[Dundi] Looking Glass

Stastny Richard Richard.Stastny at oefeg.at
Fri Oct 29 02:38:43 CDT 2004 

>Mark:
> When I made my talk about DUNDi at VON, I was approached 
> after my talk by 
> the CEO of Vonage who waited in line in order to tell me he 
> would *never* 
> use this system (or ENUM) or anything which allowed any ability for 
> someone to determine who his customers were, no matter how 
> circuitous (I 
> told him I could make a web site that would pay $2 for anyone 
> that was a 
> vonage customer but he didn't seem to consider that a likely one).

DUNDi is playing in the same ballpark then _Carrier_ ENUM (to be
precise: Carrier ENUM shared within a (trust) con-federation).
So luckily the CEO from Vonage (as any provider) has no say
if his customers opts-in into (_user_) ENUM. The basic question
here is: will Vonage (and other already doomed bellhead PSTN-emulation 
_VoIP_ providers) offer their customers real VoIP by providing them with

_dial_ URI aka public sip URIs. This also implies two things: anybody
can call this sip address (this is equivalent that you can send an 
e-mail to every mailto: without your e-mail server having a bilateral
peering agreement with the receiving e-mail server) and second:
there will be NO termination charges.

Public ENUM is just an optional add-on to give you the sip URI related
to an E.164 number. If you would know the sip URI in the first place,
you do not need ENUM. The basic question in ENUM is: Do you have a
public
sip URI? If not, you cannot use ENUM. Period.

>Greg:
>As for the CEO of Vonage, when BGP was first introduced certain people
in 
>the industry freaked out over the same issues, but everyone got over it

>eventually.

Carrier ENUM and DUNDi allows you to peer the addresses of ingress
gateways
to your "network". Therefor you may have peering agreement and also you
MAY have termination charges (if in the peering (or settlement)
agreement)

The drawback is that you have to annonce at least the number range you
are serving or in case of a number range featuring NP every single
number
you serve. Most carriers (especially new entrants) do no like to annonce
this for two reasons: 1. competiters may make a head count and find
out (what they in most cases know anyhow) that there is a difference
between reality and propaganda, and second that competititors
(especially
the evil incumbents may use the information for direct marketing. The
reverse is easy for the new-entrants, because the just can make direct
marketing to anybody, the chance to hit an own customer is minimal.

So I can add to Greg: this is the reason why in many countries no
centralized database exists for NP.

On the other hand: if you want to peer on the Internet, there is finally
no other way to use constructs like Carrier ENUM or DUNDi. The other
alternative is to keep the PSTN up and running forever just as transit
and interconnect facility even of no end-user are connected anymore.

