[Dundi] Looking Glass
Scott Wolf
lists at aginet.com
Fri Oct 29 09:17:23 CDT 2004
For the time being this seems to be the way to go. Adding an EID in the
username would also allow you to track if you have to revoke a login. I
have passworded the LG I wrote, and will give out a login/pass to anyone
who can demonstrate they are a member of the peering network.
Scott Wolf
Jason p wrote:
>any plans to put a password on the maps or some type of verification
>so that only members can see the data ? the maps make i easy to look
>at the network and see where you fit our could fit into the network.
>
>Jason
>
>
>On Fri, 29 Oct 2004 09:38:43 +0200, Stastny Richard
><richard.stastny at oefeg.at> wrote:
>
>
>>>Mark:
>>>When I made my talk about DUNDi at VON, I was approached
>>>after my talk by
>>>the CEO of Vonage who waited in line in order to tell me he
>>>would *never*
>>>use this system (or ENUM) or anything which allowed any ability for
>>>someone to determine who his customers were, no matter how
>>>circuitous (I
>>>told him I could make a web site that would pay $2 for anyone
>>>that was a
>>>vonage customer but he didn't seem to consider that a likely one).
>>>
>>>
>>DUNDi is playing in the same ballpark then _Carrier_ ENUM (to be
>>precise: Carrier ENUM shared within a (trust) con-federation).
>>So luckily the CEO from Vonage (as any provider) has no say
>>if his customers opts-in into (_user_) ENUM. The basic question
>>here is: will Vonage (and other already doomed bellhead PSTN-emulation
>>_VoIP_ providers) offer their customers real VoIP by providing them with
>>
>>_dial_ URI aka public sip URIs. This also implies two things: anybody
>>can call this sip address (this is equivalent that you can send an
>>e-mail to every mailto: without your e-mail server having a bilateral
>>peering agreement with the receiving e-mail server) and second:
>>there will be NO termination charges.
>>
>>Public ENUM is just an optional add-on to give you the sip URI related
>>to an E.164 number. If you would know the sip URI in the first place,
>>you do not need ENUM. The basic question in ENUM is: Do you have a
>>public
>>sip URI? If not, you cannot use ENUM. Period.
>>
>>
>>
>>>Greg:
>>>As for the CEO of Vonage, when BGP was first introduced certain people
>>>
>>>
>>in
>>
>>
>>>the industry freaked out over the same issues, but everyone got over it
>>>
>>>
>>>eventually.
>>>
>>>
>>Carrier ENUM and DUNDi allows you to peer the addresses of ingress
>>gateways
>>to your "network". Therefor you may have peering agreement and also you
>>MAY have termination charges (if in the peering (or settlement)
>>agreement)
>>
>>The drawback is that you have to annonce at least the number range you
>>are serving or in case of a number range featuring NP every single
>>number
>>you serve. Most carriers (especially new entrants) do no like to annonce
>>this for two reasons: 1. competiters may make a head count and find
>>out (what they in most cases know anyhow) that there is a difference
>>between reality and propaganda, and second that competititors
>>(especially
>>the evil incumbents may use the information for direct marketing. The
>>reverse is easy for the new-entrants, because the just can make direct
>>marketing to anybody, the chance to hit an own customer is minimal.
>>
>>So I can add to Greg: this is the reason why in many countries no
>>centralized database exists for NP.
>>
>>On the other hand: if you want to peer on the Internet, there is finally
>>no other way to use constructs like Carrier ENUM or DUNDi. The other
>>alternative is to keep the PSTN up and running forever just as transit
>>and interconnect facility even of no end-user are connected anymore.
>>
>>Richard
>>
>>
>>
>>
>>
>>
>>>-----Original Message-----
>>>From: Mark Spencer [mailto:markster at digium.com]
>>>Sent: Friday, October 29, 2004 7:06 AM
>>>To: Distributed Universal Number Discovery
>>>Subject: RE: [Dundi] Looking Glass
>>>
>>>
>>>This is an extremely slippery slope.
>>>
>>>The most important things DUNDi/e164 can do are to preserve
>>>the integrity
>>>and the privacy of the members participating. When you
>>>publically make
>>>available information outside of the trust group, you are
>>>weakening the
>>>privacy of the members within the group.
>>>
>>>The question is whether the existing language provides sufficient
>>>protections.
>>>
>>>Section 2f was explicitly created to prevent the dissimination of the
>>>routes or any portion of them outside the trust group.
>>>
>>>If the language in 2f is not strong enough to make that
>>>protection, we may
>>>need to revise it and publish a new revision of the GPA, but
>>>upgrading the
>>>GPA is not an easy task -- everyone would have to re-execute the new
>>>version, effective a common time, at which point people who were only
>>>running the old one would have to be cut off. Obviously this
>>>is a fairly
>>>impractical scenario -- but much more practical right now
>>>since we have
>>>only a few tens of nodes.
>>>
>>>When I made my talk about DUNDi at VON, I was approached
>>>after my talk by
>>>the CEO of Vonage who waited in line in order to tell me he
>>>would *never*
>>>use this system (or ENUM) or anything which allowed any ability for
>>>someone to determine who his customers were, no matter how
>>>circuitous (I
>>>told him I could make a web site that would pay $2 for anyone
>>>that was a
>>>vonage customer but he didn't seem to consider that a likely one).
>>>
>>>DUNDi/e164 has both a technical and non-technical portion.
>>>There is a lot
>>>of debate about the scalability of either. The scalability of the
>>>technical side is rather easily measurable, and there is a path to
>>>improving it (I should have the push stuff done before too
>>>long). The
>>>non-technical piece can only be scalable if it is enforced
>>>100%, right
>>>from the start, and any infraction is immediately attacked.
