Session Date/Time: 10 Nov 2023 08:30

stir

Summary

The STIR working group met to discuss three main documents: Connected Identity, Certificate Lifetimes, and STIR with MLS. Discussions centered on updates to the Connected Identity draft, the adoption of a short-lived certificate draft, and potential integration points between STIR and MLS, including MLS credential types. An action item was created for calls of adoption for short-lived certificate and MLS drafts. Other business regarding identity was briefly discussed.

Key Discussion Points

Service Provider OOB: The group decided to proceed with processing the Service Provider OOB document as standards track, following a prior consensus call on the list.
Connected Identity: Discussed updates to the Connected Identity draft based on feedback from Jonathan Rosenberg, including adding a 2FA use case, clarifying normative statements, and clarifying application to CANCEL messages. The group acknowledged no objections but also a lack of enthusiasm.
Certificate Lifetimes: Explored OCSP stapling and short-lived certificates as approaches to managing dynamic telephone number ownership within certificates. Discussed the trade-offs of each approach. Defined X5C and Staple approach. Agreed to change the short lived certificate lifetime recommendation to three days.
STIR with MLS: Explored defining new MLS credential types for RFC 8226 certificates and passports. Discussed the security implications of using service provider certificates versus delegate certificates in MLS.

Decisions and Action Items

Decision: Proceed with processing Service Provider OOB document as standards track.
Decision: Change the short-lived certificate lifetime recommendation to three days.
Action Item: Call for adoption of short lived certificate draft.
Action Item: Call for adoption of MLS draft.
Action Item: Chris to shepherd the RCS document.

Next Steps

Fix the example in the OCSP draft.
Coordinate with the MLS working group regarding the STIR with MLS draft.
Address comments and refine the drafts based on the discussions.
Continue discussion on the mailing list.