Re: [stir] New draft draft-rosenberg-stir-callback-00
"Gorman, Pierce A [CTO]" <Pierce.Gorman@sprint.com> Mon, 05 March 2018 16:31 UTC
Return-Path: <Pierce.Gorman@sprint.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4CB81270AC for <stir@ietfa.amsl.com>; Mon, 5 Mar 2018 08:31:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y4kuqfDqOSJK for <stir@ietfa.amsl.com>; Mon, 5 Mar 2018 08:31:41 -0800 (PST)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0726.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe49::726]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5409A12D963 for <stir@ietf.org>; Mon, 5 Mar 2018 08:31:34 -0800 (PST)
Received: from SN1PR05CA0040.namprd05.prod.outlook.com (2a01:111:e400:5197::50) by DM5PR05MB3290.namprd05.prod.outlook.com (2603:10b6:4:3e::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.567.6; Mon, 5 Mar 2018 16:31:32 +0000
Received: from BY2NAM01FT032.eop-nam01.prod.protection.outlook.com (2a01:111:f400:7e42::209) by SN1PR05CA0040.outlook.office365.com (2a01:111:e400:5197::50) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.567.6 via Frontend Transport; Mon, 5 Mar 2018 16:31:32 +0000
Received-SPF: Pass (protection.outlook.com: domain of sprint.com designates 144.230.32.82 as permitted sender) receiver=protection.outlook.com; client-ip=144.230.32.82; helo=preapdm3.corp.sprint.com;
Received: from preapdm3.corp.sprint.com (144.230.32.82) by BY2NAM01FT032.mail.protection.outlook.com (10.152.69.209) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.506.19 via Frontend Transport; Mon, 5 Mar 2018 16:31:31 +0000
Received: from pps.filterd (preapdm3.corp.sprint.com [127.0.0.1]) by preapdm3.corp.sprint.com (8.16.0.21/8.16.0.21) with SMTP id w25G4lS9037234; Mon, 5 Mar 2018 11:31:30 -0500
Received: from plswe13m04.ad.sprint.com (plswe13m04.corp.sprint.com [144.229.214.23]) by preapdm3.corp.sprint.com with ESMTP id 2gfq3s26jd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 05 Mar 2018 11:31:30 -0500
Received: from PLSWE13M04.ad.sprint.com (2002:90e5:d617::90e5:d617) by plswe13m04.ad.sprint.com (2002:90e5:d617::90e5:d617) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Mon, 5 Mar 2018 10:31:29 -0600
Received: from PLSWE13M04.ad.sprint.com ([fe80::2c01:fcb8:e729:4a7a]) by plswe13m04.ad.sprint.com ([fe80::2c01:fcb8:e729:4a7a%24]) with mapi id 15.00.1347.000; Mon, 5 Mar 2018 10:31:28 -0600
From: "Gorman, Pierce A [CTO]" <Pierce.Gorman@sprint.com>
To: David Frankel <dfrankel@zipdx.com>, "'Cullen Jennings (fluffy)'" <fluffy@cisco.com>
CC: 'Jonathan Rosenberg' <jdrosen@jdrosen.net>, "stir@ietf.org" <stir@ietf.org>
Thread-Topic: [stir] New draft draft-rosenberg-stir-callback-00
Thread-Index: AQHTtJ3HPXW7S2T4SkqZXCS9zSPj0KPB1SJg
Date: Mon, 05 Mar 2018 16:31:28 +0000
Message-ID: <3783653d02a24044a1ddc977c60d3bb0@plswe13m04.ad.sprint.com>
References: <CA+23+fF7UfT4KY6jCm8VqgPBbiq2KH3_9ASb2KiH0bjVTZeY_A@mail.gmail.com> <02f401d3b38d$754f0570$5fed1050$@zipdx.com> <C886C1C8-0F58-4674-BE37-315878769155@cisco.com> <046801d3b49d$bd6c68a0$384539e0$@zipdx.com>
In-Reply-To: <046801d3b49d$bd6c68a0$384539e0$@zipdx.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.214.116.23]