>>>If violations
>>>become widespread, then truly, it will become worthless at large.
>>>
>>>I cannot stress the importance of maintaining accuracy and privacy of
>>>these numbers within the Trust Group and no amount of fancy
>>>diagnostic
>>>tools are worth that risk.
>>>
>>>Mark
>>>
>>>
>>>On Thu, 28 Oct 2004, Brian West wrote:
>>>
>>>
>>>
>>>>Ok I think the new LG is more of what we need. It doesn't
>>>>
>>>>
>>>display any
>>>
>>>
>>>>identifying info about the route and I think that still follows the
>>>>spirit of the GPA... What about you?
>>>>
>>>>bkw
>>>>
>>>>
>>>>
>>>>>-----Original Message-----
>>>>>From: dundi-bounces at lists.digium.com [mailto:dundi-
>>>>>bounces at lists.digium.com] On Behalf Of Scott Wolf
>>>>>Sent: Thursday, October 28, 2004 10:34 PM
>>>>>To: Distributed Universal Number Discovery
>>>>>Subject: Re: [Dundi] Looking Glass
>>>>>
>>>>>I am now filtering out all user/pass's, EID's, and IP/Host's.
>>>>>Basically just if a route exists, and cache info. EID
>>>>>
>>>>>
>>>lookup is also
>>>
>>>
>>>>>disabled.
>>>>>
>>>>>Would a click through of the GPA be enough to allow full access?
>>>>>
>>>>>Scott Wolf
>>>>>wolfson
>>>>>
>>>>>Martin List-Petersen wrote:
>>>>>
>>>>>
>>>>> Yes/No is a bit too little. You might want to know, if
>>>>>
>>>>>
>>>a old entry
>>>
>>>
>>>>>is being
>>>>> pushed or not. So masking the output to a certain
>>>>>
>>>>>
>>>degree probably is
>>>
>>>
>>>>>the best
>>>>> solution.
>>>>>
>>>>> /Marlow
>>>>>
>>>>> Quoting Brian West <brian at bkw.org> <mailto:brian at bkw.org> :
>>>>>
>>>>>
>>>>>
>>>>> I think the tool is acceptable if any info
>>>>>
>>>>>
>>>about where or
>>>
>>>
>>>>who
>>>>
>>>>
>>>>>the number
>>>>> goes is masked. I think the best response is
>>>>>
>>>>>
>>>to say YES we see it
>>>
>>>
>>>>>or NO we
>>>>> don't and the weight of the result if any. It will also
>>>>>
>>>>>
>>>>help
>>>>
>>>>
>>>>>try to see if
>>>>> the rest of the network sees you from X or Y
>>>>>
>>>>>
>>>perspective. What does
>>>
>>>
>>>>> everyone else think?
>>>>>
>>>>> bkw
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: dundi-bounces at lists.digium.com
>>>>>
>>>>>
>>>[mailto:dundi-
>>>
>>>
>>>>> bounces at lists.digium.com] On Behalf Of
>>>>>
>>>>>
>>>Mark Spencer
>>>
>>>
>>>>> Sent: Thursday, October 28, 2004 9:43 PM
>>>>> To: dundi at lists.digium.com
>>>>> Subject: Re: [Dundi] Looking Glass
>>>>>
>>>>> The DUNDi Looking Glass, while neat, is also in
>>>>>violation of GPA section
>>>>> 2f:
>>>>>
>>>>> (f) A Participant may not disclose
>>>>>
>>>>>
>>>any specific Route,
>>>
>>>
>>>>>Service or
>>>>> Participant contact
>>>>>
>>>>>
>>>information obtained
>>>
>>>
>>>>from
>>>>
>>>>
>>>>>the Peering System
>>>>> to any party outside of the
>>>>>
>>>>>
>>>Peering System except as a
>>>
>>>
>>>>> by-product of facilitating
>>>>>
>>>>>
>>>communication in
>>>
>>>
>>>>>accordance with
>>>>> section 2e (e.g., phone books or other
>>>>>databases may not be
>>>>> published, but the Internet
>>>>>
>>>>>
>>>addresses of
>>>
>>>
>>>>the
>>>>
>>>>
>>>>>Egress Gateway or
>>>>> Service does not need to be
>>>>>
>>>>>
>>>obfuscated.)
>>>
>>>
>>>>> I would like to solicit feedback from
>>>>>
>>>>>
>>>the list about
>>>
>>>
>>>>how
>>>>
>>>>
>>>>>this tool might
>>>>> be more appropriately used.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Dundi mailing list
>>>>> Dundi at lists.digium.com
>>>>> http://lists.digium.com/mailman/listinfo/dundi
>>>>>
>>>>>
>>>>>
>>>>>
>>>>_______________________________________________
>>>>Dundi mailing list
>>>>Dundi at lists.digium.com
>>>>
>>>>
>>>http://lists.digium.com/mailman/listinfo/dundi
>>>
>>>
>>>_______________________________________________
>>>Dundi mailing list
>>>Dundi at lists.digium.com http://lists.digium.com/mailman/listinfo/dundi
>>>
>>>
>>>
>>_______________________________________________
>>Dundi mailing list
>>Dundi at lists.digium.com
>>http://lists.digium.com/mailman/listinfo/dundi
>>
>>
>>
>_______________________________________________
>Dundi mailing list
>Dundi at lists.digium.com
>http://lists.digium.com/mailman/listinfo/dundi
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/dundi/attachments/20041029/ff19a2c7/attachment-0001.html
More information about the Dundi
mailing list