Re: [stir] FYI only: Two new VoIP spam drafts
Alex Bobotek <alex@bobotek.net> Sun, 02 October 2016 06:20 UTC
Return-Path: <alex@bobotek.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6281912B044 for <stir@ietfa.amsl.com>; Sat, 1 Oct 2016 23:20:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y9qeQORrb-O7 for <stir@ietfa.amsl.com>; Sat, 1 Oct 2016 23:20:49 -0700 (PDT)
Received: from resqmta-po-01v.sys.comcast.net (resqmta-po-01v.sys.comcast.net [IPv6:2001:558:fe16:19:96:114:154:160]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D622012B023 for <stir@ietf.org>; Sat, 1 Oct 2016 23:20:48 -0700 (PDT)
Received: from resomta-po-13v.sys.comcast.net ([96.114.154.237]) by resqmta-po-01v.sys.comcast.net with SMTP id qa8jb3OUgucHZqa8mbW6eg; Sun, 02 Oct 2016 06:20:48 +0000
Received: from BOBO1A.bobotek.net ([76.22.113.196]) by resomta-po-13v.sys.comcast.net with SMTP id qa8jbZOP50Hwuqa8kbKyUs; Sun, 02 Oct 2016 06:20:48 +0000
Received: from BOBO1A.bobotek.net ([fe80::4851:b4bb:416a:e1ad]) by BOBO1A.bobotek.net ([fe80::4851:b4bb:416a:e1ad%10]) with mapi; Sat, 1 Oct 2016 23:01:50 -0700
From: Alex Bobotek <alex@bobotek.net>
To: Henning Schulzrinne <Henning.Schulzrinne@fcc.gov>, "stir@ietf.org" <stir@ietf.org>
Date: Sat, 01 Oct 2016 23:01:50 -0700
Thread-Topic: FYI only: Two new VoIP spam drafts
Thread-Index: AQHSG4AHdXDxA/hrj06MJ4pEMbL5u6CUpQ4g
Message-ID: <4B1956260CD29F4A9622F00322FE053101290E491F5A@BOBO1A.bobotek.net>
References: <CY1PR09MB0634D8B39756549280B2F686EAC00@CY1PR09MB0634.namprd09.prod.outlook.com>
In-Reply-To: <CY1PR09MB0634D8B39756549280B2F686EAC00@CY1PR09MB0634.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_4B1956260CD29F4A9622F00322FE053101290E491F5ABOBO1Abobot_"
MIME-Version: 1.0
X-CMAE-Envelope: MS4wfGZmJLDR1kqo++EB1WWugOhMHrsBF1cqYcx4f9y5l0aGwqdIC7o4uu7QoyR5n78xfoQUD5i8ZSjaHpJ3386/UvPYRlnr/INAXIqS2BkrA8fZjTRirJoF vJmuVjFQu0EF047+UCG479gMu06xJ5hIJPzBG3/SNJY5zZLPL9djTR9bqQRkZzGGGH3woQ5ewE+cOcofLx4hxrcUw6Pn1YPmBV0=
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/J1LdjqD3Gc8V2bEcsvnWP_iNhMM>
Subject: Re: [stir] FYI only: Two new VoIP spam drafts
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Oct 2016 06:20:52 -0000
It's good to see the docs. I'm very pleased to see the facilitation of end-user feedback, information crucial to abuse mitigation. Comments on draft-schulzrinne-dispatch-status-unwanted: 1. The status code could, conceivably, be returned by automata or by human-triggered action (e.g., user click on the 'report spam' button). Consider whether the status code could reflect action by someone or something other than the typically-human called party and at points before the terminating device. IMHO, it should permit such indications from automata as well as human-initiated actions. 2. The recommendation that the response code not be used in creating call filters unless the call has been authenticated via 4474bis is too strong. There are many cases where I want such non-authenticated information to be used to filter my calls. Just about everybody using the more popular call blocking solutions available today benefit from blacklisting based on feedback of unauthenticated caller IDs, and this practice should not be terminated capriciously. Additionally, 4474bis is only one of many methods of auth and may instead be more of a statement of service provider origination than of calling address authority or authentication. I suggest toning this down to a statement that the possibility of spoofing or unauthorized use should be taken into consideration in constructing call filters. 3. The draft should include normative text that specifies when a SIP entity MAY/SHOULD/SHALL return the status code. It only specifies what a recipient of the code MAY do. For example, add to section 4: "A SIP entity MAY reply to a SIP request with the 'Unwanted' response code if there is a user-initiated or other indication that the request is unwanted. " 4. Consider allowing SIP entities handling the response to substitute a different code in any forwarded responses. A called party may not wish to convey rejection as unwanted all the way back to the calling party. I don't know the right answer, and I hope others' opinions will be expressed. There are times when a message instructing a caller to 'place me on your organization's DNC' is desired, and times when a more silent approach is preferred. 5. The introductory paragraph discusses the need to express that a call is unwanted. Section 3 discusses the need to indicate that a caller's calls are unwanted. These are different assertions. The most basic assertion is 'this call is unwanted'. Perhaps an additional 'no calls from that address are wanted' assertion should also be supported. Regards, Alex From: stir [mailto:stir-bounces@ietf.org] On Behalf Of Henning Schulzrinne Sent: Friday, September 30, 2016 6:08 PM To: stir@ietf.org Subject: [stir] FYI only: Two new VoIP spam drafts [Please address comments to the DISPATCH list; this copy is FYI only since I forgot to bcc the list.] In collaboration with members of the Robocall Strike Force (https://www.fcc.gov/news-events/events/2016/08/first-meeting-industry-led-robocall-strike-force), I have submitted two I-D's: https://datatracker.ietf.org/doc/draft-schulzrinne-dispatch-status-unwanted/ https://datatracker.ietf.org/doc/draft-schulzrinne-dispatch-callinfo-spam/ that fill in operational needs for dealing with SIP spam. The first defines a new status code (666) that users can use to mark unwanted calls, either as a response code to an INVITE or in a Reason header in a BYE response. (This will likely be supplemented in practice by API-based mechanisms for post-call spam reports.) The second defines a set of Call-Info parameters that allow the carrier or other UE-trusted SIP entity in the path to indicate the spam probability, type of call and other related information that will allow the UE and user to make better call handling decisions. This complements the 'verstat' work being submitted to 3GPP (by others), for indicating the level of trust in the From/PAI tel URI. Henning
- [stir] FYI only: Two new VoIP spam drafts Henning Schulzrinne
- Re: [stir] FYI only: Two new VoIP spam drafts Alex Bobotek
- Re: [stir] FYI only: Two new VoIP spam drafts Henning Schulzrinne