IETF Logo Mail Archive

Re: [sipcore] [stir] draft-ietf-sipcore-callinfo-04 (call-reason)

"Holmes, David" <David.Holmes@t-mobile.com> Fri, 18 March 2022 20:32 UTC

Return-Path: <David.Holmes@t-mobile.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6969E3A0F47; Fri, 18 Mar 2022 13:32:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.808
X-Spam-Level:
X-Spam-Status: No, score=-1.808 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tmobileusa.onmicrosoft.com header.b=FphoZ5Oy; dkim=pass (1024-bit key) header.d=tmobileusa.onmicrosoft.com header.b=FphoZ5Oy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FG6LRhmAQqRb; Fri, 18 Mar 2022 13:32:09 -0700 (PDT)
Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam08on2121.outbound.protection.outlook.com [40.107.102.121]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 883B83A0BF0; Fri, 18 Mar 2022 13:32:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TMobileUSA.onmicrosoft.com; s=selector1-TMobileUSA-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DHjovthTMv53KXjmq519pUIDztv8QVyNBg82l+ESXfI=; b=FphoZ5OyseONtd6bkaI7q14b1h4Y3bpyjc7yaO5dhw45mWOWWLOQ9z7aCwhg1bdO5nZnLU3QtM2gRne/ZkqKbWY38DX+bfmXuPTdC53YRB+fkJMrV7geAC2CBhgmWRJR8VlLOu91HH/xHv8LbkW3LsbIm5Yaegi9meVgvUal9kM=
Received: from BN8PR12CA0010.namprd12.prod.outlook.com (2603:10b6:408:60::23) by CO6PR02MB7699.namprd02.prod.outlook.com (2603:10b6:303:a9::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5081.15; Fri, 18 Mar 2022 20:32:06 +0000
Received: from BN1NAM02FT047.eop-nam02.prod.protection.outlook.com (2603:10b6:408:60:cafe::74) by BN8PR12CA0010.outlook.office365.com (2603:10b6:408:60::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5081.17 via Frontend Transport; Fri, 18 Mar 2022 20:32:06 +0000
X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 144.49.247.87) smtp.mailfrom=t-mobile.com; dkim=pass (signature was verified) header.d=TMobileUSA.onmicrosoft.com;dmarc=fail action=none header.from=t-mobile.com;
Received-SPF: Fail (protection.outlook.com: domain of t-mobile.com does not designate 144.49.247.87 as permitted sender) receiver=protection.outlook.com; client-ip=144.49.247.87; helo=mail.ds.dlp.protect.symantec.com;
Received: from mail.ds.dlp.protect.symantec.com (144.49.247.87) by BN1NAM02FT047.mail.protection.outlook.com (10.13.3.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5081.14 via Frontend Transport; Fri, 18 Mar 2022 20:32:05 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AtS4V+ACzd5sXqZ66XP4QJU+YVET/x+fPgogM9wFx0WLrA36UVnke+bwTdwj0BJNW2MHEIfAliqlD0Sc4YGXc0ecaIQzNuFLWqGC4D+GaT9FgCx2jzzHdAoiruKq9dLMAnMIgnoA6VwaL2ZuhthFJ3j022AxZQ7zf2SRSHJg0dmNSFcvyA0s3PFpQsAVRPsn2iYIPsxe19MXApwoEjYZdiAb98pv7O2Ua5oeiKBti2hnsVDk0PJst7Du8hJMPXE6LTJLq3KCQLmb5kwcrg6F1YxsBpe+vl2J+QDmcpXIC66xezMViv6GdDeMjHv/EEBH+uJHgEZrGMUIx1TAbi8xMA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DHjovthTMv53KXjmq519pUIDztv8QVyNBg82l+ESXfI=; b=EAxHWlZE/emQE7pp/NkhrWyGe3YOFP7aEyJdER60ImO/MiFxNGJGyHrwBL8YNU7FOc35Lj1wQmknBOvtFFY5HYXGLRTYZQb4+wujW5U7Vm4pb+tn+uXmKUefUJ7tSubP3GirsPWAXFAOnpDZghRlOPUiSbmBjw0N9UVN7iXkP+pUjvI6hF81WWfPHM11FkKK3ngwcnr+OmeXh2MEaPQTDEgF6ICLOfk+Gbulmkq0hU3FsOVRCjyUENFAKvFE1H2zKVOZcwPzSfAfjYNG3zEW5IUqc4LDVLYKRD7mqyvs6g7Rw9r2G8OjGlMsh5BAQw6IFfPQmtN5FqXIjHUwgmbe7w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t-mobile.com; dmarc=pass action=none header.from=t-mobile.com; dkim=pass header.d=t-mobile.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TMobileUSA.onmicrosoft.com; s=selector1-TMobileUSA-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DHjovthTMv53KXjmq519pUIDztv8QVyNBg82l+ESXfI=; b=FphoZ5OyseONtd6bkaI7q14b1h4Y3bpyjc7yaO5dhw45mWOWWLOQ9z7aCwhg1bdO5nZnLU3QtM2gRne/ZkqKbWY38DX+bfmXuPTdC53YRB+fkJMrV7geAC2CBhgmWRJR8VlLOu91HH/xHv8LbkW3LsbIm5Yaegi9meVgvUal9kM=
Received: from DM5PR02MB2876.namprd02.prod.outlook.com (2603:10b6:3:109::15) by PH0PR02MB8536.namprd02.prod.outlook.com (2603:10b6:510:de::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5081.14; Fri, 18 Mar 2022 20:32:03 +0000
Received: from DM5PR02MB2876.namprd02.prod.outlook.com ([fe80::209b:273f:251:66c8]) by DM5PR02MB2876.namprd02.prod.outlook.com ([fe80::209b:273f:251:66c8%7]) with mapi id 15.20.5081.017; Fri, 18 Mar 2022 20:32:03 +0000
From: "Holmes, David" <David.Holmes@t-mobile.com>
To: Henning Schulzrinne <hgs@cs.columbia.edu>, Chris Wendt <chris-ietf@chriswendt.net>
CC: "stir@ietf.org" <stir@ietf.org>, SIPCORE <sipcore@ietf.org>
Thread-Topic: [stir] [sipcore] draft-ietf-sipcore-callinfo-04 (call-reason)
Thread-Index: AQHYOtLeM/NZBJtiQ02eDWSPZmW6/6zFkUgAgAACT7A=
Date: Fri, 18 Mar 2022 20:32:03 +0000
Message-ID: <DM5PR02MB287628F28B5C4563293318ABAC139@DM5PR02MB2876.namprd02.prod.outlook.com>
References: <CACgrgBbUASA4HTukPwZL9V=8XOMTx_keZcDh-pVc0eSJYtVS8w@mail.gmail.com> <86BE36F5-7CFE-48BE-B0A7-7458B67EB208@chriswendt.net> <CACgrgBYLsb1rdceMtbTYYwL-JhejCA__j=PRnr1UsjTig2jf4A@mail.gmail.com>
In-Reply-To: <CACgrgBYLsb1rdceMtbTYYwL-JhejCA__j=PRnr1UsjTig2jf4A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t-mobile.com;
X-MS-Office365-Filtering-Correlation-Id: 60162e8a-b23a-45ba-9856-08da091e5e1d
x-ms-traffictypediagnostic: PH0PR02MB8536:EE_|BN1NAM02FT047:EE_|CO6PR02MB7699:EE_
X-Microsoft-Antispam-PRVS: <CO6PR02MB7699DA7D4B8FDE7C2D5281B7AC139@CO6PR02MB7699.namprd02.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: 22DvmWa6r9zesHa8nUZ/tRT26sQMZx6JnkgXsnKqF877eHy7JrQfGSoq1WmDUlfP+raVl0cRK47Vcmc3LhrmIOo5/YBiKTtKV9JKbg0I+QvqnkuKM1RJ1LyHYkGjoQdbUw5unFdFrSk7zfx50e1cdf6s80DcagLXjIvhw9T+4KM7X/VWoVaOdhzUyxiosUtpcvpFSPgA/jrAzo6QsmrfNXt6Ks6UlkpLyiCODwOcKoL/9/rahwVj2yxT3+n6fd6bgJyNcWzTWtRxMJLRmOogMVK//aNXsjhgFCyIqKn+Zc+TKgxIur9JIlcQgOxYl61saXZbqclKkha2nUXZvMxiHQbRjOoSZd2DZ6Rj+CHwRxhyUBwQDzGk5cbGy1mCSvkebh7H/M2GVCL83a0eC/R6QfL9Nv5mGOPenvSCd/n57WIf2G84WZHUAhooh+ISiVxLEx3oAyEO4V5ba3hnD+Kx4RL6z6p0iUXf//3qBwFAaPAJtPPGI0v4uA0TWzoih2e9kFwJpJpTJ1bMCYW+jPH/5IAdmMmt/ZK/4qqIv3WyvKRc1xo6Rays41AVDFJ9Szmnkt88tFo1sh2na1LD6/wTl7y+cHwFh/Hyb2aTbfvoil5iFZV0QPCHfKB7ui2bRJVg2m/ak9SKACvqkVQjaO7SGYPTR5JdQRem5X07FG5KTxzmm+Mg9KX5rNJJudFgJcrBGylnjM/GlLiBYppYetzBmPojVvcG4NgCGFcmvIs8kK+aNd8eU0wUeDpGiQHZpprizrR35V/bCbAnG3lvuuG2dX6Rur8fRFnhGKNDb6Oj/2ycoRtysqOjhBmutbr9Z13X/3zza6MDILzrDbd0HSURLg==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM5PR02MB2876.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(7066003)(166002)(86362001)(8936002)(52536014)(38100700002)(82960400001)(122000001)(33656002)(40140700001)(38070700005)(2906002)(316002)(9686003)(5660300002)(53546011)(26005)(7696005)(6506007)(54906003)(966005)(508600001)(71200400001)(110136005)(55016003)(4326008)(64756008)(8676002)(76116006)(66556008)(66476007)(66446008)(83380400001)(66946007)(186003); DIR:OUT; SFP:1102;
