Re: data point - anonymous E.164 number usage
- Date: Fri, 27 Feb 2004 22:33:59 +0000
>>>>> "Adrian" == Adrian Georgescu ag@localhost writes:
Adrian> James, The point is that before a model of authentication
Adrian> and authorization is designed for a specific market, it is
Adrian> advisable to take a look out there "in the real world" to
Adrian> see if or to which extent the effort is justified.
If only life was that simple Adrian. [You need to spend more time with
telco regulators and suchlike....:-)] If the national regulator
insists ENUM registrations must be properly authenticated and
validated, then that is what has to happen. End of story. And as a few
people pointed out at the ETSI meeting this week, most (if not all)
telcos will be reluctant to see unauthenticated ENUM registrations
because of the adverse impact this could have on consumer protection,
customer confidence, universal service obligations and so on. Telcos
(have to) care about these things. Internet companies generally don't.
Adrian> Otherwise, we could delay or block the
Adrian> introduction of a new technology just because paper-work
Adrian> requires effort which does not compensate what the end
Adrian> service delivers (cost > benefit).
This is entirely different argument. But a fair one. Even so it's
orthogonal to the principle of authentication and validation. That's a
policy decision for the regulator. How that policy is implemented is
for industry. If its implementation turns out to be too costly or
cumbersome, industry should be able to suggest an alternative. Or I
suppose it could persuade the regulator to change the policy.
Does anyone here remember the days when there was a policy that only
approved devices could be connected to the PSTN? That policy died when
it was shown to be unnecessary, expensive and impractical. So if a
national policy on ENUM validation and authentication turns out to
have the same drawbacks, it's likely to meet the same fate.
BTW, I don't think anyone has yet got any hard data on what an ENUM
authentication & validation process would actually cost, let alone
whether it was financially viable. This work needs to be done.
