[secdir] [new-work] WG Review: Verification Involving PSTN Reachability (vipr)

IESG Secretary <iesg-secretary@ietf.org> Tue, 08 March 2011 17:57 UTC

Return-Path: <new-work-bounces@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@core3.amsl.com
Received: from [] (localhost []) by core3.amsl.com (Postfix) with ESMTP id B9DE43A6957; Tue, 8 Mar 2011 09:57:39 -0800 (PST)
X-Original-To: new-work@ietf.org
Delivered-To: new-work@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 30) id C10BE3A6956; Tue, 8 Mar 2011 09:57:38 -0800 (PST)
From: IESG Secretary <iesg-secretary@ietf.org>
To: new-work@ietf.org
Mime-Version: 1.0
Message-Id: <20110308175738.C10BE3A6956@core3.amsl.com>
Date: Tue, 08 Mar 2011 09:57:38 -0800
X-BeenThere: new-work@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: new-work-bounces@ietf.org
Errors-To: new-work-bounces@ietf.org
X-Mailman-Approved-At: Wed, 09 Mar 2011 10:13:17 -0800
Subject: [secdir] [new-work] WG Review: Verification Involving PSTN Reachability (vipr)
X-BeenThere: secdir@ietf.org
Reply-To: iesg@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Mar 2011 17:57:39 -0000

A new IETF working group has been proposed in the Real-time Applications
and Infrastructure Area.  The IESG has not made any determination as yet.
The following draft charter was submitted, and is provided for
informational purposes only. Please send your comments to the IESG mailing
list (iesg@ietf.org) by Tuesday, March 15, 2011.                        

Verification Involving PSTN Reachability (vipr)
Current Status: Proposed Working Group
Last updated: 2011-02-18


Real-time Applications and Infrastructure Area Director(s):
   * Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>
   * Robert Sparks <rjsparks@nostrum.com>

Real-time Applications and Infrastructure Area Advisor:
   * Robert Sparks <rjsparks@nostrum.com>

Mailing Lists:
   General Discussion: TBD (expected to be vipr@ietf.org)
   To Subscribe: TBD
   Archive: TBD

Description of Working Group:

There are two globally deployed address spaces for communications used
by more than a billion people daily - phone numbers and DNS rooted
address such as web servers and email addresses.  The inter-domain
signaling design of SIP is primarily designed for email style addresses
yet a large percentage of SIP deployments mostly use phone numbers for
identifying users, thus DNS lookups are not sufficient.  The goal of 
this working group is to enable inter-domain communications over the 
Internet, using protocols such as SIP, while still allowing people to 
use phone numbers to identify the person with whom they wish to 

The VIPR WG will develop a peer to peer based approach to finding
domains that claim to be responsible for a given phone number
to mitigate the involvement of centralized entities to avoid some of
the issues encountered by past attempts to support SIP inter-domain
communications.  Validation protocols will be developed to ensure a
reasonable likelihood that a given domain actually is responsible for
the phone number.  In this context, "responsible" means an
administrative domain, which is at least one of the domains, to which
a PSTN call to this phone number would be routed.  Once the domain
responsible for the phone number is found, existing protocols, such
as SIP, can be used for inter-domain communications.

Some validation protocols may be based on knowledge gathered around a
PSTN call; for example, the ability to prove a call was received over
the PSTN based on start and stop times.  Other validation schemes, such
as examining fingerprints or watermarking of PSTN media to show that a
domain received a particular PSTN phone call, may also be considered by
the working group.  This validation will be accomplished using publicly
available open interfaces to the PSTN, so the validation can be
performed by any domain wishing to participate.  The WG will select and
standardize at least one validation scheme.

The validation mechanism requires a domain to gather and maintain
information related to PSTN calls.  This information is used by call
agents such as phones, SBCs and IP PBXs to route calls.  The WG will
also develop mechanisms to detect in a timely manner that a given domain
is no longer responsible for a phone number.  The WG will define a
client-server protocol between these call agents and the entity within a
domain that maintains the information.

To help mitigate SPAM issues when using SIP between domains, the WG will
define a mechanism to enable one domain to check that incoming SIP
messages are coming from a validated phone number.  A phone number is
considered validated if it is coming from a domain to which the calling
domain had previously successfully placed a PSTN call.  The working
group will define new SIP headers and option tags, as necessary, to
enable this.

The essential characteristic of VIPR is establishing authentication by
PSTN reachability when it is not possible to use a direct reference to
ENUM databases or other direct assertions of PSTN number
ownership.  Elements such as public ENUM easily coexist with VIPR but no
direct interaction with ENUM will be required.  The solution set defined
by this WG will be incrementally deployable using only existing
interfaces to the PSTN.  No changes will be required to existing PSTN
capabilities, no new database access is needed nor is any new support
from PSTN service providers required.

The WG will produce the following deliverables:

1) A document describing the requirements, problem statement and
architectural approach to support SIP inter-domain communications.
2) A document describing the use of the p2psip protocol (RELOAD) as
applied to this problem space.
3) A document defining a scheme for validating the phone numbers using
publicly available open interfaces to the PSTN.
4) A document defining client-server protocol between call agents and 
the entity within a domain that gathers and maintains information 
related to PSTN calls.
5) A document describing a mechanism to mitigate SPAM issues.

The working group will carefully coordinate with the security area, O&M
area, as well as the appropriate RAI WGs such as sipcore and p2psip.

Goals and Milestones:

Sep 2011  Submit Requirements, Problem statement, and architecture 
          overview for publication as Informational
Dec 2011  Submit Peer to peer base protocol specification for 
          publication as Proposed Standard 
Dec 2011  Submit PSTN based number validation techniques for publication 
          as Proposed Standard
Apr 2012  Submit Protocol for call agents to exchange call and routing 
          information for publication as Proposed Standard
Apr 2012  Submit Specification of authorization tokens to mitigate SPAM 
          for publication as Proposed Standard
new-work mailing list