Re: [Ecrit] FW: [Geopriv] Winterbottom-ecrit-direct considered

[Brian Rosen <br at brianrosen.net>]

I guess I've pretty much said my piece here Martin.

We'll accept calls from Skype, regardless of the fact that the identity may
be pretty weak.  These days, law enforcement can do pretty well with an IP
address and email address, but it's not foolproof.  It's my opinion, after
talking to them, that PSAPs STRONGLY prefer that a service provider be in
the path, and by service provider they mean calling network and not ISP.
For the purposes of this discussion, they don't want calls that have no SP.
I hesitate to call them VSPs, because "Voice" isn't right, but that's the SP
we mean.  

I agree that we'll be looking for the ISP to be able to help us with abuse
if we need them to.  We do want signed location, to provide some integrity
protection, and we definitely need the identity of the ISP that provided
location in the PIDF.  That's an AND, and not an OR though.  It's hard to
call location a reliable identity.  Too easy to discard.  We DO take calls
without location.  We don't like those either.

In normal circumstances, we take calls from anywhere, regardless of whether
they follow rules.  Frankly, I think if the call has an INVITE that looks
vaguely reasonable, with any form of sos urn, we'll probably take it until
it proves to be abusive or part of an attack.

So, yes, we'll take a call not from an SP, but we don't want to see such
calls.  We certainly don't want to encourage them.

But I think I am repeating myself, so unless there is something new, I'll
take a break from this thread.

Brian



On 11/3/09 11:23 AM, "Dawson, Martin" <Martin.Dawson at andrew.com> wrote:

> Hi Brian,
> 
> Please *define* what you mean when you keep saying SP in this thread.
> 
> There are two VoIP providers I use regularly; MyNetFone which is an Oz
> provider and Skype. There are others as well that I use as circumstance
> suggests. So... come to the US and I'll only be entitled to second class
> emergency service calling?
> 
> Skype is the one I use the most, though I have a number of subscriptions. The
> most recent one is "martin-psp" which I exclusively log onto from my PSP and
> use, again, in circumstances where it's most convenient.
> 
> Now I don't *need* to provide any useful information (from an ESP perspective)
> to have these accounts. There's no identity information of the type you refer
> to.
> 
> The only reason Skype want more rigorous identity information is when they
> want to charge me money (e.g. for Skype out/in) - even then it might just be a
> PayPal username. The only reason any commercial VSP wants this sort of
> information is when they want to charge money. So... you appear to be limiting
> "premium" emergency service access to people with credit cards.
> 
> And - in any case - you haven't addressed your invented problem. People can
> still call the ESRP without going through one of these "blessed" VSP
> operators. So what have you achieved?
> 
> There's no empirical, or even anecdotal, evidence for your claims as far as I
> know. Please cite your sources. We've put the mechanisms in place to provide
> reliable location identity with calls (via the ISPs of course). Where is the
> study that shows that people are going to go running off to free airport WiFi
> access points (despite the fact that their location will be known) and start
> making nuisance calls in high volume? By the same token, where is the evidence
> that this would be mitigated by a patchwork of occasional and often foreign
> VSP subscriptions?
> 
> Regards,
> Martin
> 
> -----Original Message-----
> From: ecrit-bounces at ietf.org [mailto:ecrit-bounces at ietf.org] On Behalf Of
> Brian Rosen
> Sent: Wednesday, 4 November 2009 12:37 AM
> To: Marc Linsner; ecrit at ietf.org
> Subject: Re: [Ecrit] FW: [Geopriv] Winterbottom-ecrit-direct considered
> 
> inline
> 
> 
> On 11/3/09 10:18 AM, "Marc Linsner" <mlinsner at cisco.com> wrote:
> 
>> 
>> 
>> On 11/2/09 11:56 AM, "Brian Rosen" <br at brianrosen.net> wrote:
>> 
>>> Nope, just dealing with reality.
>>> 
>>> Reality is that calls come from service providers. They like it that way.
>> 
>> I'll ask again, how does a call coming from a particular service provider
>> relate to the nature/veracity of the emergency?
> The quality of the information, and the ability to get additional
> assistance, if needed, depends on the SP, if there is any.  Most SPs have
> dedicated emergency call teams that will quickly assist a PSAP if there is a
> problem.  They have information which may be valuable to the PSAP.  PSAPs
> appreciate this.  They depend on it.  They really work over SPs who don't do
> that.
> 
> 
>> 
>>> 
>>> If that changes, then strategies should change, but emergency calling ought
>>> not to be the driver for any such change.
>> 
>> I have doubts that PS could alter the VoIP marketplace.
> I assume "PS" is "SP".  SPs ARE the VoIP marketplace.  There is no VoIP
> marketplace without SPs presently.  There is no reason to think that will
> change
> 
>> 
>>> 
>>> What "real value of the information included with the call" am I ignoring?
>>> I said we'll deal with addresses (albeit, with SBCs and all manner of NATs,
>>> that is getting pretty hard to do) first.  What else should we look for?
>> 
>> 
>> 1) Location: Have I had other calls within x meters of this location in the
>> last 5 minutes? 20 minutes? 1 hour? 24 hours?
> The primary problem is abuse.  What should I do if I had a legitimate call
> from the same location, but a different address/SP/...?  What should I do if
> I had an abusive call from the same location?  Our statistics on that are
> probably poor, but my personal opinion is that location is not a good
> indicator of abuse.  I suppose it depends on how reliable location will be
> with abusive calls.  If it turns out to be very reliable, that might be
> helpful.  I suspect the abuser will manage to make location unreliable.  I
> guess we will see.  We certainly have the ability to use location as an
> input to the routing decisions, so no problem if it actually works.
> 
> Of course, in the current systems, you don't get location with a "simless"
> call.  I agree that we shouldn't assume that will be the case going forward.
> 
> I would not use this for a DDoS attack.  That would kill a call from a
> non-compromised device in a residence/office with one that was compromised.
> 
>> 
>> 2) Caller Identity (From; Contact): Have I had other calls with the same
>> identity in the last 5 minutes? 20 minutes? 1 hour? 24 hours?
> Yes, this is like address. We'll clearly start with that.  If it works,
> that's our primary defense.   Often effective on abuse, usually not
> effective enough on a DDoS: you shut off the sources you know are bad, but
> too many new ones pop up to make that effective enough.  It's also usually
> spoofed.
> 
>> 
>> 3) Network Address: Have I received other calls from this IP address in the
>> last 5 minutes? 20 minutes? 1 hour? 24 hours?
> As above.
> 
> The "filter based on source SP" is a secondary line of defense.  An attack
> signature is an even better line of primary attack, if there is one.  Normal
> abuse would not have a signature.  A DDoS attack often does.
>> 
>> -Marc-
>> 
>> 
>> 
> 
> 
> _______________________________________________
> Ecrit mailing list
> Ecrit at ietf.org
> https://www.ietf.org/mailman/listinfo/ecrit
>