IETF Logo Mail Archive

Musing on SIP and SPAM

Michael Thomas <mike@mtcc.com> Fri, 24 April 2020 22:07 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E7483A0DBB for <ietf@ietfa.amsl.com>; Fri, 24 Apr 2020 15:07:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Level:
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uc9Xf7wu3wqO for <ietf@ietfa.amsl.com>; Fri, 24 Apr 2020 15:07:44 -0700 (PDT)
Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98E7A3A0DB9 for <ietf@ietf.org>; Fri, 24 Apr 2020 15:07:44 -0700 (PDT)
Received: by mail-pj1-x102b.google.com with SMTP id a7so4453341pju.2 for <ietf@ietf.org>; Fri, 24 Apr 2020 15:07:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc-com.20150623.gappssmtp.com; s=20150623; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding:content-language; bh=9bHad1lnUzwI6WpUaG2KlV/y/Qkd6CCS1VavBvtyQMU=; b=zybJosN/3hchI4vCEeXG8/PIXAIZiXWXJo/t91P2h3QPaakDzT+amcON7QUEKcAaX5 3aQMHcmVcrpZvDOnYKLdYwWsjfpc0xgOpB4VTLfKd8+EwfDyzqpUQFrx0ajqDSoA/0I6 j26OZOB23ZJh3u8rASD4wqHsOOU77UQmSR+lcDHj7s+aGFjCpWFDmV6c4dcC+pOrWaoZ 3sboO26l0I5t+lwIyOTpcw6nPFdsPgYz+LAxlG4P9D2q182oGoSN9/I34dWhhbsPskyD h2acivGxpIlri2AeT4h8k0dIVP2YxpLf0J1RqoFnuFjQRkx01OatFF1ihE/UNvkfuv3v uuIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-transfer-encoding:content-language; bh=9bHad1lnUzwI6WpUaG2KlV/y/Qkd6CCS1VavBvtyQMU=; b=JZ0sjFLjP7B2yMkQi1jsOcd7qQmPvLVsQbDFCiDRIhgpXuijPmtW04WFILRuGWO9Hr /7s42e9QdfHRaNZkBtKzdoK/AYMrQS+pOJCE+J8OQ6Xhih1OY39ZeZ4CA5r056ZgxFg8 QYo4Z0fmH3Ago1N1Fdn2JLZmG8H1Xhz+q8OZILFDh5M9Hz9e69fI6bs14HyzthTDOQi/ P9RySW+niUH3WyPnezWRMCuXRDLYQw04C+Ypw7jxENs1oteI70pOtQBH45k00AVK5Gah TM4Kg1VIyVX3OnPKaQVpJbjP48zxfGE8gu6XkrWY/NXY9uyMsYeg5j3/ZOLtdi+4aKbJ 0fYw==
X-Gm-Message-State: AGi0PuZWhfQdRozCzbVtD/6Njgc/t6EFaRGW+QqqE4o/tISrNht6hGbJ gD8FsCBbME0GYQZF98Wb/KjdW/0cAy8=
X-Google-Smtp-Source: APiQypJ1HhguwwKM+4rTMljfNEF4hEKuyRCaPLy49QtZRbQY0+XeRXlhlS+IDxhvCC081D89EiC4xA==
X-Received: by 2002:a17:90a:2ac2:: with SMTP id i2mr8757494pjg.91.1587766063268; Fri, 24 Apr 2020 15:07:43 -0700 (PDT)
Received: from mike-mac.lan ([170.75.129.86]) by smtp.gmail.com with ESMTPSA id r189sm5770507pgr.31.2020.04.24.15.07.41 for <ietf@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 24 Apr 2020 15:07:42 -0700 (PDT)
To: ietf@ietf.org
From: Michael Thomas <mike@mtcc.com>
Subject: Musing on SIP and SPAM
Message-ID: <c2f3a1c8-e95b-6115-9585-26ae4c795575@mtcc.com>
Date: Fri, 24 Apr 2020 15:07:41 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/F75KndtRTdSRSCt9QiIFAtshpDA>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Apr 2020 22:07:47 -0000

Ok, into the fray. I've written a couple of blog posts on the subject 
which go into more detail of what I've been thinking. Basically, after 
much searching through the STIR/SHAKEN stuff I finally figured out that 
sip:mike@mtcc.com was out of scope. And I mean, it took me a *long* time 
figure that out reading problem statements, requirements, etc. What my 
blog post wonders about is whether STIR/SHAKEN is solving the wrong 
problem. That is, it's trying to solve the e.164 spoofing problem via 
tel: uri and sip: uri's with embedded telephone numbers. This is an 
incredibly complex and fraught problem, so i have to ask whether it's 
even worth it? Telephony is pretty much all SIP these days, even to 
mobile phones with SIPoLTE, there's not much point to stick with e.164 
addresses as identifiers if it's SIP end to end or SIP end to almost the 
end with POTS termination. Since STIR/SHAKEN can't do much of anything 
with actual PSTN onramp/offramp based spam, it makes me wonder why we 
are holding onto mostly dead technology's vestiges. The future seems to 
me that a sip:mike@mtcc.com URI would be the future, but the did not 
solve for that. It's not like people *like* e.164 based identity, and 
mostly it's hidden from you on mobile phones anyway. Being one of the 
authors of DKIM (rfc 4871, etc) it has always occurred to me that 
something DKIM-like could work for SIP and actually hacked a version of 
my DKIM code to prove the point on a SIP stack in about 2005.

https://rip-van-webble.blogspot.com/2020/02/sip-what-about-from-header-no-love.html

Now being the dutiful engineer that I am, I decided to have an argument 
with myself and ask whether we both (STIR/SHAKEN and SIP-DKIM) are 
wrong. That is, is telephony as we know it essentially dying. The Covid 
pandemic has really put that into focus with services like Zoom in the 
limelight which as far as I know doesn't use SIP. Maybe none of them 
have an inter-provider problem like the PSTN does. So maybe the right 
solution is to do nothing, or do just the STIR/SHAKEN stuff because 
"Something Must Be Done".

https://rip-van-webble.blogspot.com/2020/04/on-second-thought-sip-security.html

Mike

PS: hi all, long time! missed y'all and hope you're keeping safe :)

v2.23.0 | Report a Bug | By Email