Content-Type: multipart/alternative; boundary="_000_3783653d02a24044a1ddc977c60d3bb0plswe13m04adsprintcom_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:144.230.32.82; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(396003)(346002)(376002)(39860400002)(39380400002)(2980300002)(438002)(25584004)(189003)(199004)(53754006)(55674003)(186003)(108616005)(86362001)(24736004)(76176011)(7696005)(30436002)(8676002)(2950100002)(106466001)(72206003)(54906003)(106002)(316002)(110136005)(229853002)(16586007)(81166006)(81156014)(4326008)(8936002)(478600001)(53946003)(53936002)(54896002)(6306002)(236005)(2900100001)(966005)(606006)(68736007)(14454004)(7736002)(356003)(102836004)(59450400001)(6116002)(6346003)(33964004)(561944003)(26005)(53546011)(53386004)(6246003)(3846002)(4546004)(2906002)(97736004)(5250100002)(5660300001)(93886005)(790700001)(84326002)(336012)(19625305001)(486264002)(579004); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR05MB3290; H:preapdm3.corp.sprint.com; FPR:; SPF:Pass; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; BY2NAM01FT032; 1:LxyRLaN7REpSzcRzb+LSxpwUDL9/tVBlF1FJyYlCo00fN9/qeJtG9IoWAZCvR5QqIpzITVt3hLYQjQcHN1Yhu6pIp1EO02z7cD4GYzU0U9pq6kgpTB1+ZKOMbWa44sXw
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 5e4eaa6b-465f-4be3-2a88-08d582b68deb
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(8989060)(5600026)(4604075)(4608076)(4534165)(4627221)(201703031133081)(201702281549075)(8990040)(2017052603307)(7153060)(7193020); SRVR:DM5PR05MB3290;
X-Microsoft-Exchange-Diagnostics: 1; DM5PR05MB3290; 3:lN0zwqAOPaEqvjl2I6ZYCd4sKSizdoBj7uKL1g2qALqLzGgl3tqWK00VS3MACYG5KIbEcDOKrdLllmNhU7SFiJ0yJ5FJLOLOcJoAFZunFB7MlzidW9kdPR0yTHKEiobiusXY64A/suUwzt+ELCL5PxMOJb1N21wkKY0qGvdlwxRNUL7IQuwWfTeQm73887MWTJXJphlLH9jEJIz72UwUcXIfB6PiDPnq9Zm3Ely7Q4C+b1AWZZckZmOVsxBbmVZWqrr1VZH3E4dMBKn05g7igN3XWLoDBPtkDZvEFK6gW45O24pTg7Es/pM4nMVudIvLJYr0j8Jrs/oI7L9H85Bbrpq6K86Nhx5psEh4r7kKF50=; 25:iHTY2d3VNEk/xqf7gLfLMzYT51baL3ZMWR7IYnKF4kiSNJ9TbfEKm8IWXiu0Y++JJcVDo9B8YPeOaxZ0E+aB81Fi74LeZk98zCmyM+UXDQmi5fwyj8dA5Gwn0VNW9nSiz/ZRcsLH3LcIT7Bqp7kliBl2bGZauCQ/Sgcn1v2eDDNXUukiJOTB/lqz/hbRSYdlrqmnmI2dSCjNPVgeQnlb/qY1r7SxYI1ivjDpo0n9FuO8omqhUY3vMgC7ruW2YFWr+DkhRsGU2r3B1Mph8gcJ4nV6vodMYEh8ZzQPa/NjvjvhHyPO9PCD0CzR28BRd4JP5ZfEuMvN0Jj8gd9kltWWlw==
X-MS-TrafficTypeDiagnostic: DM5PR05MB3290:
X-Microsoft-Exchange-Diagnostics: 1; DM5PR05MB3290; 31:wPJqeGnH5DaZsHT0wsoIP86YQoT2lHt2iNVwQz4VqgmMEXHICkwphJjrIwuj6163P/5fowI/z4Y824Kk1OE2a0FSaeVQ4T67Eew3fYUHhHEd0Y923PxB4Ym1JagdN+5nlh4gXz1UQ57z0snhakOahYbIJdJQgmX42xQUjk6aMA3V72KLMsWGFL6B+F6D23tuFIEiZ8x82O9V3uvxhKGWUqY6Sn2M/NMQfnjShYmgkIw=; 20:s2bG6yTWB3bdGDAPl3IOyH/hJ0G689IzuzW3SGfO6dIFmh/iPLFqhqT9BxePZnH0FDQpxcLFiT4l8NhU90sN5Q4SVyaDCYIMMAIiTGv3xOCgsG66uuhNaQHfJQKuWpgv/E9vZ1x/K++FakoGfT7LFbvXMEbpxEBSb2uf4gJvGUs//G8uUlnvchOGcP8pgt6HOA3KAqYx+8Kc7CT/q0fitVsJkXuFW5FbOMEIarUVzmspQ+FleERFRlFCwaAlYmBSKYIcVvWjCxcNVb0RMgRn55VepIMXELKl+YYQYR74R3hXAy7lxK8TMMFcWlv94kpuLEnjo/7rO1L5RzSySTfWBmuIUVnN775rGWQFsZZLRrX9/PMZqKsNce1xcKpqocjZpsY+iXnKiQ5NeE0fzQhHpA2jFsyYyIJSFmyRyrT4B4VYXtrwozVt5le+4D0PNG30Nkk2sXfPsOAmr3s6ew3zBI5ibVvEVLoQ68T07SM0kQ6lNt8X2r2Fvwr23z0UFKwg
X-Microsoft-Antispam-PRVS: <DM5PR05MB3290B5E281B0B313EA4CEDCA89DA0@DM5PR05MB3290.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(28532068793085)(158342451672863)(95692535739014)(21748063052155);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(8121501046)(5005006)(93006095)(93004095)(10201501046)(3231220)(944501244)(52105095)(3002001)(6055026)(6041288)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123564045)(20161123560045)(6072148)(201708071742011); SRVR:DM5PR05MB3290; BCL:0; PCL:0; RULEID:; SRVR:DM5PR05MB3290;
X-Microsoft-Exchange-Diagnostics: 1; DM5PR05MB3290; 4:k4l7VPBb9cESI0sPv2dchRbnGWBKRQDbv1U46Oxo1Pry8R/hCq6on8K9LgWyYGTWH9BsVBWzcvn3JL+ZXmCdOX73D+imVu5f/e7k8p12Ku1cRuVwnTCmzWc25dB0YIGOSJ+6AVIofo/BBpZFvqqJnd0TN52L+J+zGIhm5qd6py3CHCGWxfsnZx27V/p4j0z7b+8D/05E9JyDrz9w+EfdbEJGx3fTE1zt61dI4TXpKwnsXK+3KbnjHXpQ7FTdz/g3SRfRX636NrxjQST/ephuORv8eyISjhyz5UyZp+ljOzKw9iZytSneg3EUJ9n+QU/rCUUOx0pLS9Apx3uy49ZgH0ckLJSyrgFjb8YkDem/dmyn/SjXeYMLZ+O0GL0ZyK6Am9rLxxMSkcJXtDvSMAnNnd1HGlUpa6LF9hhPG30wtuk=
X-Forefront-PRVS: 06022AA85F
X-Microsoft-Exchange-Diagnostics: 1; DM5PR05MB3290; 23:+fjXtCDM2lEoNSqO5GmPk3+KmmQqE4EQ2KdzJYBvnItafwBXb1w8aoOsadYXo4ktA5kreKFTlAR4GQG+60/mYxvxC6qvjV5mSgp6hKmVdidlRsVnQX7aa3cvZbpYRnfjVt5skz//9uclpyYq7mx0MrbkovwLsj+GLpOxt8M+pK4vmHHEIOpjhj/zMiErlGrYtuck8PtWVJ4tesPUane/xlpzGRwFgFqL0A+TOFO+DSjPisuhqizzuUZXhFTSyuETq1DJuP0JQJkWxzR9UsD4ZrCEEEUqyhgrH0Krhqd5Z4HStxnpom0x76E6MvxaNYCeA/LL51tc85IgoY2FOwdtb/9rbVdpOvLvJHkLLh93AJ+vA3nOv0+mjUIkPqv2J0T/DJlrEJE7xJ+IiuCXyYCyazWN+nxSXpE2RCZmGMBDgHhx8km7iX1AnWzxaI/IdmsiczxPCxZcdmNA8u5xksCubrrcDofQULEHOCGywfKz+aML3GiOl5mJKcBFXQgJbdbGqvmns+MK5O9+ARhIc0PpmQHkU3Ga1PfpEueAEKDNZb3B+jyYyP/z9j7Q1IE0wFoYUmdbU1qzSLPTMnpZ+N5OoVIj4aqoAezqUgdF0YBWhatdY1j7rwWtKRYjeOuE5sZN8bK4oDVizUqm2inIFdfwMBv1SO2Ik6x9rRQhEnOhH/h+L+TNFVodoB/tYSAkGKpLGyWgWkrbCDswU7Qf2B5zlVopuEiuxWpEygezw+rPtFqMC6OgtbUYqoovQYIFfOLLZ5rn1cTkgxZGEM054/9a2nqyUml6MB30MRdEoVsrLgW5IhzHzK4gIe3hKIg7kZ8WG52C2qNigTlIoX0N4QFqDiWxIY9fUCE5l8QZ7Bd1ylQ73qU2I3xDJkfMO7Fs8uzSMStEGvV54vM7t+cB3KcCoQAlzyC48++XNDriw0LdvZP353HFe+0BE0i/xCfLnmOOYVm5HFVk6iNWurVA74H8pYsE3UQzSBm10QMEld3ITX+ZCltMIRSHUMkZyIP1vTHDrj57AVsGKHSjBBRXary45ymGlMDlriQ4f+MVIWadBfOjUbNblmJ5Ykb54N79asRcoz9S2LaUjp/gKLqsv2Wz/hXgScPVDuxNYP13V2lQq7yEJfOAt6Ner3fdtotmfj18YNiPhNLLDC1fAVJIvbFA/LwjffSHpWkgaN10ZtqQyeScJgHUYtydx3vRS6K2R8suSewdisoljRRZseqX7ZqUu1tD1r4fl3OtgxoqXFUwSXuZgDZyj13OFjPn5tYFv6xswovQp3xKhy88Onv5NGMIyFq9quZoo2nORdnJ40hSSWbet7j5hSB8B4/RBxabu5PIkeg/2rIo0UiyKg8jj0+1dNw86xYWhwiEFDT7chmroq6NjOmidrGuW5GwzvNbdFe/VjFfnLKqTCJ7chhKPkl3txav3wX+1uxZuypM1J7GifXACmxl9gFGCFiAwFXYCiCJCaSnM60jCN8jPbH51R1pUfcbVOj/sIFHWLBxvVBfDbZxSYf1hCsXHavcQzWky09aNIcJmZonJvdAcHpf1GnpdA==
X-Microsoft-Antispam-Message-Info: cgWLu/n0ak5bbg8JVGJPUf5m0cDerExwiSmDhFasVIwFZCVA/8gcqhaQM3KDbBCx2QSlWR/r454o+fwcDqlEMPBs87y9XeLstqpUdSUEjWI8EeMJnbBuJ8tA1fNRre9mFVrhsMgxqNYc2zCUUFAnwx3BKZN/wxzyx2VhlyNZGqXx9diXEXO8WvoEpb94dW4a
X-Microsoft-Exchange-Diagnostics: 1; DM5PR05MB3290; 6:D5+8J1OBBzP0Cbk37o5/kgc+DejaPEqMtLCSIOEQ9b8SlXaTYMvi0azpfo0eCkv5Gaw8Wf9RJDWRqmzAewB2T3AvXg6WW8+oQeoZIaF9TQdLfNnBeTFCJzCuFZfrtFotqRp8xPAJv8Sg7wmsq/yuB6hC23dBs0VluDS2OLf+ldD7cdNQXGEC4bsASrC+hvi52C8us2U/SZD1U51rELCNpppdWxe54rkVRpdr320CGvgHT9gGfGYfpbfI/vBYIFqtcrdYYcV8/ErCeEG9atwFOoCgw4KrN7BvL+y2qDIlQXu4oITqCN4E6uO90xN5f398cyONceGJOFU6E7rlYA1WdLyTsOdGA6RpKq5cXEokgSg=; 5:+imFjdW8H8prrmOS1ilAXZHkNqXR2SH4S5gtr43nVmWYK9ah8wTgdywNUKMJnmfqBgDRDIRUsmQP6Wgx6pe3MFNaDzAwHdtS9x/dpFbFkaqSQoretkzYRSCBF61YYuMIwCIbTujTvjF5FTJfgBjEnkTvTEMJT7CCTLD8b7EgGDQ=; 24:NHPCe95zD77gRoNppB2G/p45Sz3ya+99xpyKIwalFlfL9o8EC7UxBDSEYlNDe4/nNOeN4RV5Q4+//OXzHM2G1iVjUFB4cYp/w6/idEMGFzk=; 7:h03lGvVI0T9zYJRF35m1HTPHxyuLYv98d/Lal/ohLWdt78T2BeBsg3TOBP87zWQKuiaIGnFYY1gOxJbxf2HMBUzlqrAtSHiDcOLyfn5j2uEjAv+uH7+0wJaV9h1DWp1FJ61VvyoY5sisPYfBaFBFTfv1gE1AofxFLMU3jFEMqcJqQE+bRGJ0EuswmTIk3DfQBnXxDx25+gVb3ycg8z8M4R4KBYgqX2syzefaGGkBPOrS6+vcNLsj6Sj5JHkmjxsp
