IETF Logo Mail Archive

[stir] ATIS Publishes Calling Party Spoofing Mechanisms and Mitigation Techniques Whitepaper

Russ Housley <housley@vigilsec.com> Fri, 22 April 2016 19:12 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CB5A12E275 for <stir@ietfa.amsl.com>; Fri, 22 Apr 2016 12:12:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.899
X-Spam-Level:
X-Spam-Status: No, score=-101.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YCkfXr6kalkx for <stir@ietfa.amsl.com>; Fri, 22 Apr 2016 12:12:33 -0700 (PDT)
Received: from odin.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id 30A7612E252 for <stir@ietf.org>; Fri, 22 Apr 2016 12:12:33 -0700 (PDT)
Received: from localhost (ronin.smetech.net [209.135.209.5]) by odin.smetech.net (Postfix) with ESMTP id 824F6F2402A for <stir@ietf.org>; Fri, 22 Apr 2016 15:12:32 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id tYEymhyUq6f8 for <stir@ietf.org>; Fri, 22 Apr 2016 14:56:56 -0400 (EDT)
Received: from [192.168.2.100] (pool-108-51-128-219.washdc.fios.verizon.net [108.51.128.219]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id CF559F2401F for <stir@ietf.org>; Fri, 22 Apr 2016 15:12:31 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_42401B55-FB48-429F-AA86-F61B5705BB69"
Message-Id: <2E8DCD83-7D46-4609-BE77-EF3D74AFCEE5@vigilsec.com>
Date: Fri, 22 Apr 2016 15:12:31 -0400
To: IETF STIR Mail List <stir@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/stir/2S5fp192KF26l5vbSLVoc5rzMeo>
Subject: [stir] ATIS Publishes Calling Party Spoofing Mechanisms and Mitigation Techniques Whitepaper
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Apr 2016 19:12:36 -0000

Please see attached communication from Susan M. Miller, ATIS President and CEO.

I will have this letter posted as a liaison statement.

Russ

= = = = = = = = = = 

ATIS
1200 G Street, NW Suite 500
Washington, DC 20005

April 21, 2016

via email, housley@vigilsec.com
Russ Housley
IETF, STIR WG Co-Chair
c/o IETF Secretariat
48377 Fremont Blvd., Suite 117
Fremont, California 94538

Re: ATIS White Paper on Calling Party Anti Spoofing

Dear Mr. Housley:

On behalf of the Alliance for Telecommunications Industry Solutions (ATIS), I am pleased to announce the publication of ATIS’ White Paper on Calling Party Spoofing Mechanisms and Mitigation Techniques. This white paper provides information on caller ID spoofing mitigation techniques and is available via the ATIS White Paper Library at: http://www.atis.org/01_resources/whitepapers.asp.

Both existing and proposed caller ID mitigation techniques are examined, including technical specifications and standards that would allow phone numbers to be “signed” at the origin and “verified” at the termination. The paper concludes that Caller ID spoofing is not a problem that can be fixed with a single solution and, as an alternative, proposes a layered approach, similar to that used in cybersecurity efforts.

This white paper is just one of several ATIS work programs aimed at examining and mitigating challenges associated with caller ID spoofing. Other relevant work is being completed in ATIS’ Next Generation Interconnection Interoperability Forum (NGIIF), which has recently published its Next Generation Network (NGN) Reference Document, outlining Caller ID issues and their impacts to consumers and to the network. The ATIS Packet Technologies and Systems Committee (PTSC) is working on a Technical Report on Originating Party Spoofing in IP Communication Networks. Additionally, ATIS is working with the SIP Forum on proposed enhancements to Secure Telephone Identity Revisited (STIR). We would be happy to provide further information on its Caller ID spoofing mitigation work programs.

If you have any questions or would like further information, please do not hesitate to contact me at smiller@atis.org or (202) 434-8828.

Sincerely,
Susan Miller President and CEO


v2.23.0 | Report a Bug | By Email