Re: [stir] [Acme] NYTimes.com: How Do You Stop Robocalls?

Roman Shpount <roman@telurix.com> Tue, 13 July 2021 07:07 UTC

Return-Path: <roman@telurix.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAC6A3A1AAC for <stir@ietfa.amsl.com>; Tue, 13 Jul 2021 00:07:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=telurix.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tjFhjMg-Tagr for <stir@ietfa.amsl.com>; Tue, 13 Jul 2021 00:07:07 -0700 (PDT)
Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [IPv6:2607:f8b0:4864:20::82b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D741A3A1AA4 for <stir@ietf.org>; Tue, 13 Jul 2021 00:07:06 -0700 (PDT)
Received: by mail-qt1-x82b.google.com with SMTP id z25so13144730qto.12 for <stir@ietf.org>; Tue, 13 Jul 2021 00:07:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mrifgshIGSxtxPvsHWkylpk+g0sF3F0B03E6kM8VK7I=; b=Q/znEScO1XuOvl0CXpklDiwXBZ+mW60vSTtE6B9DKdd/XvcDHFo9m0H2Br2rNw7u0y E4dDe56ReZeM4pJUVOIuotSLFUV6AKbkaQDcvYXFHBgJCtvb+YIBqoJZP3j7zKLSS/n6 ra9pbpAq+33bsYu7/7Mq9mCj0iwNh6zXoi00I=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mrifgshIGSxtxPvsHWkylpk+g0sF3F0B03E6kM8VK7I=; b=ZsN9Shw+tnXXNQOHHTH0isnLl5+ty74EleBZUGhTYAEmlLoTfma+tmb08hz5Cw6fTr 7grcbEUll4ptRja1O4C0GEKW/MR6mhturovwP4+I1SLYCq70Cn5LrqEiiK4WUyovwAf9 3F4CEl8nfJ/FQe+CCkKUff46sIE/B6HjyEyzSH84l4h3th2oMDvuUDLWxWv8dWaUKHTr lMRHnxNyel7BEG46Vu5aKY+k43jPIR7+u6WH1g3AayNfrRWOTsByCimu1SmHZEMg0/PA +TFUMi7s6glM2tKtRDoZvmrWDgH9mbHCe4qZaNdq1V+opwYT0a4a99jD1cNmmK1yV8w/ wPFg==
X-Gm-Message-State: AOAM530f3GTTdiad62sDr94HDJVwP41D2A4AnMRAHa42bfgVa4/lg7DY CXrec77YpxCEXoXfWBp7u+CxRiomjqpvTw==
X-Google-Smtp-Source: ABdhPJxpKbK/Q6V3paRtWbkRIz2Z3pP885CrVmL1z56CSWk9RVcKW1Eo8/aAt0VHPCfBwgYin1/Ivg==
X-Received: by 2002:a05:622a:14c9:: with SMTP id u9mr2556195qtx.219.1626160024886; Tue, 13 Jul 2021 00:07:04 -0700 (PDT)
Received: from mail-yb1-f177.google.com (mail-yb1-f177.google.com. [209.85.219.177]) by smtp.gmail.com with ESMTPSA id h4sm6710692qti.0.2021.07.13.00.07.04 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 13 Jul 2021 00:07:04 -0700 (PDT)
Received: by mail-yb1-f177.google.com with SMTP id g19so33187307ybe.11; Tue, 13 Jul 2021 00:07:04 -0700 (PDT)
X-Received: by 2002:a25:9bc6:: with SMTP id w6mr4070536ybo.159.1626160023997; Tue, 13 Jul 2021 00:07:03 -0700 (PDT)
MIME-Version: 1.0
References: <B0BBFDFA-4203-4660-A982-80A5B8DED746@contoso.com> <CAHBDyN57-8-ctw8L-5ob_ti2azBwEGqyEApGVSMwJgNM68Uscw@mail.gmail.com> <CAD5OKxsy3xODy2mXHJcKB=ihwdOeLLYiLaDpORa4B33j7TUuhw@mail.gmail.com> <FDA56FC9-ADDD-4A5C-8624-3F0CC822E230@edvina.net>
In-Reply-To: <FDA56FC9-ADDD-4A5C-8624-3F0CC822E230@edvina.net>
From: Roman Shpount <roman@telurix.com>
Date: Tue, 13 Jul 2021 03:06:52 -0400
X-Gmail-Original-Message-ID: <CAD5OKxvYMERn9++0-igHxCLf5=DwPGH7E-T+OzH1NNiGZp0tHA@mail.gmail.com>
Message-ID: <CAD5OKxvYMERn9++0-igHxCLf5=DwPGH7E-T+OzH1NNiGZp0tHA@mail.gmail.com>
To: "Olle E. Johansson" <oej@edvina.net>
Cc: Mary Barnes <mary.ietf.barnes@gmail.com>, "stir@ietf.org" <stir@ietf.org>, "acme@ietf.org" <acme@ietf.org>, "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="0000000000009410bd05c6fbe29b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/Ho_tfJzmXOmHgvrPol1lsEXEY4Y>
Subject: Re: [stir] [Acme] NYTimes.com: How Do You Stop Robocalls?
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jul 2021 07:07:12 -0000

On Tue, Jul 13, 2021 at 2:33 AM Olle E. Johansson <oej@edvina.net> wrote:

> 13 juli 2021 kl. 06:58 skrev Roman Shpount <roman@telurix.com>om>:
>
>  At the same time, SIP over TLS has many performance and reliability
> issues that would need to be addressed before it is ready for industry-wide
> deployment.
>
>
> There’s also a lack of applicable standards for TLS usage, as I’ve pointed
> out a few times, but the working group seems to have no energy to fix. SIP
> over TLS from the SIP phone side requires implementation of SIP outbound,
> which we never successfully tested at any SIPit. I know of a few
> implementations now, but haven’t tested them together.
>

We have built a SIP Outbound implementation with TLS. It kind of works but
helped us identify plenty of problems both from reliability and scalability
points of view.

In the meantime, I am more concerned with more and more PII being sent in
SIP INVITE, especially with RCD. It might be legally required to encrypt it
when sending such data over the public internet, which would require TLS or
VPN connections for all service providers. Together with increased SIP
INVITE size, TLS essentially becomes the requirement. At this point, I am
more concerned with making service provider to service provider use cases
working.
_____________
Roman Shpount