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: sprint.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Mar 2018 16:31:31.6951 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 5e4eaa6b-465f-4be3-2a88-08d582b68deb
X-MS-Exchange-CrossTenant-Id: 4f8bc0ac-bd78-4bf5-b55f-1b31301d9adf
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=4f8bc0ac-bd78-4bf5-b55f-1b31301d9adf; Ip=[144.230.32.82]; Helo=[preapdm3.corp.sprint.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR05MB3290
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/3iKd8YOzX_9yMHFBBnjZzF8tSPA>
Subject: Re: [stir] New draft draft-rosenberg-stir-callback-00
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Mar 2018 16:31:47 -0000
SBCs do not terminate calls. And, experience has shown some SIP stacks do not support RFC 3262, even if the SBC did. From: David Frankel [mailto:dfrankel@zipdx.com] Sent: Monday, March 05, 2018 10:20 AM To: 'Cullen Jennings (fluffy)' <fluffy@cisco.com> Cc: 'Jonathan Rosenberg' <jdrosen@jdrosen.net>; stir@ietf.org Subject: Re: [stir] New draft draft-rosenberg-stir-callback-00 Thanks for your response, Cullen. I’ll try to address your questions and comments at the top here, rather than burying them below. Regarding specifics of the misbehaving SBCs: I’m not comfortable identifying them here, but I can try to reach out to them to see if they want to engage directly in this discussion (or if they can give me any information to relay as to why they are non-conforming). I can tell you that they are all licensed CLECs (ranging from tiny to very large). From my parsing of the 200-OK they send back to me, at least some are using commercial SBCs; in one case, it looks like that SBC provider is now out of business. That’s not uncommon in this domain. I can think of a few possibilities as to why these SBCs are behaving as they are: (1) The manufacturer didn’t adhere to the SIP RFCs, either on purpose or due to carelessness; (2) The provider mis-configured the SBC in error; (3) The default configuration for the SBC doesn’t adhere to the RFCs; (4) The provider encountered some issue in the past and purposefully altered the configuration, and this is the desired result or side-effect; (5) There’s a bug. I’ve encountered all of these over the years. Certainly some providers will be motivated and cooperative in fixing problems and implementing new extensions. Others will be recalcitrant. I have said to providers about other non-compliant situations: “Read the RFC. What don’t you understand about SHALL or MUST?” And they respond “What don’t YOU understand when we tell you: We don’t support that aspect of the RFC.” With respect to STIR-Callback specifically, I can imagine that for our example, where B is sending a verify invite to A via X and Y, Alice’s phone will ring