RE: [Sip] RE: Question on draft-ietf-sip-asserted-identity-02

["Cullen Jennings" <fluffy@cisco.com>]

The privacy provided by this system is only as good in as much as you can
trust the provider providing the privacy service. Let me explain this
confusing statement. Say I, fluffy, have a SIP phone. I have some sort of
subscriber contract with service.com. I set my outbound proxy to service.com
and send them a call and request privacy. Regardless of what number I
dialed, service.com can choose to do anything they want with this
information. The only thing I can do is take legal action if they do
something other than what my contract with them says they will do. I would
hope that my contract would say that they would always anonymize the call
and if that was not legally possible they would reject it and the only
exception to this would be a E911 call. I can easily imagine it will say
they make no guarantees about ever anonymizing anything and if it happened
to work you got lucky and all the liability of this was yours and if you
ever sued them they got to take your first born.

Cullen



-----Original Message-----
From: Mpierce1@aol.com [mailto:Mpierce1@aol.com]
Sent: Wednesday, October 23, 2002 5:56 AM
To: jon.peterson@neustar.biz; sunayak@hss.hns.com; sip@ietf.org;
fluffy@cisco.com; mwatson@nortelnetworks.com
Subject: Re: [Sip] RE: Question on draft-ietf-sip-asserted-identity-02


In a message dated 10/23/2002 5:41:00 AM W. Europe Daylight Time,
jon.peterson@neustar.biz writes:



We make no provision in any of these privacy/identity drafts, as far as I
can recall for cases in which a privacy service has policies that preclude
user requests for privacy. This would be comparable to the telephone network
rejecting your attempt to dial *67. Personally, I am not interested in
standardizing any case in which a privacy service with the relevant
capabilities would purposefully refuse to fulfill a user's request for
privacy. I suppose that if you were to implement this as a non-standard
mechanism, your option (a) would be vastly preferable (and would follow the
spirit of Section 5 of the privacy draft).





[MAP] I'm not sure if it is an example of what you referred to as "the
telephone network rejecting your attempt to dial *67", but today, dialing
*67 should have no effect on the delivery of the calling identity to the
other end when you dial an "800" number or 911 in the US.

In addition, I remember some years ago that the PUC in Florida approved the
assignment of a special office code that would override the originator's
request for privacy when they dialed *67 followed by a number in that office
code. It was just a regular looking telephone number (not something
recognizable like 800) that would always get the calling line ID. And it was
not intended specifically for police departments, etc. In this case, the
calling user's request for "privacy" was ignored.

These are not cases in which the privacy service refuses to fulfil the
user's request or rejects the *67, but rather, ones in which some other
service takes precedence. Is the "asserted identity" draft taking these
types of cases into account?

Mike Pierce
Artel

_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip