(1) What type of RFC is being requested?
It is appropriate to publish this problem statement as an Informational document.
(2) Please provide a Document Announcement Write-Up.
Over the past decade, Voice over IP (VoIP) systems based on SIP have
replaced many traditional telephony deployments. Interworking VoIP
systems with the traditional telephone network has reduced the
overall security of calling party number and Caller ID assurances by
granting attackers new and inexpensive tools to impersonate or
obscure calling party numbers when orchestrating bulk commercial
calling schemes, hacking voicemail boxes or even circumventing multi-
factor authentication systems trusted by banks. Despite previous
attempts to provide a secure assurance of the origin of SIP
communications, we still lack of effective standards for identifying
the calling party in a VoIP session. This document examines the
reasons why providing identity for telephone numbers on the Internet
has proven so difficult, and shows how changes in the last decade may
provide us with new strategies for attaching a secure identity to SIP
Working Group Summary
This document is a product of the STIR working group.
This document and its predecessors received significant review
from during the working group formation stages to its current form.
There is solid consensus that it reflects the problem the working
group intends to address.
Robert Sparks is the document shepherd.
Richard Barnes is the Responsible AD.
(3) Briefly describe the review of this document that was performed by the Document Shepherd.
The shepherd has reviewed this version of the document and its predecessors
to ensure it reflects working group discussions and to ensure it is ready
for wider review.
(4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed?
(5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that
We have had good cross-area participation in the development of this document, particularly from individuals that participate heavily in the security area.
(6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of?
There are no specific concerns to call out.
(7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed.
(8) Has an IPR disclosure been filed that references this document?
No IPR disclosures have been filed referencing this document.
(9) How solid is the WG consensus behind this document?
This document has been thoroughly discussed by the group and has strong consensus.
(10) Has anyone threatened an appeal or otherwise indicated extreme discontent?
There has been no threat of appeal or significant discontent expressed with the content of this document.
(11) Identify any ID nits the Document Shepherd has found in this document.
There is one reference that is not used (currently ).
(12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews.
This document contains no content needing this type of formal review.
(13) Have all references within this document been identified as either normative or informative?
(14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state?
There are no such references.
(15) Are there downward normative references references (see RFC 3967)?
There are no such references.
(16) Will publication of this document change the status of any existing RFCs?
(17) Describe the Document Shepherd's review of the IANA considerations section.
The IANA Consideration section contains:
This memo includes no request to IANA.
(18) List any new IANA registries that require Expert Review for future allocations.
There are none.
(19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc.
There are no formal languages used in this document.