Content-Type: multipart/alternative; boundary="_000_DM5PR02MB287628F28B5C4563293318ABAC139DM5PR02MB2876namp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR02MB8536
X-CFilter-Loop: Reflected
X-DetectorID-Processed: 8c846453-0f50-46b3-95ab-8bbaf7238615
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: BN1NAM02FT047.eop-nam02.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 547bcb0f-7eb0-4cb5-452a-08da091e5cb1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: x3k6Re3PyDPi22JlCiQtkG3zTiRnukuzBwmZsUweGukFSqhAdOMpm88T1uZkXJvrNt8ZBaDoHAS1zieZbwx+J+bBXJAXZ+XvP8+BLpjwEHtWJD9priS69AOqtQq30CLNP7rmlZVCZEs0yQjknJTUxrZWxrsCNOSXLx+uB0XTyLCkfIu2Tvr3aTwJhk3PmlqrR409n/phDZx6+k8mDc6gHDx7mFgBJ/ZDhSlrRsaIxtwBRv+u1fWKP79XBdK7JnEEGjnIHXjF+XY1cvmIRFO6DYJu9xdsfzqIGc3skG0zRsGXTnUNOaEPpMo0CQJ5mKlz1bTKmZcYreKTyynDdDR2HFM5N0s3YMhgrfgalzYmL2xviUCow3O9er7xlGcqPhDbGxHVtaIUO+zRoyhcn+zR3sR8rjnI57TzQBXMijNoMOarlpFP40oPn89v5iiKbZQDqbeayMzOjI2PWTXffmheoE6C8aI0zCfWl2kidnbSVcYaiN9P8n1cceeXhUkUovwIJVYEtUz37JHMmXw3pMOY35i9TL2TxgmnLuleEeGXTzB+bjCiAIMd6baiD7owbYZ8peaewRqvF98aWikKjohHk3aEM7iGQ72tRw3/l+Gk5wAptMLnTN1NE2VIppBF1g8oTUkzl109BW8Nulvo4USeXM5JffbwySCse1s9alrtaHBpJAXabJZOWInosPe9HViL34lIzwxLeVl7o+PzAYRRS4gICpH3Pz490r6MfxUkbjHCHtuY4sMD2inOvHLah9fJEj5W34J2MfDgEsSUddKkNNXiLKbxVa6WyFmDlsfRgH1q6t4OqX9VhuNQKW1YOY9qcD2DTa3XsSkmOANeTS56QA==
X-Forefront-Antispam-Report: CIP:144.49.247.87; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.ds.dlp.protect.symantec.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230001)(4636009)(46966006)(40470700004)(36840700001)(36860700001)(316002)(110136005)(54906003)(7696005)(9686003)(6506007)(26005)(186003)(336012)(47076005)(53546011)(966005)(82310400004)(45080400002)(83380400001)(5660300002)(40460700003)(30864003)(8936002)(52536014)(86362001)(40140700001)(33656002)(2906002)(55016003)(81166007)(7066003)(356005)(166002)(8676002)(4326008)(82960400001)(70206006)(70586007)(508600001)(36900700001); DIR:OUT; SFP:1102;
X-OriginatorOrg: t-mobile.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Mar 2022 20:32:05.7294 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 60162e8a-b23a-45ba-9856-08da091e5e1d
X-MS-Exchange-CrossTenant-Id: be0f980b-dd99-4b19-bd7b-bc71a09b026c
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=be0f980b-dd99-4b19-bd7b-bc71a09b026c; Ip=[144.49.247.87]; Helo=[mail.ds.dlp.protect.symantec.com]
X-MS-Exchange-CrossTenant-AuthSource: BN1NAM02FT047.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO6PR02MB7699
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/qHkSlmT6jWcCp__XfdvT9CB4-sE>
Subject: Re: [sipcore] [stir] draft-ietf-sipcore-callinfo-04 (call-reason)
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Mar 2022 20:32:15 -0000

Generalizing further:

  *   For real-time interactive communications (mainly voice/video), prior to responding (answering the call) the recipient can only determine the credibility of the content they are about to receive based on the "call metadata".
  *   The best we can ever do in technical specifications is to ensure correct conveyance of ID information in that metadata from the call origination point to the termination point.  That can be done in a chain manner, which is relatively easy to break (e.g. due to lack of applicable specs/standards, or their application), but is better achieved on an end-to-end basis.
  *   The recipient can use a verified ID to look up reputational information on the caller (& that may include the reputation of the ID supplier).  Provision & verification of reputational information is way outside the remit of any technical group.

If we consider the above it is relatively easy to determine how any addition to a technical specification will result in better achievement of the ultimate goal, which to create/restore trust in, or at least to enable the recipient to make judgement on, the validity of the content of real-time communications.

/David

David Holmes  (He/Him/His)
Industry Forums & Relations
T-Mobile USA
Direct 425.256.7082 | Mobile 425.260.1868  | david.holmes@t-mobile.com<mailto:david.holmes@t-mobile.com>
T-Mobile.com<http://www.t-mobile.com/> | Follow T-Mobile on Twitter<https://twitter.com/tmobile>, Facebook<https://www.facebook.com/TMobile> and Instagram<http://instagram.com/tmobile>

From: stir <stir-bounces@ietf.org> On Behalf Of Henning Schulzrinne
Sent: Friday, March 18, 2022 1:05 PM
To: Chris Wendt <chris-ietf@chriswendt.net>
Cc: stir@ietf.org; SIPCORE <sipcore@ietf.org>
Subject: Re: [stir] [sipcore] draft-ietf-sipcore-callinfo-04 (call-reason)

[External]

Generalizing a bit, we are trying to provide information that allows a called party to decide whether to (1) accept the call; (2) trust the caller in some sense ("this is a real charity; this is actually a real bank; this call is important enough to answer"), with both (1) and (2) probably outsourced to your favorite ML/AI/robot service in some cases, whether enterprise phishing/fraud prevention or some service for residential users.

We use a variety of means for this:
* information about the telephone identity (usually, TN) of the caller -> STIR "classic", using From, mostly, but also the various P-Asserted-Identity, verstat and similar headers
* information about the caller's "real world" identity -> RCD
* information about the nature of the call -> SDP and others ("sorry, no video calls"); possible the Subject header and the call-reason field

All of these have different sources and change periods:
* TNs often don't change for decades and are best provided (or validated) and, where available, signed by the OSP, but may also be inserted by intermediaries, e.g., in SS7-to-SIP gateways.

* RCD may change more frequently (people move, businesses change names), but are also best provided by the OSP, at least for most users, e.g., based on billing addresses and the KYC process. This will be pretty much required for the JWT version. This means there's relatively little opportunity for inappropriate content, for example.

* The nature of the call is, by necessity, provided by the caller, on a call-by-call basis. Unless one creates another API from the UA to the local PBX (or carrier), it would have to be either merged with the RCD data or carried in two Call-Info headers. If the carrier merges it, this blurs the responsibility - it makes it look like the carrier vouches for the call purpose, which they presumably want nothing to do with. Given the potential for abuse, you probably need to provide the called party with an opportunity to suppress this. (This new text channel is a perfect way to harass people or businesses with messages, at no cost and none of the SMS campaign registration and cost overhead.)

Also, for regulated businesses such as banks, the call purpose information would need to be recorded and possibly filtered - you don't want this to be used to bypass content filters and flagging. ("Buy T at $100"). Putting this in the same header as the RCD is not helpful - it just makes it messier.

Thus, the call-purpose information is much more akin to a new messaging channel - after all, the caller can just make a bunch of calls, each with a new call-purpose (or Subject).

Thus, RCD and call-purpose share very little in terms of responsibility, spam risks and method of generation. Combining them in one header offers little advantage and just blurs responsibility.

