 |
Reducing Unwanted Communications
using SIP (RUCUS) BOF
|
Request, IETF 71, Philadelphia, Pennsylvania, USA
BoF Title: Reducing Unwanted Communications using SIP (RUCUS)
Request-Date: 14-Jan-2008
Version: 1.2
Requester: Hannes Tschofenig
Chairs: Hannes Tschofenig/Francois Audet
BOF Date: 10-Mar-2008
The topic of dealing with unwanted
traffic in SIP has surfaced several times in the IETF in the context of
preventing Spam for Internet telephony. Previous attempts to have a
structured discussion about this topic have (among other reasons)
failed due to the strong focus on selected solution approaches.
Prior work in SIP on identity
management has an important role in this activity since a strong
identity mechanism in SIP has been seen as a prerequisity for
establishing authorization policies. Hence, the "Discussion and
Analysis of SIP Identity" (DASI) BoF is relevant for this event. Even
though there is no direct dependency between the two activities the
number of interested participants will quite likely overlap.
This BoF focuses on the discussion of
architectural aspects. The underlying theme is that the work on
building blocks is more fruitful once the larger framework is
understood. A number of solutions components have been submitted to the
IETF, have been published in the academic literature and
found their way into other standardization bodies. Reduce unwanted
communication requires authorization decisions to be made. These
decisions can be made based on individual sessions but also on the
interaction at a higher granularity (e.g., the interaction with a
specific VoIP provider network). Examples of questions with relevance for an architecture might be:
- Where does information for decision making come from?
- What are useful information items for decision making?
- Where are policy decision points located? What about the placement of policy enforcement points?
- Are privacy aspects to consider with the exchange of information?
- How does the underlying trust model look like?
- What assumptions are certain mechanisms based on?
- Can individual proposals be combined in a reasonable way?
- etc.
It is not the aim of the BoF to discuss specific solution approaches since it is likely that multiple techniques have to be used in concert.
BoF Goals
- Determine whether there is interest in the community to
investigate the architectural approaches surrounding the reduction of
unwanted communication in SIP.
- Discuss the next steps for work within the IETF. One possible
approach is the formation of an Exploratory Group, an experiment that
is layed out in RFC 5111, to investigate requirements and the
architectural background. This initial step should produce a roadmap
for further work on necessary solution components.
Agenda
The latest agenda can be found at:
http://www.ietf.org/proceedings/08mar/agenda/rucus.txt
Proposed Charter Text
The Session Initiation Protocol (SIP)
defines a system for user-to-user multimedia communications. Therefore,
it is susceptible to unwanted communication attempts. RFC 5039 analyzes
the problem of spam in SIP and examines various possible solutions that
have been discussed for email and considers their applicability to SIP.
RFC 5039 gives good, high-level recommendations regarding future work, namely
- Strong Identity
- White Lists
- Solve the Introduction Problem
- Don't Wait Until It's Too Late
Among the many individual solution
building blocks that are discussed in RFC 5039 (including content
filtering, black lists, white lists, consent-based communication,
reputation systems, address obfuscation, limited use addresses, turing
tests, computational puzzles, payments at risk, circles of trust, and
many others) there is no framework outlined how various mechanisms work
together to produce a complete solution nor does the document attempt
to offer a ranking to determine which solutions could form an initial
set of candiate for subsequent standardization.
This exploratory group chartered for
one year aims to create a venue where discussions on unwanted
communication in SIP can take place. The main goal of the group is to
produce an architecture document that sheds light on the interworking
between a minimal set of building blocks.
The group will consider prior work on
SIP identity and related techniques and will consult with privacy
experts to deal with the legal aspects of filtering communication
attempts.
Milestones
|
Mar 08
|
BoF @ IETF#71
|
|
Jul 08
|
Formation of an exploratory working group
|
|
Jan 09
|
First WG draft on the architecture document
|
|
Jun 09
|
Submit architecture document to the IESG for consideration as informational RFC
|
|
Jul 09
|
Close group and decide on future work
|
References
[RFC 5039] Rosenberg, J. and C. Jennings, "The Session Initiation Protocol (SIP) and Spam", RFC 5039, January 2008.
[draft-tschofenig-sipping-framework-spit-reduction]
H. Tschofenig, H. Schulzrinne, D. Wing, J. Rosenberg and D. Schwartz:
"A Framework to tackle Spam and Unwanted Communication for Internet
Telephony", draft-tschofenig-sipping-framework-spit-reduction-03.txt
(work in progress), Feb. 2008.
[draft-niccolini-sipping-spitstop] S.
Niccolini, J. Quittek: "Signaling TO Prevent SPIT (SPITSTOP) Reference
Scenario", draft-niccolini-sipping-spitstop-01.txt, (work in progress), Feb. 2008.