Want to get together with others and discuss in further detail what we can do about Spam for Internet Telephony (SPIT)? A new session has been approved for the IETF 71 meeting coming up in Philadelphia in March called “Reducing Unwanted Communications using SIP” a.k.a. “RUCUS” (Hey, it’s not a real IETF group until it has a cute acronym!) Hannes Tschofenig, who submitted the proposal, has created a RUCUS web page and is looking for feedback. The page says in part:
The topic of dealing with unwanted traffic in SIP has surfaced several times in the IETF in the context of preventing Spam for Internet telephony. Previous attempts to have a structured discussion about this topic have (among other reasons) failed due to the strong focus on selected solution approaches.
Prior work in SIP on identity management has an important role in this activity since a strong identity mechanism in SIP has been seen as a prerequisity for establishing authorization policies. Hence, the “Discussion and Analysis of SIP Identity” (DASI) BoF is relevant for this event. Even though there is no direct dependency between the two activities the number of interested participants will quite likely overlap.
This BoF focuses on the discussion of architectural aspects. The underlying theme is that the work on building blocks is more fruitful once the larger framework is understood. A number of solutions components have been submitted to the IETF, have been published in the academic literature and found their way into other standardization bodies. Reduce unwanted communication requires authorization decisions to be made. These decisions can be made based on individual sessions but also on the interaction at a higher granularity (e.g., the interaction with a specific VoIP provider network). Examples of questions with relevance for an architecture might be:
– Where does information for decision making come from?
– What are useful information items for decision making?
– Where are policy decision points located? What about the placement of
policy enforcement points?
– Are privacy aspects to consider with the exchange of information?
– How does the underlying trust model look like?
– What assumptions are certain mechanisms based on?
– Can individual proposals be combined in a reasonable way?
It is not the aim of the BoF to discuss specific solution approaches since it is likely that multiple techniques have to be used in concert.
If you are attending IETF 71 in Philadelphia in March, do plan on joining in the RUCUS! (I’ll be there.)