IETF Logo Mail Archive

Re: [stir] current draft charter

"Richard Shockey" <richard@shockey.us> Thu, 13 June 2013 17:12 UTC

Return-Path: <richard@shockey.us>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9C5E21F9A0C for <stir@ietfa.amsl.com>; Thu, 13 Jun 2013 10:12:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.006
X-Spam-Level:
X-Spam-Status: No, score=-101.006 tagged_above=-999 required=5 tests=[AWL=-0.845, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, IP_NOT_FRIENDLY=0.334, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1FzClPvIZ8kL for <stir@ietfa.amsl.com>; Thu, 13 Jun 2013 10:12:33 -0700 (PDT)
Received: from oproxy14-pub.unifiedlayer.com (unknown [67.222.51.224]) by ietfa.amsl.com (Postfix) with SMTP id 194A921F9A11 for <stir@ietf.org>; Thu, 13 Jun 2013 10:12:32 -0700 (PDT)
Received: (qmail 23102 invoked by uid 0); 13 Jun 2013 15:30:56 -0000
Received: from unknown (HELO box462.bluehost.com) (74.220.219.62) by oproxy14.unifiedlayer.com with SMTP; 13 Jun 2013 15:30:55 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=shockey.us; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Date:Subject:In-Reply-To:References:Cc:To:From; bh=NahfAEq5AhocO5yaoT6cqQFfVS6ez3QjGzRGxYZlKoE=; b=ncIv/qFiuJwelfcaY2NRfhb9rMinVJKEdsLzkHBShZ3KoX7u1+/ruOU1DytKwqfbZq6fzbivVCAbfYWoVI06ZRw4uBYSDlaKjNC5mkKMkCcFL3XoLErPPKqdAnMvk87i;
Received: from [72.66.111.124] (port=51049 helo=RSHOCKEYPC) by box462.bluehost.com with esmtpa (Exim 4.80) (envelope-from <richard@shockey.us>) id 1Un9UF-0006FX-06; Thu, 13 Jun 2013 09:30:55 -0600
From: Richard Shockey <richard@shockey.us>
To: 'Dan York' <york@isoc.org>, 'Hadriel Kaplan' <hadriel.kaplan@oracle.com>
References: <B6D6C44E-3FE3-4342-9BDD-4096D4B66DD7@oracle.com> <CDDF354D.DD9A%york@isoc.org>
In-Reply-To: <CDDF354D.DD9A%york@isoc.org>
Date: Thu, 13 Jun 2013 11:30:48 -0400
Message-ID: <029c01ce684a$fd914df0$f8b3e9d0$@shockey.us>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQHurB+rPvBwdWSMpuU+7zbFbFufQ5jzJQcg
Content-Language: en-us
X-Identified-User: {3286:box462.bluehost.com:shockeyu:shockey.us} {sentby:smtp auth 72.66.111.124 authed with richard@shockey.us}
Cc: stir@ietf.org, 'Dave Crocker' <dcrocker@bbiw.net>
Subject: Re: [stir] current draft charter
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2013 17:12:38 -0000

<sigh>  Since it seems folks want some authoritative history of 6116 I
suppose I should oblige.  I only co-chaired the ENUM WG for nearly 8 years.
Brother Pfautz can also relate the issues.

There were multiple reasons e164.arpa failed though 6116 technology has
worked very well imbedded in carrier networks as a TCAP replacement where
the CSCF or SIP proxy needs to perform some form of number translation for
some data or metadata, typically for the call routing function. On a
localized, distributed and fully cached basis ENUM  essentially becomes a
Central Routing Server. One of the big holes in IMS BTW.   Essentially an IP
Service Control Point in old TDM/SS7 terms.  

ENUM did not fail .. e164.arpa failed.  Like lots of IETF protocols they
sometimes get use for things not originally intended. MIME immediately comes
to mind. 

If I recall ENUM still baked into the IMS architecture.  SIP Redirect also
works well for number translation functions and modern database technology
has made the difference in query response time negligible.  It's now only a
question of network preference on which protocol to use. There is a lot of
real 6116 technology out there.   Hadriel is right and Brian is simply wrong
6116 IS everywhere and it's baked into every SIP Session Border Controller
sold on the Planet. 

There is no question you could develop some HTTPS like methodology that
would equally well for number translations but as a practical matter it's
simply a matter of taste.  Provisioning is the larger problem and DRINKS is
still at it after 4 years. 

