Re: [stir] [Acme] NYTimes.com: How Do You Stop Robocalls?

"Olle E. Johansson" <oej@edvina.net> Tue, 13 July 2021 08:21 UTC

Return-Path: <oej@edvina.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D54F3A08E3; Tue, 13 Jul 2021 01:21:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fbIzrDMMB8sl; Tue, 13 Jul 2021 01:21:13 -0700 (PDT)
Received: from smtp7.webway.se (smtp7.webway.se [IPv6:2a02:920:212e::205]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 473D73A08E4; Tue, 13 Jul 2021 01:21:12 -0700 (PDT)
Received: from smtpclient.apple (h-176-10-205-16.A165.corp.bahnhof.se [176.10.205.16]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp7.webway.se (Postfix) with ESMTPSA id D06D31900; Tue, 13 Jul 2021 10:21:10 +0200 (CEST)
From: "Olle E. Johansson" <oej@edvina.net>
Message-Id: <65F108C8-8139-4770-9C18-9694721A74BE@edvina.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F2979B2B-EC3E-43E4-9100-B4AC0B71331F"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\))
Date: Tue, 13 Jul 2021 10:21:09 +0200
In-Reply-To: <HE1PR07MB4441ADDB925B8E12EE0E421E93149@HE1PR07MB4441.eurprd07.prod.outlook.com>
Cc: Roman Shpount <roman@telurix.com>, "stir@ietf.org" <stir@ietf.org>, Mary Barnes <mary.ietf.barnes@gmail.com>, "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, "acme@ietf.org" <acme@ietf.org>
To: Christer Holmberg <christer.holmberg=40ericsson.com@dmarc.ietf.org>
References: <B0BBFDFA-4203-4660-A982-80A5B8DED746@contoso.com> <CAHBDyN57-8-ctw8L-5ob_ti2azBwEGqyEApGVSMwJgNM68Uscw@mail.gmail.com> <CAD5OKxsy3xODy2mXHJcKB=ihwdOeLLYiLaDpORa4B33j7TUuhw@mail.gmail.com> <FDA56FC9-ADDD-4A5C-8624-3F0CC822E230@edvina.net> <HE1PR07MB4441ADDB925B8E12EE0E421E93149@HE1PR07MB4441.eurprd07.prod.outlook.com>
X-Mailer: Apple Mail (2.3654.100.0.2.22)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/Z_rkDFX6btpuFQRKUR0KpydHA6o>
Subject: Re: [stir] [Acme] NYTimes.com: How Do You Stop Robocalls?
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jul 2021 08:21:19 -0000


> On 13 Jul 2021, at 10:10, Christer Holmberg <christer.holmberg=40ericsson.com@dmarc.ietf.org> wrote:
> 
> Hi Olle,
> 
> When you say “does not support Outbound”, are you referring to the whole mechanism, or to the specific reuse-of-registration-connection-for-incoming-calls part?

We have had a lot of discussions about this in the past, where I focused on the latter. In the current set of standards a server is not allowed to reuse the incoming TLS connection for outbound requests. Only SIP outbound allows this. That’s why I started a discussion about a “half-outbound” - much like the use of Outbound in SIP over WebSockets today.

Here’s some notes and ideas on that from 2016:
https://www.slideshare.net/oej/sip-half-outbound-random-notes <https://www.slideshare.net/oej/sip-half-outbound-random-notes>

/O
> 
> Regards,
> 
> Christer
> 
> Get Outlook for iOS <https://aka.ms/o0ukef>
> From: stir <stir-bounces@ietf.org> on behalf of Olle E. Johansson <oej@edvina.net>
> Sent: Tuesday, July 13, 2021 9:32:56 AM
> To: Roman Shpount <roman@telurix.com>
> Cc: stir@ietf.org <stir@ietf.org>rg>; Mary Barnes <mary.ietf.barnes@gmail.com>om>; Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org>rg>; acme@ietf.org <acme@ietf.org>
> Subject: Re: [stir] [Acme] NYTimes.com: How Do You Stop Robocalls?
>  
> 
> 
>> 13 juli 2021 kl. 06:58 skrev Roman Shpount <roman@telurix.com <mailto:roman@telurix.com>>:
>> 
>>  At the same time, SIP over TLS has many performance and reliability issues that would need to be addressed before it is ready for industry-wide deployment.
> 
> There’s also a lack of applicable standards for TLS usage, as I’ve pointed out a few times, but the working group seems to have no energy to fix. SIP over TLS from the SIP phone side requires implementation of SIP outbound, which we never successfully tested at any SIPit. I know of a few implementations now, but haven’t tested them together.
> 
> Made this presentation five years ago
> https://www.slideshare.net/oej/sip-tls-security-in-a-peer-to-peer-world <https://www.slideshare.net/oej/sip-tls-security-in-a-peer-to-peer-world>
> 
> /O
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir