[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FCC proposes $10 Million fine for spoofed robocalls

On 12/20/19 11:46 AM, Christopher Morrow wrote:
> On Fri, Dec 20, 2019 at 1:40 PM Michael Thomas <mike at mtcc.com> wrote:
>> SHAKEN is trying to solve e.164 problem which inherently hard and
>> subject to a lot of cases where it fails. Their problem statement is
>> worth the read if you're interested.
> I'll have to go read, I didn't pay attention much to stir/etc after
> the first meeting when it was made very clear that they really didn't
> want opionions from outside their group (at that time) or
> thoughts/ideas that came from outside the bell-shaped-head space. is
> fine, I had many other problems to solve.

I know most of the people who worked on this, and it definitely seems 
like it got wrapped around a bell shaped axle. But P-ASSERTED-IDENTITY 
was always about telco stuff, not internet stuff, so it's unsurprising 
that trying to get a workable version of P-ASSERTED-IDENTITY wouldn't be 
receptive to solutions for other problems.

>> And since we've been told that 5G is a magic elixir that will wash our
>> clothes and dress our dogs, our new phones can just be SIP UA's instead
>> of going through the PSTN nonsense at all.
> the think is.. SIP doesnt' matter here.. not really.
> or I don't care about the carriage, as long as I can say: 'the think
> I'm talking at on the 'far end' is whom they say they are...
> verified... no one else can pretend to be that thing/person/etc"
To know *exactly* who's at the other end of the line is an extremely 
hard problem. But if are willing to relax that a bit and say that I can 
know for certain the *domain* that sent it, we definitely know how to do 
that, and happens billions of times an hour. For example, I can be 
pretty sure that morrowc.lists at gmail.com is probably the whoever owns 
that account since google is very strict about smtp auth, and i know 
that gmail.com sent the message. And obviously with a domain identifier, 
you can be held accountable by blacklist services, etc.

But my main point is that with 5G there's really no reason to keep the 
legacy PSTN stuff there. Why do I want to be beholden to legacy telco 
stuff when everything can do voip these days? E.164 needs to sail into 
the west.