IETF Logo Mail Archive

Re: [stir] [sipcore] draft-ietf-sipcore-callinfo-04 (call-reason)

Henning Schulzrinne <hgs@cs.columbia.edu> Fri, 18 March 2022 20:05 UTC

Return-Path: <hgs10@columbia.edu>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 878153A1075 for <stir@ietfa.amsl.com>; Fri, 18 Mar 2022 13:05:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.008
X-Spam-Level:
X-Spam-Status: No, score=-2.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=columbia.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ho-IjLHsB7-U for <stir@ietfa.amsl.com>; Fri, 18 Mar 2022 13:05:39 -0700 (PDT)
Received: from mx0b-00364e01.pphosted.com (mx0b-00364e01.pphosted.com [148.163.139.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F36053A107B for <stir@ietf.org>; Fri, 18 Mar 2022 13:05:38 -0700 (PDT)
Received: from pps.filterd (m0167077.ppops.net [127.0.0.1]) by mx0b-00364e01.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 22IJxZ8O010420 for <stir@ietf.org>; Fri, 18 Mar 2022 16:05:38 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=columbia.edu; h=mime-version : references : in-reply-to : from : date : message-id : subject : to : cc : content-type; s=pps01; bh=45Gdh6aSJb12h1FJboWcsntvUe7Vd1OGxMO1D+TTDCg=; b=YrNGLNGC+BWrsUIop1ftM/Z2SNiOEP6SLzq8v922oek4qSc7DbygTMN5Qu8vIzB0IgRQ QZo77z555twLTyx7coT7AMdj+cocV5lrhMgTUkrToHxFetLkMIFFBxNexAok6DxEM1e5 804i97iGmx16PIPzIhzcPzu0C4LsTj/T9RT/VNiD5zf+hhkmWw7l2blaDtdhD+B4Hc1d 09qac3/jAlTSaVKUMa1NAMkikidbolm5EE4LvgzF05ysYZQoCWvVZJYQn8ljwy9YYQL4 maA7VsNapmSczJ9FtXlaST5F/htc7riqlBRHHIqBRkzR6UdXO3QBqnRqaAveb4aXmKIL Dw==
Received: from sendprdmail20.cc.columbia.edu (sendprdmail20.cc.columbia.edu [128.59.72.22]) by mx0b-00364e01.pphosted.com (PPS) with ESMTPS id 3evg1q63cj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <stir@ietf.org>; Fri, 18 Mar 2022 16:05:37 -0400
Received: from mail-qv1-f70.google.com (mail-qv1-f70.google.com [209.85.219.70]) by sendprdmail20.cc.columbia.edu (8.14.7/8.14.4) with ESMTP id 22IK5ZvQ068988 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <stir@ietf.org>; Fri, 18 Mar 2022 16:05:36 -0400
Received: by mail-qv1-f70.google.com with SMTP id o1-20020a0c9001000000b00440e415a3a2so4676483qvo.13 for <stir@ietf.org>; Fri, 18 Mar 2022 13:05:35 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=45Gdh6aSJb12h1FJboWcsntvUe7Vd1OGxMO1D+TTDCg=; b=KydVVEKO7E1xJ1/DC6fLERrpZTlPT/HEa+G9OEYIYYIELoQfmjPtyvq6pColmQZOVQ sK8pQzdPYI6lvRuiDDTsCzLm1/zff+/e9kw0yqxRRZb8/dXShGgDTX2rlD8EyyXnq0Nd 4Dzv/IXb3tDYBDtsyo7pZnG1xtOUeReAi89jW1+3X9wTi3NixCL8HCEVUp3ztTaJcIJe hSrZ/oS75yIxtT2o/yOLueXrP3HW3g95XUr07u6k0gMu23tzEwCECvoYnqWMzMsXajZh smepDvoKR8TDDGoJxwEMWHPYuvTkPSWYJOAbSf3YWdHluG7Wsov1DFRpV2ufUOD1hWmY b3VA==
X-Gm-Message-State: AOAM532LvBif4CSln0g+yPRsLEFk4dhYoritQZWVAk/CQ7FHypfdGaxX OkNBRD2Wd+RVafSoJK/Ix9TjP+vLwzkjqaUpLsSEY9LrW0k97vMVV2mPxkb4K+w0/ZsYHnptlHU HKCj1H2GTKC571zJ0iWzpjvChhDEv
X-Received: by 2002:a05:6214:e8e:b0:441:a5a:3059 with SMTP id hf14-20020a0562140e8e00b004410a5a3059mr814160qvb.127.1647633935164; Fri, 18 Mar 2022 13:05:35 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxfJxW9ac63Id92RonLjvTJ/KObWa6iBfsO1eRcYoBwqoO84g8mze5jJ1to1i3RVmYROUQc5GbvUCYNMPh+ohg=
X-Received: by 2002:a05:6214:e8e:b0:441:a5a:3059 with SMTP id hf14-20020a0562140e8e00b004410a5a3059mr814137qvb.127.1647633934724; Fri, 18 Mar 2022 13:05:34 -0700 (PDT)
MIME-Version: 1.0
References: <CACgrgBbUASA4HTukPwZL9V=8XOMTx_keZcDh-pVc0eSJYtVS8w@mail.gmail.com> <86BE36F5-7CFE-48BE-B0A7-7458B67EB208@chriswendt.net>
In-Reply-To: <86BE36F5-7CFE-48BE-B0A7-7458B67EB208@chriswendt.net>
From: Henning Schulzrinne <hgs@cs.columbia.edu>
Date: Fri, 18 Mar 2022 16:05:08 -0400
Message-ID: <CACgrgBYLsb1rdceMtbTYYwL-JhejCA__j=PRnr1UsjTig2jf4A@mail.gmail.com>
To: Chris Wendt <chris-ietf@chriswendt.net>
Cc: SIPCORE <sipcore@ietf.org>, stir@ietf.org
Content-Type: multipart/alternative; boundary="00000000000066451b05da83abb4"
X-Proofpoint-GUID: WUiw1MZxPAxQnMeEQIJt3raDgk03ezKQ
X-Proofpoint-ORIG-GUID: WUiw1MZxPAxQnMeEQIJt3raDgk03ezKQ
X-CU-OB: Yes
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.850,Hydra:6.0.425,FMLib:17.11.64.514 definitions=2022-03-18_14,2022-03-15_01,2022-02-23_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 bulkscore=10 malwarescore=0 adultscore=0 priorityscore=1501 impostorscore=10 mlxlogscore=999 phishscore=0 mlxscore=0 lowpriorityscore=10 spamscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2202240000 definitions=main-2203180106
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/WkCbKG8FBJXzzm0-Duxul3ikmpY>
Subject: Re: [stir] [sipcore] draft-ietf-sipcore-callinfo-04 (call-reason)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Mar 2022 20:05:44 -0000

