IETF Logo Mail Archive

Re: [stir] current draft charter

Dan York <york@isoc.org> Thu, 13 June 2013 12:51 UTC

Return-Path: <york@isoc.org>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4270321F9A5B for <stir@ietfa.amsl.com>; Thu, 13 Jun 2013 05:51:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HOzog6DycL+W for <stir@ietfa.amsl.com>; Thu, 13 Jun 2013 05:51:46 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0203.outbound.protection.outlook.com [207.46.163.203]) by ietfa.amsl.com (Postfix) with ESMTP id 1853321F96D9 for <stir@ietf.org>; Thu, 13 Jun 2013 05:51:46 -0700 (PDT)
Received: from BN1PR06MB072.namprd06.prod.outlook.com (10.242.211.17) by BN1PR06MB071.namprd06.prod.outlook.com (10.242.211.15) with Microsoft SMTP Server (TLS) id 15.0.702.21; Thu, 13 Jun 2013 12:51:36 +0000
Received: from BN1PR06MB072.namprd06.prod.outlook.com ([169.254.5.133]) by BN1PR06MB072.namprd06.prod.outlook.com ([169.254.5.155]) with mapi id 15.00.0702.005; Thu, 13 Jun 2013 12:51:35 +0000
From: Dan York <york@isoc.org>
To: Hadriel Kaplan <hadriel.kaplan@oracle.com>
Thread-Topic: [stir] current draft charter
Thread-Index: AQHOZwiVGT8OWD09JUqSfli80C7Gm5kxT0wAgAAL0QCAAIQHAIAAcu6AgAADDoCAABB/AP//41KAgABTd4CAALvxgA==
Date: Thu, 13 Jun 2013 12:51:35 +0000
Message-ID: <CDDF354D.DD9A%york@isoc.org>
In-Reply-To: <B6D6C44E-3FE3-4342-9BDD-4096D4B66DD7@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.255.101.4]
x-forefront-antispam-report: SFV:SKI; SFS:; DIR:OUT; SFP:; SCL:-1; SRVR:BN1PR06MB071; H:BN1PR06MB072.namprd06.prod.outlook.com; LANG:en;
Content-Type: text/plain; charset="us-ascii"
Content-ID: <A53B60A76700CE4C9EB6AFDBF5AE2EAE@namprd06.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
Cc: "stir@ietf.org" <stir@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Dave Crocker <dcrocker@bbiw.net>, "Peterson, Jon" <jon.peterson@neustar.biz>, Henning Schulzrinne <hgs@cs.columbia.edu>
Subject: Re: [stir] current draft charter
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2013 12:51:50 -0000

Hadriel,

On 6/12/13 5:38 PM, "Hadriel Kaplan" <hadriel.kaplan@oracle.com> wrote:

>That begs the question of what issues you think made Public ENUM fail,
>and why we won't hit the same issues in whatever model we choose.

Since you addressed this question to me, I feel compelled to answer... but
in the meantime both Brian and Jon have given much more detailed answers
with which I mostly agree.

I saw security/privacy issues as the main issues that made Public ENUM not
work, i.e. Brian's points 4, 5 and 6:

> 4. Any public database that was able to show any information about a
>telephone number was considered a privacy issue, requiring a lot of "sign
>off", which never happened.
> 5. Everyone objected to being able to determine what numbers were "live"
> 6. Carriers objected to a public database that told competitors what
>numbers they controlled


The potential for spam was also high.  Five or six years ago there was at
least one tool circulating around that would walk an ENUM tree, generate a
list of all potential phone numbers and then send SIP INVITEs to all of
those numbers.  I remember either seeing a video or reading about how
someone did this with all the public ENUM numbers published for Germany
(at that time). So using Public ENUM could be a fantastic way to
potentially get yourself on the calling lists for telemarketers.

Ideally, I think a public service *would* be a useful way to enable
ubiquitous usage. I'm just not sure how to get there without also opening
a solution up to these same kind of security/privacy issues.

Dan

--
Dan York
Senior Content Strategist, Internet Society
york@isoc.org <mailto:york@isoc.org>   +1-802-735-1624
Jabber: york@jabber.isoc.org <mailto:york@jabber.isoc.org>
Skype: danyork   http://twitter.com/danyork

http://www.internetsociety.org/deploy360/

v2.23.0 | Report a Bug | By Email