You are here: Home > Participate > Join a Discussion > Mailman Archives
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

RE : data point - anonymous E.164 number usage

  • To: < >
    < >
    < >
  • From: "Stastny Richard" < >
  • Date: Sat, 28 Feb 2004 11:20:30 +0100
  • Cc: < >
    < >
    < >
    < >
    < >

I fully agree with Olivier:
We have here two complete separate problems:
1. Identification required to get an E.164 number.
This is a problem that has nothing to do with ENUM and should be kept 
completely separate. That prepaid cards are given out in some (most) countries
without proper id is NOT an ENUM problem.
If some legal entity wants to get the identification of a person or entity assigned
an E.164 number, it should use the existing infrastructure. This is also holds if they
want to know the identity holding an domain related to this number if 
no contact information is available.
ENUM is not here to solve OPPs (Other People Problems)
2. The only thing that ENUM needs to provide is consistency in the
E.164 name space, that is: a domain shall only be delegated if
and only for the period of time the associated E.164 number is assigned to 
a person or entity and it shall be delegated to the SAME person or entity.
As Olivier shows this does not necessarily require to reveal the entity of the person, 
especially not on mobile phone if you use the access to the identification token
(e.g a SIM-card), but there ara also possibilities for fixed lines.
For regulators, they should only state the requirement and not the procedure
how to do this, because you can do this in many different ways. They will of course
have the right to check a given procedure if it complies to the requirement given.
3. In case of ENUM-only numbers the validation problem is not existent, because
the domain in IS the E.164 number, so there is consistency in the
name space per default. The identification problem remains,
but has to be solved at least nationally equivalent to other number ranges, especially mobiles.
If it is allowed to have anonymous number usage there, it must also be allowed to have
it here. So this is a national problem. Because it cannot be quod licet Jovi, not licet bovi ;-)
Last note: this does not hinder anybody wanting to give his identity to either an
ENUM contact info or a phone directory. In case of ENUM-only numbers the
normal procedure like with all other numebrs could apply (e.g entry in phone book
and possibility to opt-out)

	-----Ursprüngliche Nachricht----- 
	Von: Olivier.Girard@localhost [
] Gesendet: Sa 28.02.2004 10:24 An: jim@localhost Olivier.Girard@localhost Cc: ag@localhost jseng@localhost enum-l@localhost enum-trials@localhost enum-trial@localhost Betreff: RE : RE : data point - anonymous E.164 number usage >> As you say, it's proving that this entity has the right to use a given E.164 number >> is what matters. Unfortunately that usually means identifying this entity... :-) Not sure Jim... If the allocation of an E.164 number to XYZ is accompanied with a validation piece (password, certificate, digsig key or whatever it is...) which becomes invalid as soon as XYZ is not anymore owner of the number and that this piece is checked every time XYZ want to use her/his number in relation to a service (not only ENUM but every service which require the use of an E.164 number), then you do not need to identify the person. In that case you have only to check if the validation piece is valid. This, of course, needs a review of the E.164 number allocation policy which is national matter... In my opinion, we should focus on a generic solution (not only related to ENUM). Today, I can use my mobile number to register for a web based SMS service which offers me to send SMS from the web keeping my mobile number (it works also with anonymous prepaid!). The registration check is made via SMS (you get a "validation" password via SMS). The problem is: when I cease the contract with my mobile operator I can continue to send SMS using my old mobile number. Of course I can not get any reply to the SMS I have sent because the number is not allocated anymore (unless the associated ENUM Domain & NAPTR remain active after the E.164 number has been deactivated... ;o) ) In my opinion, there are two critical things: 1 - the point where an E.164 number is registered for a service (it can be ENUM, SMS, etc... but also telephony) 2 - the point where an E.164 number is not used anymore by the user and given back to the "allocator" (at this time, all registrations made with this number must be cancelled. For this, it is necessary that all service providers who have a relationship with the number be informed accordingly or that all those service providers make a periodic check of the validation piece. Is it a way to work on ? -----Message d'origine----- De : Jim Reid [
] Envoyé : vendredi, 27. février 2004 23:43 À : Olivier.Girard@localhost Cc : ag@localhost jseng@localhost enum-l@localhost enum-trials@localhost enum-trial@localhost Objet : Re: RE : data point - anonymous E.164 number usage >>>>> "Olivier" == Olivier Girard <Olivier.Girard@localhost >>>>> writes: Olivier> Dear All, I think we should make a difference here. In my Olivier> opinion, the interest of validation in ENUM is not to Olivier> know WHO is owner of an E.164 number or WHO has the right Olivier> to use an ENUM domain name. The role of ENUM validation Olivier> is primarily the ensure that only the one who has the Olivier> right to use an E.164 number can use the associated ENUM Olivier> domain name. Nothing more. Absolutely! There is a very subtle but important difference here and you're right to underline it. I think we're all guilty of being too loose with our terminology and confusing identity with authentication and/or validation. The identity of whatever it is that registers an E.164 number shouldn't matter. As you say, it's proving that this entity has the right to use a given E.164 number is what matters. Unfortunately that usually means identifying this entity... :-)

  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>