Mailing List Archive

1 2 3  View All
Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC [ In reply to ]
On 7/18/19 3:15 PM, Jay R. Ashworth wrote:
> ----- Original Message -----
>> From: "Michael Thomas" <>
>> On 7/15/19 12:07 PM, Jay R. Ashworth wrote:
>>> Yes, of course we sent out calls with "spoofed" CNID.
>>> But, even though only 2 or 3 or our 5 carriers* held *our* feet to the fire,
>>> we held the clients' feet to the fire, requiring them to prove to our
>>> satisfaction that they had adminstrative control over the numbers in question.
>>> But it's the carrier's responsibility, properly, to do that work.
>> How do the clients prove that?
> Do you know, I don't know; it was above my paygrade; the few times I stubbed
> a toe on it, I threw it over a wall.
> I presume that there was paperwork...

I still think this would be much easier to solve in the Internet domain
instead of in the PSTN domain. That is, use SIP From: address instead of
telephone numbers. We already have the ability to give with reasonable
certainty that a message has been originated by a given domain. If we
present that address in preference to caller ID, and I can filter based
on that it puts a lot of positive pressure on legit callers to identify
themselves (they already do it for their email), and negative pressure
on the callerid holdouts. They'd have to use their own domain name and
prove their control of it, and that's a good thing. You'd think this
would be easier for the carriers too since they wouldn't have to vet
shady clients... it's their domain they're trashing, not the carriers.

I for one would be perfectly happy with a UA that went straight to a
quarantine if it only had callerid in it.

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC [ In reply to ]
On 11 Jul 2019, at 3:23 PM, Michael Thomas <> wrote:
> I used to think that email spam was a law enforcement problem too, but it's become very clear that law enforcement has little to no interest in solving geeks' problems.

Law enforcement deals with legal entities (persons, organizations) and jurisdictions (i.e. physical locations) in determining both applicable law and appropriate enforcement authority.

The Internet does not provide reliable attribution of entity or locale, thus precluding any efficient use of our existing law enforcement framework – it is no surprise that our Internet design choices have such consequences.

c'est la vie sur Internet,

1 2 3  View All