[VOIPSEC] (Missed)Trust in Caller ID Act

Simon Horne s.horne at packetizer.com
Sun Oct 15 22:44:15 CDT 2006 

Lets clarify something first:
1. SIP does not equal VoIP, SKYPE is VoIP, H.323 is VoIP, MGCP is VoIP, 
Asterisk is VoIP.
2. No protocol can be all things to everyone. Some are good one thing, some 
are good at another.

PSTN and SIP is not a good fit. On the other hand H.323 was always better 
suited because it was written by the same people as the PSTN and based from 
existing PSTN standards and most of the functionality is supported within 
the protocol, so it has been possible to run a large network and interlink 
50,000+ PSTN sites together into one network and do all the IP screening, 
call management/routing etc purely in IP. Example of a recent deployment: 
http://www.dailypayload.com/2334 . All calls can have CLI of the originator 
(Q931:DisplayIE) displayed on the receivers phone.

AntiSIP Working Group?
LOL It's time, the SIP three monkey syndrome (hear no evil, see no evil, 
speak no evil) was put to rest and proper analysis of the 
strengths/weakness of the protocol was conducted. In the haste to adopt SIP 
was proper analysis done on what people were trying to use it for? How much 
time and money have been wasted trying to get this stuff to do things it 
was never ever designed to do while at the same time belittling other 
workable solutions which, ultimately in the end is leaving customers 
holding a bag fully of empty promises.

**sigh** I fear it is all too late..

Simon


At 09:43 AM 16/10/2006, J. Oquendo wrote:
>So after re-reading and RE-READING this I don't see the implicit IS NOT
>indication. In fact let me re-point out something I see to invalidate
>the whole "THOU SHALL NOT SPOOF": "the mere existence of a feature or
>capability in the PSTN is not a justification for its inclusion in
>SIP." So the mere existence of CLI in the PSTN is not to be justified
>if included in SIP. Wait... The mere capability of something that the
>PSTN is "good" at is not a "justification" for its inclusion in SIP.
>Seems to me like this passage is telling me just because the PSTN
>justifies CLI, heck SIP shouldn't.
>
>So when did this RFC become "STANDARD"? We can all argues merits, pros
>and cons until our faces are blue won't solve much. This message
>though was by far one of the quirkiest yet. So what is your (the
>author's) proposal? Dump SIP entirely. Dump VoIP entirely? I'm with
>you. Just let me know beforehand when you create the AntiSIP Working
>Group so I can play the options market on companies worldwide. I
>can help with crapaganda on the evils of VoIP and we could be rich.
>I won't be the one to tell anyone how some VoIP providers manage to
>get phone services to remote locations where greedy PSTN companies
>didn't want to invest some money dropping copper. Nope. No one need
>know that some geeks invented a quicker, more economical method of
>providing public utility services. Besides VoIP isn't all that
>picture perfect pretty as copper PSTN no matter how many ugly load
>coils are thrown all over the neighborhood.
>
>Nope nothing serves us better than "line noise" inductive copper
>I mean fiber strands and their attenuation! The nerve of them!
>No need to get snippy if you live x0000k feet from the central
>office. Wait until the Bells re-group to the monopoly they once
>were. I mean it's just not worth using VoIP you should just wait.
>The Bells are almost all back together. They will build that
>central office you just wait and see. Oh and by the way, they've
>learned their lesson now, they won't charge you an arm and a leg.
>$79.99 for local and LD. No way VoIP provider X and their $19.99
>fees are going to do the same! Besides have we forgotten the
>origin of the initial message? (I see spoofed digits... All the
>time)
>
>*ducks*
>
>
>--
>=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
>J. Oquendo
>http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
>
>"How a man plays the game shows something of his
>character - how he loses shows all" - Mr. Luckey
>
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list