[VOIPSEC] An issue of trust?

Sun Jun 18 12:54:19 CDT 2006

"Geoff Devine" <gdevine at cedarpointcom.com> writes:

>> Any reasonable SIP or MGCP switch or SBC should be already capable of
>> handling the CALEA requirements.
>
>Actually, that's not 100% true for SIP endpoints.  J-STD-025 requires
>that _ALL_ telephony events and features get reported on a "call detail
>channel".  There is an FBI conformance test to verify this.  If you do a
>lot of telephony features within the SIP User Agent, there is no way you
>can pass this particular sub-section of the FBI conformance test.  For
>example, you can't distinguish with 100% certainty the difference
>between a 3-way conference and two separate calls on a 2-line ATA when
>the conference bridge is local to the ATA.  

So long as the endpoint isn't supplied by the service provider, I don't
_think_ it falls under CALEA - CALEA requires that service providers do and
report various things, not that user-purchased-equipment providers do
things.  (So far.)  It may not fall under CALEA even if it's provided by
the service provider - you'd have to read the details and then argue
interpretations, and right now the FCC is pretty much ignoring the text
and legislative history of CALEA anyways.

>Randell Jesup also writes:
>
>> An SBC (or equivalent) setup has issues when the provider of the proxy
>> doesn't also control the access link to the subscriber.  The issues have
>> to do with call quality, and to enable the 1 in 100,000,000 chance a
>> call will need to be intercepted (excluding police states or
>> "trolling"...), ALL calls will be slightly to severely negatively
>> impacted (added delay, packet loss, point of failure).  And the cost is
>> far from negligible as the revenue model shifts away from traditional
>> POTS models.
>
>If you are offering interoperability with the PSTN, you inherit PSTN
>requirements.  This costs money.  As much as "over the top" service
>providers wish it were so, you can't escape from CALEA requirements.

The original rulings were that CALEA applied to calls to/from the PSTN -
this is a defensible position, and had little/no impact on smaller
providers - the PSTN gateways could offer the main CALEA support.  The new
rules that if one phone on your network can go to/from the PSTN, every call
(IP<->IP) falls under CALEA.  This is a huge, major impact.

>This is a cost to service providers that ends up being passed to the
>customer.

It's not just a cost in dollars - it's more like static being injected into
your phone line.  One of IP telphony's biggest problems is delay (and
related, packet loss).  Unless you own the access medium (i.e. cable
companies), you can't guarantee an SBC (for CALEA support) will be close
(in hops/ms) to one of the endpoints.  If one isn't close, you could add
50, 100, or in extreme cases 200-250ms to every call, causing many calls to
"fall over the cliff" around 150ms one-way delay where quality goes down
and talkover starts to become a problem.

>  Similarly, Vonage discovered a couple of days ago that they
>are now subject to Universal Service charges.  A piece of your Vonage
>bill will now go to subsidize rural telcos.  Personally, I think this is
>proper public policy.  Just because someone is wealthy enough to afford
>a broadband connection, they shouldn't be exempted from having to pay
>the costs associated with lawful intercept, 911, and rural subsidy.
>Where I live, wireline and cellular customers pay $1.00 per month to pay
>off the 911 PSAP in New Hampshire.  I think it's only fair that a Vonage
>customer who can also dial 911 pay the same $1.00 per month.

That I have far less problem with - you can debate whether such subsidies
should exist (probably), or whether this is a good way to fund them
(perhaps) - but that doesn't create a barrier (cost or quality-wise) for
certain providers.  If anything, it removes one.  As you say, the Vonage
users of 911 are using the service.  That said, telecom taxes and fees are
pretty high compared to other parts of the economy - why are they not just
charged sales taxes, like cable?  But that's a separate arugment.

-- 
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com
"The fetters imposed on liberty at home have ever been forged out of the weapons
provided for defence against real, pretended, or imaginary dangers from abroad."
		- James Madison, 4th US president (1751-1836)