Last Call: <draft-ietf-stir-problem-statement-03.txt> (Secure Telephone Identity Problem Statement) to Informational RFC

The IESG <> Thu, 06 February 2014 16:49 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 896DD1A042A; Thu, 6 Feb 2014 08:49:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id uCM0ATBqpRvP; Thu, 6 Feb 2014 08:49:14 -0800 (PST)
Received: from (localhost [IPv6:::1]) by (Postfix) with ESMTP id 797011A03F7; Thu, 6 Feb 2014 08:49:14 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <>
To: IETF-Announce <>
Subject: Last Call: <draft-ietf-stir-problem-statement-03.txt> (Secure Telephone Identity Problem Statement) to Informational RFC
X-Test-IDTracker: no
X-IETF-IDTracker: 5.0.0
Auto-Submitted: auto-generated
Precedence: bulk
Sender: <>
Message-ID: <>
Date: Thu, 06 Feb 2014 08:49:14 -0800
X-Mailman-Version: 2.1.15
List-Id: "IETF announcement list. No discussions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 06 Feb 2014 16:49:15 -0000

The IESG has received a request from the Secure Telephone Identity
Revisited WG (stir) to consider the following document:
- 'Secure Telephone Identity Problem Statement'
  <draft-ietf-stir-problem-statement-03.txt> as Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the mailing lists by 2014-02-20. Exceptionally, comments may be
sent to instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.


   Over the past decade, Voice over IP (VoIP) systems based on SIP have
   replaced many traditional telephony deployments.  Interworking VoIP
   systems with the traditional telephone network has reduced the
   overall security of calling party number and Caller ID assurances by
   granting attackers new and inexpensive tools to impersonate or
   obscure calling party numbers when orchestrating bulk commercial
   calling schemes, hacking voicemail boxes or even circumventing multi-
   factor authentication systems trusted by banks.  Despite previous
   attempts to provide a secure assurance of the origin of SIP
   communications, we still lack of effective standards for identifying
   the calling party in a VoIP session.  This document examines the
   reasons why providing identity for telephone numbers on the Internet
   has proven so difficult, and shows how changes in the last decade may
   provide us with new strategies for attaching a secure identity to SIP

The file can be obtained via

IESG discussion can be tracked via

No IPR declarations have been submitted directly on this I-D.