Re: Thoughts from IETF-92

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In line ..



On 4/1/15, 12:35 PM, "Phillip Hallam-Baker" <phill@xxxxxxxxxxxxxxx> wrote:

>A meet up on general policy related stuff or the robocall scams?

Both there are a lot of issues cropping up.


>
>I think it is absolutely clear that we can apply many of the
>techniques used to control email spam to block robocalls in principle.

Well not so fast.  They are not the same. Real time is essentially a
symmetrical service while email is fundamentally asymmetrical and I have
Not seen a Baysian filter for voice yet.


>But the problem is that the telephone system architecture only gives
>us stupid boxes with no APIs or ability to customize their function.


The new architecture is different. SIP IMS is actually more functional
that way. Its the legacy TDM gear that you can¹t really touch and that is
part of the problem.  The operators of the PSTN/PSN correctly will not
spend one cent on trying to modify the legacy gear. You can¹t. Go try and
find line cards for 5ESS, DMS and Siemens platforms these days much less
try and find anyone that could modify the switch code.  In the US and CA
35% of all voice is now IP end to end is some way and with VoLTE starting
to roll that will push the total to 75% or more in 3 years. The FCC and
other regulators are just starting to sort through the PSTN transition
issues.  


>
>I suspect a large part of the problem is that most of the folk who
>could work on this problem are cord cutters who use mobiles. Robocalls
>are an increasing problem there as well but it is much smaller. I get
>maybe one mobile robocall a month while there are six a day on the
>home phone.

Personally its 1 to 4 but milage can vary.  There is no about the
contagion is spreading even to mobile. ITU ran a workshop on this last
year and even the 
Chinese regulators are getting grey hair about it. Which is why STIR was
formed to see if you could apply SIDR principals to the E.164 plan.


>
>By telephone service, I mean the voice communication service I can
>access from any of the 12 handsets in the house and allows me to call
>anyone with a telephone number.



Right. The any to any model of E.164 named realtime communications still
works and works well and is still a great business. About 14 Billion in
the US BTW. You buy a lot with E.164 including the Emergency Services
networks 911 999 etc. I have had to listen to the naysayers in the IETF
hallways whine endlessly ..phone numbers are stupid the PSTN is toast etc.
 <yawn>  Now its SIP sucks WEBRTC is the future .. <snore>
 

>
>Now this is not where I want to be. I want to add more handsets for a
>start and I would like the handsets to have effective encryption
>between the handset and the base station.
>
>Some things that I think would help (in no particular order).
>
>1) State laws that require products with defective security (e.g. car
>door keys, garage door openers, DECT6.0 phones) to be sold with large
>stickers saying 'Defective Security'.


Good luck with that.

>
>2) Someone producing a clear, easy to understand guide specifying the
>hardware and service requirements for setting up an Internet telephony
>system that provides an API allowing intelligent control
>
>3) Hardware vendors who provide VOIP access points could provide API
>hooks.

People are working on that especially for the enterprise markets.

>
>4) A Web service protocol specification allowing the API to be
>activated remotely.


Talk to the WEBRTC folks ..


>
>
>For example, I would like to be able to program my telephone system to
>add the following features:
>
>* Direct voicemail to my own systems that NEVER EVER delete a message
>or make me w-a-i-t w-h-i-l-e a v-e-r-y s-l-o-o-o-o-o-w s-p-e-a-k-e-r
>t-e-l-l-s me stuff I already know.
>
>* While in a call, I dial a code on the handset to white list that caller
>* While in a call, I dial a code to black list that caller


That has been in the PSTN for a long time.

?The PSTN already has User Directed Selective Call Acceptance (SCA- the
white list) and its twin Selective Call Rejection (SCR ­
black list)

?The other alternative is Network Directed Rejection is sometimes referred
to as ³Do Not Originate² or ³Super
Do Not Call² In particular the Do Not Originate would potentially allow
the carrier to block any call that is using a non-allocated E 164 number.
The problem there is nearly all national regulations have ³the call must
go through² language.

Signalling codes are well understood as well.

http://www.nanpa.com/number_resource_info/vsc_definitions.html

Its just no one uses them.

I have very little confidence in any of the known anti-spam measures
having any relevance to the real time communications problems.  They are
all subject to the same potential for malicious abuse we¹ve seen in email.
How do you get OFF the list if your ex girlfriend puts you on it.
Of course you can try but the evidence so far is not that good and we¹ve
had a bunch of meetings at MAAWG about this.

 




>
>* Control which incoming calls can cause the ringer to sound and at
>which times of the day.
>
>* Route calls to certain numbers end to end without going through the
>PSTN at all.
>
>* Place calls on Skype etc. directly.



You can do all of now if you are not on the legacy switch plafforms.



>
>Yes, I know, Asterix. But the ability to hack someone else's code is
>not the same as being able to make one device talk to another over a
>defined interface.


OMG Asterix totally sucks its THE ABSOLUTE WORST in security. The stories
of small business having hacked asterisk servers and having 100 thousand
dollar call bills to the Sudan are legion.

>
>
>Apple, Cisco, Google and Microsoft are all players in this game right
>now but none will deliver what the market needs. And they all could
>with just a little willingness to make the system open.

To be sure but one of the issues we were looking at in DISPATCH was the
CNIT concept or Calling Name Idenity Trust or the notion that SIP/IMS user
agents aka Apple Google Microsoft could display better identity data ( you
can still set for Anonymous  still supported ) but allow
for some more verbose data on who is calling you and does the network
trust the source from STIR data. I have called it CNAM+. I think 3GPP is
starting to look at that stuff in SA1 and 3 but we still need to define
how the SIP headers transport the data.


>
>The problem is that the telco people do not understand open systems
>and don't think of opening up the system as a possible solution. It
>simply isn't in their mid set.


There is a lot the legacy teleco people don¹t understand especially what
business there are in and some of the insane tariff structures they insist
on operating under. ³Money is the answer what is the question?²  At least
in North America we are pretty close to a full bill and keep model which
has completely blunted the effect of Skype and the OTT folks on domestic
call minutes.  International call arbitrage and OTT is now totally off the
charts. 40% or more by some data I¹ve seen.



>







[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]