Generalizing a bit, we are trying to provide information that allows a
called party to decide whether to (1) accept the call; (2) trust the caller
in some sense ("this is a real charity; this is actually a real bank; this
call is important enough to answer"), with both (1) and (2) probably
outsourced to your favorite ML/AI/robot service in some cases, whether
enterprise phishing/fraud prevention or some service for residential users.

We use a variety of means for this:
* information about the telephone identity (usually, TN) of the caller ->
STIR "classic", using From, mostly, but also the various
P-Asserted-Identity, verstat and similar headers
* information about the caller's "real world" identity -> RCD
* information about the nature of the call -> SDP and others ("sorry, no
video calls"); possible the Subject header and the call-reason field

All of these have different sources and change periods:
* TNs often don't change for decades and are best provided (or validated)
and, where available, signed by the OSP, but may also be inserted by
intermediaries, e.g., in SS7-to-SIP gateways.

* RCD may change more frequently (people move, businesses change names),
but are also best provided by the OSP, at least for most users, e.g., based
on billing addresses and the KYC process. This will be pretty much required
for the JWT version. This means there's relatively little opportunity for
inappropriate content, for example.

* The nature of the call is, by necessity, provided by the caller, on a
call-by-call basis. Unless one creates another API from the UA to the local
PBX (or carrier), it would have to be either merged with the RCD data or
carried in two Call-Info headers. If the carrier merges it, this blurs the
responsibility - it makes it look like the carrier vouches for the call
purpose, which they presumably want nothing to do with. Given the potential
for abuse, you probably need to provide the called party with an
opportunity to suppress this. (This new text channel is a perfect way to
harass people or businesses with messages, at no cost and none of the SMS
campaign registration and cost overhead.)

Also, for regulated businesses such as banks, the call purpose information
would need to be recorded and possibly filtered - you don't want this to be
used to bypass content filters and flagging. ("Buy T at $100"). Putting
this in the same header as the RCD is not helpful - it just makes it
messier.

Thus, the call-purpose information is much more akin to a new messaging
channel - after all, the caller can just make a bunch of calls, each with a
new call-purpose (or Subject).