improperly, but A will point the finger at X (or Y) for dropping the REQUIRE header. Since Alice is a customer of A and not X, your notion of “the economics of customer satisfaction and retention” won’t apply. I agree with you: these same factors will definitely play into 8224 deployment and the propagation of the IDENTITY header. I believe that the team will be successful with some relatively rapid initial in-the-field demonstrations. But if your objective is to make a serious dent in the robocalling epidemic, that requires much higher penetration because you’re battling a reactive, clever enemy force. Given everything that has to change for 8224, that is going to take many years. Herding the many hundreds of US telecom providers that it takes to get to critical mass is a huge hurdle when we have to write new software and then get it deployed and configured. The multi-hop nature of our call network means we fail on a weak link. Worse, given the robustness of SS7 and the huge sunk investment, it’s going to take quite some time for it to be displaced to a level of insignificance. We’ll live in a two-protocol world for the foreseeable future. What to do in the meantime? I continue to be optimistic about leveraging BILLING TELEPHONE NUMBER – a field that predates even Caller-ID. BTN is in SS7 as Charge Number, and interworks to SIP P-Charge-Info. In earlier days, BTN was important for billing and jurisdiction; things that providers HAD to pay attention to. Thus, it IS supported in virtually all installed network elements. In my experience, it usually gets propagated by intermediaries. By using BTN to identify call originators, or at least originating providers, we can throw a much brighter light on the source of our robocall problems, instead of continuing to flounder in the dark. That can be accomplished by regulation, mandating that providers insert the BTN and not permit customers to spoof it. This approach won’t work 100% of the time, but it can make a huge bite today while we wait for more sophisticated solutions to get to critical mass. I’m interested in your thoughts here. Many are quick to point out that robocalls can originate from overseas, where our mandates are ineffective. However, every call to a USA PSTN number comes through some USA-regulated originating provider, and those providers have commercial agreements with whoever is sending them the calls. So there is a mechanism to push back on the ultimate source. There’s a fair amount of evidence that at least today, the majority of robocalls come from a relatively small number (dozens) of sources, so our first priority should be to find and stop those. David David Frankel ZipDX® LLC Monte Sereno, CA USA Tel: 1-800-FRANKEL (1-800-372-6535) From: stir <stir-bounces@ietf.org<mailto:stir-bounces@ietf.org>> On Behalf Of Cullen Jennings (fluffy) Sent: Sunday, March 4, 2018 5:03 PM To: David Frankel <dfrankel@zipdx.com<mailto:dfrankel@zipdx.com>> Cc: Jonathan Rosenberg <jdrosen@jdrosen.net<mailto:jdrosen@jdrosen.net>>; stir@ietf.org<mailto:stir@ietf.org> Subject: Re: [stir] New draft draft-rosenberg-stir-callback-00 On Mar 4, 2018, at 12:50 AM, David Frankel <dfrankel@zipdx.com<mailto:dfrankel@zipdx.com>> wrote: Hi Jonathan and