Richard


> -----Original Message-----
> From: Mark Spencer [mailto:markster at digium.com] 
> Sent: Friday, October 29, 2004 7:06 AM
> To: Distributed Universal Number Discovery
> Subject: RE: [Dundi] Looking Glass
> 
> 
> This is an extremely slippery slope.
> 
> The most important things DUNDi/e164 can do are to preserve 
> the integrity 
> and the privacy of the members participating.  When you 
> publically make 
> available information outside of the trust group, you are 
> weakening the 
> privacy of the members within the group.
> 
> The question is whether the existing language provides sufficient 
> protections.
> 
> Section 2f was explicitly created to prevent the dissimination of the 
> routes or any portion of them outside the trust group.
> 
> If the language in 2f is not strong enough to make that 
> protection, we may 
> need to revise it and publish a new revision of the GPA, but 
> upgrading the 
> GPA is not an easy task -- everyone would have to re-execute the new 
> version, effective a common time, at which point people who were only 
> running the old one would have to be cut off.  Obviously this 
> is a fairly 
> impractical scenario -- but much more practical right now 
> since we have 
> only a few tens of nodes.
> 
> When I made my talk about DUNDi at VON, I was approached 
> after my talk by 
> the CEO of Vonage who waited in line in order to tell me he 
> would *never* 
> use this system (or ENUM) or anything which allowed any ability for 
> someone to determine who his customers were, no matter how 
> circuitous (I 
> told him I could make a web site that would pay $2 for anyone 
> that was a 
> vonage customer but he didn't seem to consider that a likely one).
> 
> DUNDi/e164 has both a technical and non-technical portion.  
> There is a lot 
> of debate about the scalability of either.  The scalability of the 
> technical side is rather easily measurable, and there is a path to 
> improving it (I should have the push stuff done before too 
> long).  The 
> non-technical piece can only be scalable if it is enforced 
> 100%, right 
> from the start, and any infraction is immediately attacked.  
> If violations 
> become widespread, then truly, it will become worthless at large.
> 
> I cannot stress the importance of maintaining accuracy and privacy of 
> these numbers within the Trust Group and no amount of fancy 
> diagnostic 
> tools are worth that risk.
> 
> Mark
> 
> 
> On Thu, 28 Oct 2004, Brian West wrote:
> 
> > Ok I think the new LG is more of what we need.  It doesn't 
> display any 
> > identifying info about the route and I think that still follows the 
> > spirit of the GPA... What about you?
> >
> > bkw
> >
> >> -----Original Message-----
> >> From: dundi-bounces at lists.digium.com [mailto:dundi- 
> >> bounces at lists.digium.com] On Behalf Of Scott Wolf
> >> Sent: Thursday, October 28, 2004 10:34 PM
> >> To: Distributed Universal Number Discovery
> >> Subject: Re: [Dundi] Looking Glass
> >>
> >> I am now filtering out all user/pass's, EID's, and IP/Host's. 
> >> Basically just if a route exists, and cache info. EID 
> lookup is also 
> >> disabled.
> >>
> >> Would a click through of the GPA be enough to allow full access?
> >>
> >> Scott Wolf
> >> wolfson
> >>
> >> Martin List-Petersen wrote:
> >>
> >>
> >> 	Yes/No is a bit too little. You might want to know, if 
> a old entry 
> >> is being
> >> 	pushed or not. So masking the output to a certain 
> degree probably is 
> >> the best
> >> 	solution.
> >>
> >> 	/Marlow
> >>
> >> 	Quoting Brian West <brian at bkw.org> <mailto:brian at bkw.org> :
> >>
> >>
> >>
> >> 		I think the tool is acceptable if any info 
> about where or
> > who
> >> the number
> >> 		goes is masked.  I think the best response is 
> to say YES we see it 
> >> or NO we
> >> 		don't and the weight of the result if any.  It will also
> > help
> >> try to see if
> >> 		the rest of the network sees you from X or Y 
> perspective. What does
> >> 		everyone else think?
> >>
> >> 		bkw
> >>
> >>
> >>
> >> 			-----Original Message-----
> >> 			From: dundi-bounces at lists.digium.com 
> [mailto:dundi-
> >> 			bounces at lists.digium.com] On Behalf Of 
> Mark Spencer
> >> 			Sent: Thursday, October 28, 2004 9:43 PM
> >> 			To: dundi at lists.digium.com
> >> 			Subject: Re: [Dundi] Looking Glass
> >>
> >> 			The DUNDi Looking Glass, while neat, is also in
> >> violation of GPA section
> >> 			2f:
> >>
> >> 			     (f) A Participant may not disclose 
> any specific Route, 
> >> Service or
> >> 			         Participant contact 
> information obtained
> > from
> >> the Peering System
> >> 			         to any party outside of the 
> Peering System except as a
> >> 			         by-product of facilitating 
> communication in
> >> accordance with
> >> 			         section 2e (e.g., phone books or other
> >> databases may not be
> >> 			         published, but the Internet 
> addresses of
> > the
> >> Egress Gateway or
> >> 			         Service does not need to be 
> obfuscated.)
> >>
> >> 			I would like to solicit feedback from 
> the list about
> > how
> >> this tool might
> >> 			be more appropriately used.
> >>
> >>
> >>
> >>
> >> 	_______________________________________________
> >> 	Dundi mailing list
> >> 	Dundi at lists.digium.com
> >> 	http://lists.digium.com/mailman/listinfo/dundi
> >>
> >>
> >
> >
> > _______________________________________________
> > Dundi mailing list
> > Dundi at lists.digium.com 
> http://lists.digium.com/mailman/listinfo/dundi
> >
> _______________________________________________
> Dundi mailing list
> Dundi at lists.digium.com http://lists.digium.com/mailman/listinfo/dundi
>

More information about the Dundi mailing list