Dan and Brian correctly points out one of the issues with a public tree was
privacy. The idea that since the tree was public on the global Internet an
enterprising Voice Spammer could scrape the tree to identify all active
E.164 numbers.   Brian's issue #6 is a not true since any US carrier for
instance can actually see the underlying carrier number for any NANP number
in the system.  For other jurisdictions carrier identification in the
underlying numbering databases is different. 

Obviously the #1 problem e164.arpa was the delegation model which required
endless fights with the ITU which no one, I assume wants to repeat.

Second the DNS is what it is, so you were left with no methodology for
Authentication or Authorization of the query itself. In private
instantiations this was solved by requiring VPN access even down to a
limited set of IP addresses.  It works if the application using 6116 was
limited enough.    IN the US this was done for the MMS mobile picture
routing application and the FCC's own I-TRS database for the hearing
impaired. 

Third ... one answer.  In SIP call routing this posed a problem generally
referred to Determinate Response.  The target URI for the terminating
Carrier SBC might be different based on who was asking the question and
ultimately where.  Obviously we got nowhere with Kaplan source URI though I
understand it has been implemented in private ENUM instantiations. Private
firms like Akamai munge DNS all the time in CDN networks to optimize the
source of content to the location of the query. 

Fourth was the obvious political problem of having carriers agree to allow
user control of routing data and that was a nonstarter.  However if the tree
was actually in control of the service providers ... gee  GSMA Pathfinder..
well then that was NOOOOOO problem. But Pathfinder had its own set of
issues.  There were at least 2 other well-funded ENUM initiatives driven by
carriers in the US alone, but in my judgment they have not deployed since
the market conditions and requirements were not ready.  In addition there
are at least a dozen private ENUM services in existence. 

"Money is the answer what is the question?"  Shockey's Law.   

http://www.gsma.com/technicalprojects/pathfinder

That said the proposed requirements here are actually different and the
market conditions have demonstrably changed so certainly 6116 technology
COULD work but you would have to revisit a lot of  issues like the E2MD
problem etc Source URI and the provisioning issues.  The interest of the
carriers and the regulators are in actual alignment here. 

6116 is a reasonable option that should be left on the table for
consideration as the STIR process moves forward and the full requirements
are actually understood. One of those is the structure for E.164 numbers
controlled by Public Safety and Government authorities themselves. 

-----Original Message-----
From: stir-bounces@ietf.org [mailto:stir-bounces@ietf.org] On Behalf Of Dan
York
Sent: Thursday, June 13, 2013 8:52 AM
To: Hadriel Kaplan
Cc: stir@ietf.org; Stephen Farrell; Dave Crocker; Peterson, Jon; Henning
Schulzrinne
Subject: Re: [stir] current draft charter

Hadriel,

On 6/12/13 5:38 PM, "Hadriel Kaplan" <hadriel.kaplan@oracle.com> wrote:

>That begs the question of what issues you think made Public ENUM fail, 
>and why we won't hit the same issues in whatever model we choose.

Since you addressed this question to me, I feel compelled to answer... but
in the meantime both Brian and Jon have given much more detailed answers
with which I mostly agree.

I saw security/privacy issues as the main issues that made Public ENUM not
work, i.e. Brian's points 4, 5 and 6:

> 4. Any public database that was able to show any information about a 
>telephone number was considered a privacy issue, requiring a lot of 
>"sign off", which never happened.
> 5. Everyone objected to being able to determine what numbers were "live"
> 6. Carriers objected to a public database that told competitors what 
>numbers they controlled


The potential for spam was also high.  Five or six years ago there was at
least one tool circulating around that would walk an ENUM tree, generate a
list of all potential phone numbers and then send SIP INVITEs to all of
those numbers.  I remember either seeing a video or reading about how
someone did this with all the public ENUM numbers published for Germany (at
that time). So using Public ENUM could be a fantastic way to potentially get
yourself on the calling lists for telemarketers.

Ideally, I think a public service *would* be a useful way to enable
ubiquitous usage. I'm just not sure how to get there without also opening a
solution up to these same kind of security/privacy issues.

Dan

--
Dan York
Senior Content Strategist, Internet Society
york@isoc.org <mailto:york@isoc.org>   +1-802-735-1624
Jabber: york@jabber.isoc.org <mailto:york@jabber.isoc.org>
Skype: danyork   http://twitter.com/danyork

http://www.internetsociety.org/deploy360/

_______________________________________________
stir mailing list
stir@ietf.org
https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email