IETF Logo Mail Archive

Re: [stir] Call Forward/Follow-me

Hadriel Kaplan <hadriel.kaplan@oracle.com> Fri, 07 June 2013 20:10 UTC

Return-Path: <hadriel.kaplan@oracle.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E696E21F9991 for <stir@ietfa.amsl.com>; Fri, 7 Jun 2013 13:10:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BtfTjEtW+nrw for <stir@ietfa.amsl.com>; Fri, 7 Jun 2013 13:10:16 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 8209921F998C for <stir@ietf.org>; Fri, 7 Jun 2013 13:10:16 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r57KAC35031960 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 7 Jun 2013 20:10:13 GMT
Received: from userz7021.oracle.com (userz7021.oracle.com [156.151.31.85]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r57KADhH000759 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 7 Jun 2013 20:10:14 GMT
Received: from abhmt111.oracle.com (abhmt111.oracle.com [141.146.116.63]) by userz7021.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r57KAD7e000741; Fri, 7 Jun 2013 20:10:13 GMT
Received: from dhcp-amer-vpn-adc-anyconnect-10-154-155-163.vpn.oracle.com (/10.154.155.163) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 07 Jun 2013 13:10:13 -0700
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Hadriel Kaplan <hadriel.kaplan@oracle.com>
In-Reply-To: <51B23B0A.7040608@alum.mit.edu>
Date: Fri, 07 Jun 2013 16:10:13 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <0B5B43BD-7681-4BE5-9857-94F307389C81@oracle.com>
References: <5DDB5576-CAEF-453C-8C90-0C6709DAD84F@neustar.biz> <CAKhHsXGzQf7EAjiEj78YbmA5xiZVacGtPg-G5YKUup==YkE0sA@mail.gmail.com> <51B23B0A.7040608@alum.mit.edu>
To: Paul Kyzivat <pkyzivat@alum.mit.edu>
X-Mailer: Apple Mail (2.1508)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Cc: stir@ietf.org
Subject: Re: [stir] Call Forward/Follow-me
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jun 2013 20:10:22 -0000

I'm getting confused by this thread.
History-Info (or Diversion) is only useful to know the original *called* destination party, not *calling* source party.

I.e., if the To-username gets changed by the PBX, Hist-info might tell you what it used to be... if the req-uri matched the To, and the PBX does Hist-Info, and all downstream devices pass it on, and if the final UAS could decipher which Hist-info to look at, and if the stars aligned.

But if the From username got changed nothing will tell you what it used to be.  I think Brian was arguing the From should be changed by the PBX to be the new source of the new call, namely the PBX's main number or the To-number being forwarded from - because otherwise it's spoofing the From for this "new" call - but I don't think it should change the From because I contend it's not spoofing, but just routing the same call as a B2BUA.

-hadriel


On Jun 7, 2013, at 3:56 PM, Paul Kyzivat <pkyzivat@alum.mit.edu> wrote:

> On 6/7/13 2:23 PM, Alan Johnston wrote:
>> I think that History-Info should be the solution going forward,
>> certainly for SIP networks.
> 
> I expect that there will be a variety of "solutions".
> We aren't obligated to mandate one. Its only necessary to ban spoofing, and let people decide which alternative they want to use.
> 
> If H-I was deployed across the full range of equipment out there, I'd expect that correct reporting of calling party would be very spotty.
> 
> Now that calling is typically cheap enough that most people don't think about it, a simple solution to forwarding is 3xx, and to transfer is basic REFER. Those will get the calling party right. (Except in cases where you *want* the identify of the intermediary to be displayed. And that is the easy case.)
> 
> 	Thanks,
> 	Paul
> 
>> - Alan -
>> 
>> 
>> On Fri, Jun 7, 2013 at 1:17 PM, Rosen, Brian <Brian.Rosen@neustar.biz
>> <mailto:Brian.Rosen@neustar.biz>> wrote:
>> 
>>    A problem that has been noted is PBXs and other services that
>>    implement Call Forward and Follow-me by spoofing From to be the
>>    original caller when they originate a call from the PBX to the
>>    ultimate destination.  They do this so that the called party sees
>>    the original caller when they get the call.
>> 
>>    If we outlaw spoofing, these services wouldn't be able to do that.
>>      They would have to use History or other headers to pass the
>>    original calling party number.
>> 
>>    I believe that we can't continue to allow this kind of spoofing.
>>      There are other headers which are appropriate for use.
>> 
>>    One of the arguments given is that in older systems such as POTS or
>>    2G/3G, there is no way to get caller ID to show data from the other
>>    headers.  I think we have to accept such limitations.  Newer systems
>>    would not have that problem of course.
>> 
>>    While it may be unfortunate that something like forward or follow-me
>>    doesn't work as well as it did, I think that it's the right tradeoff.
>> 
>>    Please note that there are another class of calling party number
>>    spoofing circumstances we CAN do something about.  Suppose a doctor
>>    wants to place a call on her mobile that appears to come from her
>>    office number.  In that case the doctor can authorize the service
>>    that arranges that call.  They can get the cert for the office
>>    number and authorize the service to place calls with that number by
>>    giving them a cert for that authorization.  This also works for, as
>>    an example, a call center placing calls for an enterprise.
>> 
>>    The difference is, of course, that the "spoofed" number is a number
>>    delegated to the entity spoofing, rather than the forward/follow me
>>    case where the spoofed number is the calling party and the entity
>>    spoofing is authorized by the called party.
>> 
>>    Brian
>>    _______________________________________________
>>    stir mailing list
>>    stir@ietf.org <mailto:stir@ietf.org>
>>    https://www.ietf.org/mailman/listinfo/stir
>> 
>> 
>> 
>> 
>> _______________________________________________
>> stir mailing list
>> stir@ietf.org
>> https://www.ietf.org/mailman/listinfo/stir
>> 
> 
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email