Cullen – I read the draft with interest and wonder if you can clarify a few things for me. My understanding of SIP nuances is limited, so I may be overlooking some obvious things here. At the same time, I’m trying to be pragmatic about how things work in the “real world” vs. the world as defined by the specs. So my questions / comments are: A) I see in section 3 references to SUPPORTED and REQUIRE header fields that include “stir-callback”. Then in sub-part 1 of section 3, in the call diagram I see references to SUPPORTED and REQUIRE headers that say “stir-verify”. (Note, btw, that there are two sub-parts 1 in section 3; I think they are supposed to be numbered 1, 2, 3 instead of 1, 1, 2.) There are further references in the document to “stir-verify”. Then in section 8.1, there are references to a “sip-verify” Option Tag. So my question is: are “stir-callback”, “stir-verify” and “sip-verify” all meant to be the same string, and perhaps the exact value evolved during development of the document? Or are there really two or three different option-tags involved here? Or am I missing how these three different values are actually applied? We probably just messed up some cut and paste as we changed names. B) In the “real world”, a PSTN call from Bob (tel:1, served by Provider B), to Alice (tel:2<tel:1>, served by Provider A) is often completed by B sending the call to transit provider X, which, even in an end-to-end SIP connection, will re-initiate the call and send it to provider Y, which then re-initiates it and sends it to terminating Provider A. (Note that the call path from B to A typically does not necessarily follow the reverse path of a call from A to B.) So in order to propagate properly from origination to termination, the “verifying INVITE” proposed in section 3, containing the REQUIRE: stir-callback header, will need to first be processed by Provider X. As I understand it, X will need to be capable of recognizing the new REQUIRE header and knowing that it needs to propagate the call onward (NOT reject it due to lack of support for stir-callback), and will need to send the call to Y with the new REQUIRE header included. AND it will also need to know that it needs to propagate the VERIFY-CALL header as well. Y will receive this INVITE, and it too will need to know that it needs to accept this invite and propagate it onward with the REQUIRE and VERIFY-CALL headers. Since stir-callback is not today a defined option, if X and Y were conforming to the SIP RFC, they would today reject this INVITE. So does this mean that your STIR-Callback approach will necessitate updates of currently-conforming UA’s acting in the transit role to now provide support for this new type of INVITE? Finally, if and when the verification INVITE gets to A, and as your document explains, A will have to be smart enough to process the verify request and send the appropriate response. That support is noted in your document; I’m wondering if you also need to document the kind of support that will be required from intermediate providers, and note the importance of A being RFC-compliant with respect to REQUIRE headers it does not understand. Yes, you are right the intermediate providers SBCs would need to be configured