Re: Thoughts from IETF-92
Phillip Hallam-Baker <phill@hallambaker.com> Tue, 31 March 2015 15:37 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55E5E1A8AE7 for <ietf@ietfa.amsl.com>; Tue, 31 Mar 2015 08:37:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.422
X-Spam-Level: *
X-Spam-Status: No, score=1.422 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lVp7aRvSZth2 for <ietf@ietfa.amsl.com>; Tue, 31 Mar 2015 08:37:55 -0700 (PDT)
Received: from mail-la0-x22d.google.com (mail-la0-x22d.google.com [IPv6:2a00:1450:4010:c03::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B52E1A0AFE for <ietf@ietf.org>; Tue, 31 Mar 2015 08:37:55 -0700 (PDT)
Received: by lagg8 with SMTP id g8so15769500lag.1 for <ietf@ietf.org>; Tue, 31 Mar 2015 08:37:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=1BHfe//hYq7wQiIoLNjX4n/P7yrN0Fl9zXnZtipYoes=; b=u68y7/h6TprYmI/Uth/Fy6v2x2dB1sAdvKOcaeinIK0Om9nvgQ9sFlFM3BRCxNKc4m jOYYkxRkvVjE1VO/x0PwcbVJLaWZ0OUcuyzg5TSHZJjXTYKoFijLxVvtl+ONMW5/icti KT+fJH0vmKtkHEXceJspOHvk8BdWSnABeJdpxsM0DHj/fWzjDLkbRMBcHrAEy7KUn/iR qzI5zOnH4fTKyYBKqU4Cm0LSU4JQzs3E0GXTgv8xX/VUByeaDXq/KSBNyjiNMiG7JPJ/ Q0iVLScCZJumP1muY4I/DtOEEjlB/Yo7Vytvez7Yqu8Tj3kdp64Rg0d6i6Gg5oOD7+ZT sQBA==
MIME-Version: 1.0
X-Received: by 10.112.72.36 with SMTP id a4mr14688005lbv.58.1427816273523; Tue, 31 Mar 2015 08:37:53 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.147.165 with HTTP; Tue, 31 Mar 2015 08:37:53 -0700 (PDT)
In-Reply-To: <9115F582-3480-49B8-8523-F3A181ED93B8@cisco.com>
References: <7A5C678D-4897-4B9E-908F-14D7C389C48B@ietf.org> <D13F4955.22F18%richard@shockey.us> <9115F582-3480-49B8-8523-F3A181ED93B8@cisco.com>
Date: Tue, 31 Mar 2015 11:37:53 -0400
X-Google-Sender-Auth: aST2y5ypEJXb6z09xiIMO3S7c1M
Message-ID: <CAMm+Lwg5KKAanG+-yZJUGL1iLJRb4-t_vGS9iyvHTf4FvE2gyA@mail.gmail.com>
Subject: Re: Thoughts from IETF-92
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: "Fred Baker (fred)" <fred@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/vFiELfD__ZNY2ML4pCd1WzAObYc>
Cc: IETF Discussion Mailing List <ietf@ietf.org>, Richard Shockey <richard@shockey.us>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Mar 2015 15:37:56 -0000
On Tue, Mar 31, 2015 at 3:10 AM, Fred Baker (fred) <fred@cisco.com> wrote: > >> On Mar 30, 2015, at 3:55 PM, Richard Shockey <richard@shockey.us> wrote: >> >> The CU folks told us that this is the NUMBER 1 issue their members >> complain about. Yes it is our problem because we define SIP. > > I spoke with one of them in the lobby Saturday morning. I explained how what she was calling for was a global (federated?) PKI, and she wasn’t likely to achieve her goal without one. > > That it wasn’t a protocol problem, as we have the protocols and protocol support for it. All it takes is money. All it takes is a business model. The business model for the TLS WebPKi works fine because people will pay money up front to be able to take credit cards for payment. Even in the earliest e-commerce days, the reward was commensurate with the cost. The business model for S/MIME did not work out because even though most folk would probably pay $10/yr for an email PKI that lets them communicate securely with almost anyone, $10/yr to pay to communicate with the other folk willing to pay for a network with a 0.1% market share (at best) is much too high. I think that it is actually quite practical to establish an 'organic' PKI that could meet the CU requirements. What I would do is to align cost and benefit by making certificate registration free and then establish a business that charges people for telling them if an incoming call is likely to be junk or not. this model has been validated in DKIM email. Signing your mail with DKIM is free, having someone tell you what is legit and what is spam is the bit that costs. We already have most of the specs. SIP can use certs and we can enroll the certs in a TRANS type log. The principal obstacle is the lack of open hardware that can connect up to the telephone devices and perform the necessary functions. I think the telcos had better get their act together soon and fix this. I still have a landline at the moment but it isn't going to be in the house very long if I continue to get six interruptions a day from scam artistes.
- Thoughts from IETF-92 IETF Chair
- Re: Thoughts from IETF-92 Richard Shockey
- Re: Thoughts from IETF-92 Dave Crocker
- Re: Thoughts from IETF-92 Brian E Carpenter
- Re: Thoughts from IETF-92 Richard Shockey
- Re: Thoughts from IETF-92 Richard Shockey
- Re: Thoughts from IETF-92 Fred Baker (fred)
- Re: Thoughts from IETF-92 Fred Baker (fred)
- Re: Thoughts from IETF-92 Christian de Larrinaga
- Re: Thoughts from IETF-92 Andrew Sullivan
- Re: Thoughts from IETF-92 Matthew Ford
- Re: Thoughts from IETF-92 Leif Johansson
- Re: Thoughts from IETF-92 Richard Shockey
- Re: Thoughts from IETF-92 Phillip Hallam-Baker
- Re: Thoughts from IETF-92 Nico Williams
- Policy and regulator connections (Was: Re: Though… Jari Arkko
- Re: Thoughts from IETF-92 Jari Arkko
- Re: Thoughts from IETF-92 Joseph Lorenzo Hall
- Re: Thoughts from IETF-92 Richard Shockey
- Re: Thoughts from IETF-92 Phillip Hallam-Baker
- Re: Thoughts from IETF-92 Richard Shockey
- Re: Thoughts from IETF-92 Joseph Lorenzo Hall
- Re: Thoughts from IETF-92 Mukom Akong T.