Hi Martin,
T-Mobile, Verizon, and AT&T all had representation at today's meeting. And for what it is worth, although he's not with a wireless carrier, I noticed Ken Carlberg, CTO in the Public Safety & Homeland Security Bureau, FCC, has also been attending the last couple of meetings.
You seem very concerned about something, and you're not typically a pedant, and although we've been working together for ~13 years, I don't understand. Can you please elaborate on your concerns?
Since you expressed a concern about a meeting report, I'll volunteer a report from my notes, but the meeting was also recorded by Anna Karditzas [ATIS] and that will be better than my notes.
The conversation today was going over a draft "baseline analysis report" on Message Sender Identification submitted by Chris Wendt earlier this week. Chris opened the meeting after Anna started recording and ran through the patent and anti-trust declarations and announced the attendees. Chris presented the 1st page of the contribution and opened the discussion for questions or suggestions from the floor.
I started the discussion by encouraging folks to provide feedback to Chris or the subgroup in any way in which they were comfortable, although formalized ATIS contributions against a baseline text were preferred. I also then expressed 2 concerns I had with the draft analysis Chris had submitted.
I noted first that a primary focus of the analysis is on A2P and impersonation of organizational identity as represented by Telephone Numbers whose provenance cannot be reliably verified. I argued that TNs are an insufficiently stable organizational identifier because of porting, M&A, number management, etc., and better organization identity identifiers are available. E.g., Legal Entity Identifier (LEI) based on International Standards Organization (ISO) specifications developed from requirements provided by the Global Legal Entity Identifier Foundation (GLEIF) in Basel, Switzerland established by the Financial Stability Board (FSB) of the G20 after the 2008 global financial crisis.
Secondly, I noted that while I agree it is entirely sensible to focus on what the industry, and specifically, the IP-NNI might do to develop solutions for the well-established challenges of verifiable message sender identity end-to-end, we must not forget that the final analysis of the trustworthiness of a message is the analysis done by the message recipient themselves, and that an authorized identifier isn't going to be as meaningful and helpful as a human-understandable identity. i.e., we must include a focus on what can processes and technology make available directly in the display for consumers, especially the most vulnerable members of the community, to help them avoid being impacted by message sender impersonation.
Chris thanked me for my comments and acknowledged the technical concerns but also emphasized the focus of the messaging fraud analysis is not to develop solutions but instead to decide if there is something the ATIS/SIP Forum IP-NNI can or should contribute to the industry's efforts to combat message sender impersonation mainly because of the extensive experience in developing PKI technology specific to telecommunications, and especially communications signaled using SIP protocol. (As you know, a portion of SMS/MMS message path is SIP, and RCS/RBM is entirely SIP.)
Dr. Brad Reaves of North Carolina State University offered to provide a contribution to assist the analysis by presenting messaging threat vector intelligence data they've gathered from research.
Stephanie Lashley with T-Mobile expressed her concern that one of the things they would like to have available to them is usage history of Telephone Numbers to help them better evaluate TN usage patterns and assess risks accordingly.
Sarah Delphey of Bandwidth also made comments that sparked my memory about consumer message recipients, and I started making notes and missed most of what she said unfortunately. Thankfully, the meeting was recorded so I (and everyone) can go back and re-listen to Sarah.
Rich Shockey, Chairman of the SIP Forum also volunteered that he had written an informal memorandum to the subgroup outlining his thoughts on the message sender impersonation crisis.
There may have been other discussion and speakers, but my notes don't show it. I also know I did not manage a complete list of attendees. E.g., I thought I also saw Yi Jing from Verizon, but I'm not sure.
That pretty much summarizes the discussion. We did not meet for the entire hour. We scheduled the next meeting for noon ET on Friday, April 10th, and then Chris adjourned the meeting.
Attendees I noted:
Anna Karditzas [ATIS]
Jackie Wohlgemuth [ATIS]
Brent Struthers [ATIS]
Chris Wendt [Somos]
Alec Fenichel [TransNexus]
Alyssia S. [Bandwidth]
Sarah Delphey [Bandwidth]
Brad Reaves [NCSU]
Terri Brooks [T-Mobile]
Clark Whitten [Cox]
David Casem [Telnyx]
Deb Tucker [Verizon]
Joe Dechant [TNS]
Glenn Clepper (Charter)
Jonathan Vimont [Sinch]
Julie Fowler [First Orion]
Kenneth Carlberg [FCC]
Kevin Burns [Charter]
Mary Barnes [TransUnion]
Matt Timmerman [TNS (fka iconectiv)]
Pierce Gorman [Numeracle]
Sam Etler [Numeracle]
Charles Musgrove [unk]
Howard Lang [AT&T]
Hope this helps.
Best regards,