Providing a reason for the call was the original motivation for the Subject header. This hasn't been too successful, but the new proposal, in my view, makes things worse and addresses none of the likely reasons for the Subject non-success.

If there's a need to provide more call-specific information that can't be handled by Subject, this seems best to be a new Call-Info purpose. It is then clear that this is of a different nature than the business card information in jCard.

Henning

On Fri, Mar 18, 2022 at 10:16 AM Chris Wendt <chris-ietf@chriswendt.net<mailto:chris-ietf@chriswendt.net>> wrote:
Hi Henning,

This is good feedback, you are correct there really hasn't been a lot of discussion on the callinfo-rcd draft, most of the mind share has been toward the passport-rcd, now that i think that document has mostly stabilized on issues not related to your comments or the specifics of how we do callinfo, it's a good time to engage on that and appreciate you starting the discussion.

I'd be curious to think what others think about using Subject for call-reason vs callinfo.

I think the thought process as you sort of indicate sort of went a bit back in forth about whether jcard would be the extensible object we all put information about caller into, we seemed to have backed off of that for what has emerged to be the initial minimum use of RCD which is name, TN, icon, call reason.  The first three is info about the caller, the call reason is info that is likely specific to the call intent, not information about the caller. So in that sense Subject may make sense because after all that is what it was created for, but also we weren't sure if there would be other categories of information that we may want to extend in call-info. For example, URL to relevant info about the intent of the call, or other call specific info.

Beyond your point, but related and maybe just validation for me, do we want to protect call-reason as part of RCD?  I think we sort of said, yes why not protect/sign it because we view RCD as an extensible set of claims, as long as we make that a claim that is not part of the "rcd" claim that is specifically about the calling party identity, which we did with "crn".

I do also think we need to address when callinfo and other SIP headers/parameters are used to carry info vs in RCD claims.  Should they be mutually exclusive, that you should either do one or the other depending if you want the signature/integrity protection for your use-case?

-Chris

> On Mar 17, 2022, at 11:49 PM, Henning Schulzrinne <hgs@cs.columbia.edu<mailto:hgs@cs.columbia.edu>> wrote:
>
> There was a brief discussion on this in August 2020, but now that the draft is stabilizing, I'd like to comment on the call-reason parameter. I'm not sure I found all the discussions, with only an August 2020 discussion (from Paul Kyzivat and Chris Wendt) popping up. In any event, as drafted, this seems to be exactly duplicating the Subject header. Having two header fields that do pretty much the same thing seems unwise.
>
> There was discussion on structured content, but this doesn't seem possible to add without breaking backwards-compatibility. You really don't want to add JSON to an existing string, or other parameters.
>
> There seems to be no obvious reason why systems that drop Subject would treat call-reason with more care (or deliver it to the UA). Indeed, richer information is likely to make the handling more challenging - the more stuff the UA can embed, the more likely that this will cause security concerns. (You really don't want to include full HTML with JavaScript here...)
>
> It is also a poor addition to the callinfo header, as the RCD will likely be generated by a trusted entity, such as the carrier or the enterprise PBX, while the call-reason has to be generated, on a call-by-call basis, by the UA, either via human input or via the robot generating the (hopefully wanted) calls.
>
> I think there are three reasons that Subject has not seen much use:
>
> (1) For person-to-person phone calls, there seems to be little appetite to add more overhead to making calls. If I want to text ahead ("I'll call you shortly about the vet"), people will likely do that instead. Call-reason or Subject are not substitutes for texting-ahead.
>
> (2) For enterprise-to-consumer calls, this seems like an opportunity for potential abuse and spam.
>
> (3) SIP headers provided by the end system or end user don't seem to survive the paranoia of B2BUAs and various other in-call entities.
>
> All of these would likely apply to call-reason, with the additional issue of who-generates-what added for complexity. If the landscape has changed, i.e., there's a willingness to deliver information UA-to-UA, then this would apply to the Subject header as well.
>
> Henning
> _______________________________________________
> sipcore mailing list
> sipcore@ietf.org<mailto:sipcore@ietf.org>
> https://www.ietf.org/mailman/listinfo/sipcore<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsipcore&data=04%7C01%7Cdavid.holmes%40t-mobile.com%7Cbb87c967d7d9432dc42e08da091ab62d%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637832307608208318%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=S1jVvqHFUsdcP%2FtQuLu8OJeyjWfgFte4WaX%2BTePFnJE%3D&reserved=0>

v2.23.0 | Report a Bug | By Email