SITR/SHAKEN implementation in effect today (June 30 2021)

Michael Thomas mike at
Fri Jul 9 20:47:36 UTC 2021

On 7/9/21 1:36 PM, K. Scott Helms wrote:
> Nothing will change immediately.  Having said that, I do expect that 
> we will see much more effective enforcement. The investigations will 
> come from the ITG (Industry Traceback Group) with enforcement 
> coming from FCC or FTC depending on the actual offense.  The problem 
> has been that it's been far too easy for robocalling companies to hop 
> from one telecom provider to another.  Now there are requirements 
> around "know your customer" that telecom operators have to follow and 
> the ITG will have a much better chance of figuring out who the bad 
> actor is than they have in the past.

The thing is that that shouldn't have been held up by rolling out STIR. 
With email, there was nothing akin to the FCC so it was really the only 
name-and-shame stick we had. This could have been done years ago.

> Longer term I worry that this will lead to more attacks on PBXs, 
> eSBCs, and VOIP handsets to be able to call either from that endpoint 
> itself or be able to use the SIP credentials. The market for robocalls 
> will certainly not disappear.
A meta question that really needs to be asked these days is why we even 
need telco telephony anymore. A lot of problems go away if you are not 
in thrall to 100 year old technology and its accreted kruft.


More information about the NANOG mailing list