As systems become increasingly interconnected, how do we prevent Spam for Internet Telephony, a.k.a. “SPIT” or “VoIP spam”. As we talked about in this blog and on the Blue Box podcast, SPIT today is not really a huge issue because the PSTN serves as a de facto firewall between companies/entities. But as we move toward increasing interconnection and to the point where a random SIP user could make a SIP connection across the Internet to any other random SIP user, we definitely do have to worry about SPIT and how to prevent it.
Within the IETF, a group has been working on the issue and now has two documents available for review:
- A Framework for Reducing Spam for Internet Telephony
- Requirements for Authorization Policies to tackle Spam for Internet Telephony and Unwanted Traffic
This is the initial release of both documents and the authors are definitely seeking feedback. Speaking of the authors, they include many of the names we have mentioned here in the past involved with VoIP security within the IETF space: Hannes Tschofenig of Nokia Siemens, Henning Shulzrinne of Columbia University, Dan Wing of Cisco, Jonathan Rosenberg of Cisco and David Schwartz of Kayote. (Geoffrey Dawirs of University of Namur and Thomas Froment of Alcatel-Lucent are also authors of one, but I don’t believe we’ve spoken of either of them here before.) They are definitely people who understand the space and have put some thought into it.
I would encourage everyone to take a look at those documents and send in feedback, either to the IETF mailing lists or directly to Hannes Tschofenig (editor of both docs). We have an opportunity here to make sure that interconnected VoIP does NOT become the utter cesspool of spam that email has become. Let’s make sure we do it right!