Richard Shockey wrote:
RS> You cannot authoritatively determine a binding between a phone number and a consumer (domain) without access to the databases.
The point of ViPR is that the authoritative mapping as you've defined it just isn't necessary; a forward routability check is all that is really needed.
Indeed, let us look at email for a moment. How does one know that "jdrosen@xxxxxxxxxxx" authoritatively maps to me? In reality the only authoritative source for this is the databases at jdrosen.net which contain credentials that are bound to me. However, those are inaccessible to the rest of the world. Instead, one can check if jdrosen@xxxxxxxxxxx routes to me by sending me an email with some kind of secret, and if I can prove I know that secret, you know that I'm jdrosen@xxxxxxxxxxxx This forward routability check is the foundation for vast amounts of web security and identity, and that same principle is applied here for phone numbers.
Do you argue that we should stop using these forward email routing checks in the web?
-Jonathan R. -- Jonathan D. Rosenberg, Ph.D. SkypeID: jdrosen Chief Technology Strategist Mobile: +1 (732) 766-2496 Skype SkypeIn: +1 (408) 465-0361 jdrosen@xxxxxxxxx http://www.skype.com jdrosen@xxxxxxxxxxx http://www.jdrosen.net _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf