FWIW (and considering that we may end up with a “rough consensus”), I agree
with Adam’s analysis below.
So, overall I do not think any changes are needed in the draft and it can
proceed to become a RFC.
Thanks,
Tolga
From: sipcore [mailto:sipcore-bounces(_at_)ietf(_dot_)org] On Behalf Of Adam
Roach
Sent: Tuesday, March 21, 2017 12:59 PM
To: Pete Resnick <presnick(_at_)qti(_dot_)qualcomm(_dot_)com>;
ietf(_at_)ietf(_dot_)org
Cc: ben(_at_)nostrum(_dot_)com; sipcore-chairs(_at_)ietf(_dot_)org;
sipcore(_at_)ietf(_dot_)org;
draft-ietf-sipcore-status-unwanted(_at_)ietf(_dot_)org
Subject: Re: [sipcore] Last Call: <draft-ietf-sipcore-status-unwanted-04.txt>
(A SIP Response Code for Unwanted Calls) to Proposed Standard
On 3/21/17 10:49, Pete Resnick wrote:
1. The 666 mechanism leaves the decision of what is meant by "unwanted" to
the provider, which will inevitably cause data loss through the use of
heuristics. Adding a header to the 603 response is an extensible mechanism that
could capture the single semantic bit of 666 and any future semantics that one
wishes to add, without requiring the provider to guess. The provider gets
definitive information that it can act on.
The problem is that the semantics of 666 are backwards from the semantics of
603.
603 means "there is an issue with the disposition of the *called* party that
prevents completing the call."
666 means "there is an issue with the disposition of the *calling* party that
prevents completing the call."
You're proposing conflating the two semantics, which necessarily introduces
more ambiguity, not less.
Carrier determination of how to handle these codes is, as with any nuisance
communication mitigation, going to necessarily be based on heuristics to avoid
accidental blacklisting, intentional blowback, and the inevitable gaming of the
system by bad actors. You imply that the application of heuristics is an
unwanted side effect of the system, when it in fact the primary goal.
In terms of being able to provide gradation between types of unwanted calls,
the application of a header -- as you propose -- to provide such indication
seems like a fine idea. I will point out one caveat and make one observation.
The caveat is that it would be harmful to add this header in a way that
reverses the sense of a response code, such as making 603 bear on the calling
party rather than the called party; so such an indication would need to be on a
new response code, such as the one currently proposed in
draft-ietf-sipcore-status-unwanted. The observation is that this mechanism can
be added to this new status at a later date, in a modular fashion and in a
backwards compatible way. In other words: your proposed enhancement is *nice*,
but it does not preclude publishing the mechanism currently described.
1. The 666 mechanism limits the implementation of the mechanism to a
1-button choice and requires additional standardization work to use a different
UI. Clearly 666 was designed around something akin to a "SPAM" button in the
UI. But what if I want a field in my address book that says, "Permanently block
this particular caller" (say, my ex-boyfriend or my annoying neighbor)? I don't
want to indicate that these are spam calls because I don't want my provider
applying heuristics to them. I want to send back a 603 with a header that says,
"Block these whenever you see them, but only for me." I can think of all sorts
of other-than-one-button UIs that someone might want to implement. 666 is tied
to a particular UI. 603 with a header is extensible.
That kind of persistent, hard-state user account configuration *really* isn't a
reasonable kind of thing to do with a SIP status code (not least of all because
you would need some mechanism for reviewing and managing such a list; and
whatever that mechanism is could just as readily be used for adding entries).
If you feel the need to pursue the somewhat related problem space of a
network-assisted blocklist, we have a variety of tools we could bring to bear,
such as XCAP. That's a separable problem, though, and I think that tangling it
up with spam mitigation is a huge mistake.
I'll also point out that devices are perfectly capable of handling this feature
locally without any assistance from the network, so I'm not sure how much value
would be added by defining a network-hosted version of the service. The
overarching point, though, is that a SIP response code is absolutely the wrong
approach for doing so.
1. The 666 mechanism will be treated as a 600 "Busy" error by un-upgraded
callers and/or providers. That might imply to some implementations that they
should try to re-dial (e.g., the provider using the auto-redial feature) or to
engage in other poor behavior. 603 with no Retry-After header already has a
semantic of "The call was rejected and I'm not telling you when a good time to
call back is", so there is some hope that an un-upgraded caller is more likely
to do the right thing.
This is really reaching, and I think is based on a misperception of how SIP
clients actually work when they receive 6xx responses. Taken to its logical
conclusion, if we accept your assertion then we can't ever define a new
6xx-class SIP response code for fear that such codes "might imply to some
implementations that they should try to re-dial (e.g., the provider using the
auto-redial feature) or to engage in other poor behavior."
/a