANA Services Operator understands that, upon approval of this document, there are two actions which we must complete.

First, in the Response Codes subregistry of the Session Initiation Protocol (SIP) Parameters registry located at:

https://www.iana.org/assignments/sip-parameters/

a single, new response code is to be registered as follows:

Response Code: 666
Description: Unwanted
Reference: [ RFC-to-be ]

Second, in the Global Feature-Capability Indicator Registration Tree subregistry also in the Session Initiation Protocol (SIP) Parameters registry located at:

https://www.iana.org/assignments/sip-parameters/

a single, new parameter will be registered as follows:

Name: sip.666
Description: This feature-capability indicator when used in a REGISTER response indicates that the server will process the 666 response code. This does not imply any specific action.
Reference: [ RFC-to-be ]

Because this registry requires Expert Review [RFC5226] for registration, we've contacted the IESG-designated expert in a separate ticket to request approval. Expert review should be completed before your document can be approved for publication as an RFC.

The IANA Services Operator understands that these two actions are the only ones required to be completed upon approval of this document.

Note:  The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed.

Thank you,

Sabrina Tanamal
IANA Services Specialist
PTI

The following Last Call announcement was sent out:

From: The IESG
To: IETF-Announce
CC: ben@nostrum.com, adam@nostrum.com, Adam Roach , sipcore-chairs@ietf.org, sipcore@ietf.org, draft-ietf-sipcore-status-unwanted@ietf.org
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (A SIP Response Code for Unwanted Calls) to Proposed Standard


The IESG has received a request from the Session Initiation Protocol Core
WG (sipcore) to consider the following document:
- 'A SIP Response Code for Unwanted Calls'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2017-03-21. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  This document defines the 666 (Unwanted) SIP response code, allowing
  called parties to indicate that the call or message was unwanted.
  SIP entities may use this information to adjust how future calls from
  this calling party are handled for the called party or more broadly.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-sipcore-status-unwanted/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-sipcore-status-unwanted/ballot/


No IPR declarations have been submitted directly on this I-D.

This is my AD evaluation of draft-ietf-sipcore-status-unwanted-04. I have a few substantive and and some editorial comments. I don't think any of these need block the IETF last call, which I will request shortly. These can be resolved along with any IETF LC comments.
-----------------
- Substantive Comments:

-- section 4, first paragraph:

I'm struggling to understand what a sending a 666 when canceling a branch of a forked call would mean. Are we talking about a scenario where a forking proxy notes that one device responds with a 666, then the proxy sends that to the other branches? If so, some elaboration of the use case might be helpful.

-- Section 4, paragraph 3:
There's some imprecision in whether explicit user action is expected when deciding to send a 666. I think the intent is that explicit user action (e.g. a spam button) is just one of multiple ways a called UA could decide to do so. But the last sentence of the paragraph seems to indicate an expectation for explicit UI action, in spite of the earlier sentences that allowed otherwise. It's not clear to me if those previous sentences describe when to _send_ a 666, or just what one might do when receiving one.

-6, 3rd paragraph from end:
How can one reasonably know that an identity has been reassigned? I can see the case where the callee's service provider is the same as the caller's service provider, but that's a degenerate case. Are we expecting the calling SP to inform the callee SP out of band, and the callee SP to believe them? Given how poorly that seems to work in the context of email, I wonder if there's any useful advice to give here.

- Editorial Comments:

-- There's some general imprecision in the use of "UAC" and "UAS". I think the intent is to speak of the UAC and UAS in the context of the dialog-initiating transaction (at least when a dialog is involved), but it ends up with language of the form of "... when the UAS sends a BYE request...". Perhaps terms like "caller UA" and "callee UA" would be more clear? (Not that I particularly those, when caller and callee or called vary by a single letter.)


-- section 1, first paragraph, sentence starting with "This document addresses only the last mode..."
The sentence is convoluted. Can it be broken into  a few simpler sentences?

-- 4, 2nd paragraph:
Please avoid 2119 keywords (in this case MAY), in a non-exhaustive list of examples, as it implies that additional MAYs exist but are not explicitly mentioned. Consider something along the lines of "...MAY perform some action based on local policy, for example, add the party to a local blacklist, ..."

--4, 4th paragraph: I'm not sure I believe the sentence starting with "In other words" paraphrases any previous words :-)

--6: 2nd to last paragraph: A citation for call transfer might be nice. (Maybe the call flows RFC?)

(1) What type of RFC is being requested (BCP, Propothsed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

  Standards Track

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

  This document defines the 666 (Unwanted) SIP response code, allowing
  called parties to indicate that the call or message was unwanted.
  SIP entities may use this information to adjust how future calls from
  this calling party are handled for the called party or more broadly.
  This is part of the larger toolkit of SIP tools being developed to
  help mitigate the issue of large-scale unwanted phone calls.

Working Group Summary

  The period of discussion for this draft was uncharacteristically short and
  vigorous for the SIPCORE working group, with over 150 messages spanning a
  three-month period. Support for the mechanism was universal, with the only
  real point of contention being how far the document should go in prescribing
  specific behaviors by network elements upon receipt of the response code. The
  current version reflects carefully crafted wording that reflects the intention
  of the code while avoiding the concerns of those parties that did not want to
  see future call-rejection behavior normatively defined.

Document Quality

  The document has been well reviewed within the SIP working group. While no
  implementations are known to yet exist, the need for this new response code
  has been brought to the IETF by the United States FCC and major US
  telecommunications carriers as a necessary tool for fighting unwanted phone
  calls. There is a strong implication that these parties plan to ensure a
  wide-scale roll-out of the response code, at least within the United States,
  and likely elsewhere.

Personnel

  Adam Roach is the document shepherd. Ben Campbell is the responsible
  area director.

(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

  This is a short document. The shepherd has read every version in their
  entirety as they were published.

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

  The scope of reviews performed seems adequate and approrpriate.


(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

  The document requires no specialized expertise beyond that possessed by
  regular participants in the SIPCORE working group.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

  The shepherd has no such concerns.

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

  The author has confirmed that no such declaration is necessary.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

  There has been no IPR disclosure filed.

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it?

  Discussion on the document has involved a substantial percentage of those
  participants in SIPCORE who can be readily identified as "active." Based on
  mailing list discussions, agreement on the -03 version of the document is
  universal.

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

  No appeal or discontent has been expressed.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

  The document passes the automated nits check and a manual examination
  against the checklist.

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

  No formal review requirements are triggered by this document, aside from any
  required by IANA process.

(13) Have all references within this document been identified as
either normative or informative?

  They have.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

  All normative references are to published RFCs.


(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

  Thre are no downward normative references.


(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

  This document does not change the status of any published RFCs.

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

  The names of the tables are precise; the registrations include all fields
  named in the tables; and the registration of values by this document are in
  accordance with registration policies for the associated tables. The values
  being registered are consistent with the document text.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

  This document does not add any IANA registries.

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.

  There is no formal language defined in this document.