Thus, RCD and call-purpose share very little in terms of responsibility,
spam risks and method of generation. Combining them in one header offers
little advantage and just blurs responsibility.

Providing a reason for the call was the original motivation for the Subject
header. This hasn't been too successful, but the new proposal, in my view,
makes things worse and addresses none of the likely reasons for the Subject
non-success.

If there's a need to provide more call-specific information that can't be
handled by Subject, this seems best to be a new Call-Info purpose. It is
then clear that this is of a different nature than the business card
information in jCard.

Henning

On Fri, Mar 18, 2022 at 10:16 AM Chris Wendt <chris-ietf@chriswendt.net>
wrote:

> Hi Henning,
>
> This is good feedback, you are correct there really hasn’t been a lot of
> discussion on the callinfo-rcd draft, most of the mind share has been
> toward the passport-rcd, now that i think that document has mostly
> stabilized on issues not related to your comments or the specifics of how
> we do callinfo, it’s a good time to engage on that and appreciate you
> starting the discussion.
>
> I’d be curious to think what others think about using Subject for
> call-reason vs callinfo.
>
> I think the thought process as you sort of indicate sort of went a bit
> back in forth about whether jcard would be the extensible object we all put
> information about caller into, we seemed to have backed off of that for
> what has emerged to be the initial minimum use of RCD which is name, TN,
> icon, call reason.  The first three is info about the caller, the call
> reason is info that is likely specific to the call intent, not information
> about the caller. So in that sense Subject may make sense because after all
> that is what it was created for, but also we weren’t sure if there would be
> other categories of information that we may want to extend in call-info.
> For example, URL to relevant info about the intent of the call, or other
> call specific info.
>
> Beyond your point, but related and maybe just validation for me, do we
> want to protect call-reason as part of RCD?  I think we sort of said, yes
> why not protect/sign it because we view RCD as an extensible set of claims,
> as long as we make that a claim that is not part of the “rcd” claim that is
> specifically about the calling party identity, which we did with “crn”.
>
> I do also think we need to address when callinfo and other SIP
> headers/parameters are used to carry info vs in RCD claims.  Should they be
> mutually exclusive, that you should either do one or the other depending if
> you want the signature/integrity protection for your use-case?
>
> -Chris
>
> > On Mar 17, 2022, at 11:49 PM, Henning Schulzrinne <hgs@cs.columbia.edu>
> wrote:
> >
> > There was a brief discussion on this in August 2020, but now that the
> draft is stabilizing, I'd like to comment on the call-reason parameter. I'm
> not sure I found all the discussions, with only an August 2020 discussion
> (from Paul Kyzivat and Chris Wendt) popping up. In any event, as drafted,
> this seems to be exactly duplicating the Subject header. Having two header
> fields that do pretty much the same thing seems unwise.
> >
> > There was discussion on structured content, but this doesn't seem
> possible to add without breaking backwards-compatibility. You really don't
> want to add JSON to an existing string, or other parameters.
> >
> > There seems to be no obvious reason why systems that drop Subject would
> treat call-reason with more care (or deliver it to the UA). Indeed, richer
> information is likely to make the handling more challenging - the more
> stuff the UA can embed, the more likely that this will cause security
> concerns. (You really don't want to include full HTML with JavaScript
> here...)
> >
> > It is also a poor addition to the callinfo header, as the RCD will
> likely be generated by a trusted entity, such as the carrier or the
> enterprise PBX, while the call-reason has to be generated, on a
> call-by-call basis, by the UA, either via human input or via the robot
> generating the (hopefully wanted) calls.
> >
> > I think there are three reasons that Subject has not seen much use:
> >
> > (1) For person-to-person phone calls, there seems to be little appetite
> to add more overhead to making calls. If I want to text ahead ("I'll call
> you shortly about the vet"), people will likely do that instead.
> Call-reason or Subject are not substitutes for texting-ahead.
> >
> > (2) For enterprise-to-consumer calls, this seems like an opportunity for
> potential abuse and spam.
> >
> > (3) SIP headers provided by the end system or end user don't seem to
> survive the paranoia of B2BUAs and various other in-call entities.
> >
> > All of these would likely apply to call-reason, with the additional
> issue of who-generates-what added for complexity. If the landscape has
> changed, i.e., there's a willingness to deliver information UA-to-UA, then
> this would apply to the Subject header as well.
> >
> > Henning
> > _______________________________________________
> > sipcore mailing list
> > sipcore@ietf.org
> > https://www.ietf.org/mailman/listinfo/sipcore
>
>

v2.8.7 | Report a Bug | By Email