FCC proposes $10 Million fine for spoofed robocalls
Michael Thomas
mike at mtcc.com
Fri Dec 20 18:40:16 UTC 2019
On 12/19/19 9:14 PM, Christopher Morrow wrote:
>> Plus if it didn't work well/too cumbersome/etc with email, it probably
>> won't be any better with voice. We have lots of experience with what
>> doesn't work for email.
> I sort of figured that the shaken/stir model that ( i happened to
> propose in their first meeting) of:
> "get the originator (handset, ebony phone, call-warehouse) to
> digitally sign the call initiation, propagate that through the network
> to the receiver (so they could associate the
> md5/sha256/cert-signature/etc with an identity, and let the receivers
> decide: 'Not in my known callers list, no answer'"
>
> was a great plan... that the folk in the room basically didn't
> understand (or even want me to voice, actually)... It's a shame that
> something like this wasn't created instead of shaken/stir. You could
> check the signature at any of the hops, start failing calls earlier as
> rates of completion didn't stay at some standard level. All sorts of
> options would be available, and really the callers could be identified
> (at least by endpoint) more quickly.
>
> oh well. glad we got shaken / stir though? :)
SHAKEN is trying to solve e.164 problem which inherently hard and
subject to a lot of cases where it fails. Their problem statement is
worth the read if you're interested.
But the reality is that it's a pretty SIP-y world these days, and the
proper identity for SIP is the From: address, not the e.164 address.
Since From: addresses contain domain names, you can tie identity to the
domain itself, instead of trying to make sense of telephone number
delegations. It would be trivial to attach a signature to the SIP
INVITE's -- we've been doing that for 15 years with email, and then you
at least know that the INVITE came from the domain it purports to be
from. It works even for PSTN last legs because the PSTN headend can
place the From: address in the caller id. Armed with that knowledge, you
can filter to your heart's content.
And since we've been told that 5G is a magic elixir that will wash our
clothes and dress our dogs, our new phones can just be SIP UA's instead
of going through the PSTN nonsense at all.
STIR/SHAKEN seems like a solution to a problem whose time is way overdue
to be retired.
Mike
More information about the NANOG
mailing list