to support that require header. This is certainly a deployment issue but I’m not sure I see it as much different from the same SBCs needing to be configured to 8224 Identity header. Thoughts ? C) At the end of section 3 you note: “The presence of the Require header field in the verifying INVITE is critical to the operation of the solution. It prevents the verifying INVITE from actually ringing a real phone, which would be quite annoying.” This is my biggest concern. If the new REQUIRE header gets dropped somewhere along the way, the INVITE will look “normal”, so won’t Provider A ring Alice’s phone? Or, if A is not RFC-compliant and ignores the REQUIRE header, Alice’s phone will ring. (And of course if the call originator was spoofing the number, and in fact Bob’s verification INVITE went to the real owner of the number, served by provider C, C would have to be RFC-compliant in this regard or the real number owner’s phone would ring.) I am nervous that in today’s real world deployments, your approach is fragile because it is dependent on the various UA’s in the call path diligently following the SIP RFC. I made a few test calls acting like I was Bob’s UA, having received an INVITE from A that I want to verify. So I sent an INVITE back towards A, inserting the REQUIRE: stir-callback header in my mock “verification” INVITE; I sent these calls through various real-world termination providers. In a couple of cases, I got back 420 Bad Extension responses. That’s good and bad; the good news is that it tells me that those particular UA’s ARE RFC compliant in this respect. They don’t understand a REQUIREd option so they are necessarily rejecting the call. On the other hand, it points out that if these UA’s are acting as intermediate providers (which, in these cases, they are), they will need to be updated to accept and pass the stir-callback related headers even though they are just providing a transit function and even though they are not assuming any responsibility for verification. In my other test cases, the destination phone rang even though this was supposed to be a “verification” INVITE. This tells me, I think, that at least the first UA (X, in my explanation above) in the verification call path is non-RFC-complaint, and that downstream UA’s are either also non-compliant, or that the REQUIRE header got dropped along the way. I am nervous about the extent to which deployed UA’s are non-RFC-compliant with respect to the REQUIRE header, and how that could undermine deployability of this solution. Maybe you intended that the solution only apply when A and B are directly connected and there are no intermediate providers. But I’m concerned that’s only a small fraction of “real world” calls today. First let me say that is awesome you just went and tried this. I love real world data. Some of the version of Asterisk I have seen configured that way but sort of surprised if people are using ACME or Cisco SBCs that way. I certainly don’t have any desire to embarrass any particular SP about their SIP deployment but would you be willing to share what providers did this such that we might try and track down why they did it - that might help decide how much of an issue it is? I am interested in your thoughts on these items, and on getting me back on track if I’ve misunderstood aspects of the proposal. I think you have understood the gist of the proposal and perhaps we have some tweaks to make. I agree with your high level points of there are intermediaries in the call we care about and that if any server along the chain is non compliant with require, it does not work well. Perhaps we can think of ways to mitigate that but not obvious how. Now that we have 8824 out the door, I’m more trying out ideas to see what might work to help reduce SPAM and I share some of your concerns about this but not sure what’s better for deployment. However, any in band STIR solution is going to require the service providers to test and support it. I would not be surprised to find that any SBC configured to ignore the Require header is also pretty unlike to pass the Identity header. For a long time, I have seen many things blocked at IETF from by the “SBC won’t support that” argument but in this particular case it is a bit different. If some carrier has all of it customers getting an irritating call back call ever time they dial a new number, I’m sure the economics of customer satisfaction and retention will cause that carrier to change the configuration of their SBC to not ignore the Require header. I am worried about this and the rest of STIR when the interconnect between the carriers is SS7. David David Frankel ZipDX® LLC Monte Sereno, CA USA Tel: 1-800-FRANKEL (1-800-372-6535) From: stir <stir-bounces@ietf.org<mailto:stir-bounces@ietf.org>> On Behalf Of Jonathan Rosenberg Sent: Thursday, March 1, 2018 6:15 PM To: stir@ietf.org<mailto:stir@ietf.org> Subject: [stir] New draft draft-rosenberg-stir-callback-00 Hey all - been a while :) Cullen and I wrote up a concept for using STIR with self-signed or domain based certs, and then handling number validation with an in-band callback. We think its a promising approach to accelerate STIR deployments, since it allows them to happen without the cert infrastructure being in place. https://www.ietf.org/id/draft-rosenberg-stir-callback-00.txt Comments welcome. -Jonathan R. -- Jonathan Rosenberg, Ph.D. jdrosen@jdrosen.net<mailto:jdrosen@jdrosen.net> http://www.jdrosen.net<http://www.jdrosen.net/> _______________________________________________ stir mailing list stir@ietf.org<mailto:stir@ietf.org> https://www.ietf.org/mailman/listinfo/stir ________________________________ This e-mail may contain Sprint proprietary information intended for the sole use of the recipient(s). Any use by others is prohibited. If you are not the intended recipient, please contact the sender and delete all copies of the message.
- [stir] New draft draft-rosenberg-stir-callback-00 Jonathan Rosenberg
- Re: [stir] New draft draft-rosenberg-stir-callbac… Peterson, Jon
- Re: [stir] New draft draft-rosenberg-stir-callbac… Jonathan Rosenberg
- Re: [stir] New draft draft-rosenberg-stir-callbac… David Frankel
- Re: [stir] New draft draft-rosenberg-stir-callbac… Cullen Jennings (fluffy)
- Re: [stir] New draft draft-rosenberg-stir-callbac… David Frankel
- Re: [stir] New draft draft-rosenberg-stir-callbac… Gorman, Pierce A [CTO]
- Re: [stir] New draft draft-rosenberg-stir-callbac… Peterson, Jon