Table of Contents
Chris Wendt is one of the original authors of STIR/SHAKEN, a webRTC pioneer, and the co-chair of the joint IPNNI Joint task Force between ATIS and SIP Forum. Armed with a Music degree and dual degrees in electrical and computer engineering (BSEE/MSEE), the polymath set out to blend the innovative spirits of Herbie Hancock and Bob Moog.
His journey began at a pioneering company in West Chester, PA, renowned for developing the first commercially affordable musical sampling keyboard, spearheaded by ex-Commodore Computer engineers. His career trajectory took a sharp turn when he was recruited by Bell Labs Microelectronics to develop an audio DSP solution, enhancing early Windows PC gaming with 3D positional audio.
Leveraging his graduate research on audio perceptual codecs, Chris joined SRI Labs in Princeton, diving into the development of MPEG-4 video codecs and the nascent field of internet streaming solutions based on RTSP/RTP. This period marked his initial involvement in industry standards, particularly MPEG.
Despite several startup ventures in video streaming, Chris transitioned to the telecom sector at Comcast, spearheading the deployment of the cable industry’s version of IMS (PacketCable 2.0). His focus then evolved to Unified Communications and the implementation of WebRTC as a cloud service for video conferencing.
Currently, Chris is the VP of Systems Engineering at Somos, Inc., where he oversees a team dedicated to building core services for the company. He continues to influence the STIR/SHAKEN ecosystem, serving as a board member of SIP Forum and co-chairing the STI-GA-TC, the technical committee that supports the certificate ecosystem in the US. He recently launched the Trust and Transparency Task Force as part of CFCA, a joint effort with SIP Forum.
Throughout his career, Chris’s involvement in IETF and other standards bodies has allowed him to collaborate with global experts in internet technologies. The challenge of telephone number-based authentication has evolved into an intriguing endeavor for him, focusing on certificates, cryptography, digital signatures, and digital identities.
As fraud and impersonation become increasingly significant issues in both the internet and telecommunications sectors, impacting both consumers and businesses, Chris is at the forefront of developing standards for digital identities, authentication, and authorization that aim for greater convenience, privacy, and security.
Chris views the telephone number as a vital public identifier that, when secured with robust authentication technologies, can act as a secure gateway to our digital lives. This vision has been his primary focus in recent years, and he is witnessing the gradual formation of a unified framework that drives and motivates him to continue his work in a sometimes skeptical industry.
This summer, Chris and his family (his wife and three teenage boys) will fulfill their goal of visiting all 50 states by traveling to Hawaii, an achievement that underscores his appreciation for the beauty and diversity of the United States, both in its people and geography. As he looks forward to future explorations, Chris remains committed to shaping the landscape of digital communication and security.
About The Series
This is the ninth installment in the “One Expert, One Topic” series, where field experts select a topic and share essential insights using Matt Abrahams’ What/So-What/Now-What format. Presented in written form, it allows you more time to absorb the topic and guides you on where to go for further learning. Writing is both challenging and time-consuming; we are grateful to our contributors for sharing their wisdom in this format.
Topics in this contribution: Bell Labs Microelectronics, SRI Labs, Comcast, Somos, SIP Forum, STI-GA-TC, CFCA, IETF, ITU-T e.164, RTU (Right-to-Use), KYC (Know-Your-Customer), Vesper Token, STIR/SHAKEN, IPNNI, Joint Task Force between ATIS and SIP Forum, telephone number identity, impersonation, spoofing, digital identities, authentication, authorization, zero-trust framework.
What
The telecommunications industry since almost its existence as a business has been split into two halves that almost exist like oil and water. The billing and provisioning systems and the actual routing of messaging and calls almost exist despite each other in many provider networks. Management of subscribers and their telephone numbers and the actual telephone networks almost exclusively exist in different systems, are managed by different teams, use different protocols. The fact that many in the telecom industry consider telephone service a network service in aggregate, where voice/message traffic is treated like data has perhaps worked to date but presents a critical challenge as we discuss solving the “spoofing” problem and the identification of a bad actor behind a specific telephone call or message.
Telecommunication services are generally federated application services, in the sense that a message initiated by one subscriber often does not terminate on the same provider network or the same messaging provider. Similarly, of course, for internet applications more generally, network traffic is exchanged between users that use different internet service providers. This traffic contains the data supporting applications, but that network is for the most part independent of those applications. Conversely, the key for securing users of the applications is that users of a web app authenticate themselves at the application layer, the application provider worries about the management of the subscriber in a central way and generally that is completely independent to the network and internet provider relationship.
The Impersonation Challenge
Telecom impersonation involves pretending to be someone else, often facilitated using the manipulation of the telephone number identity to either look like a caller they want to impersonate, known as illegitimate spoofing. We have been seeing a troubling extension of the impersonation problem where not only the telephone identity is spoofed but using deep-fake/AI technologies bad actors are manipulating the media associated with a call to also sound like someone they are not.
There are other related challenges of messages and calls that are not specifically illegal or impersonation but are an annoyance or not wanted communications.
So What
We, as an industry, have been talking about various schemes and frameworks for solving these issues. This has been a complex, multi-layer discussion of determining good vs bad providers that either aren’t properly performing due diligence on customers they assign numbers, customers they take traffic from, networks they peer/interconnect with, let alone the complex web of individual customers that are placing each of the individual calls. The issue we have is that while we can set a lot of mousetraps, but the fundamental mouse problem is not going to go away.
Messaging and telephone calls at the end of the day are applications with special numerical identifiers, namely telephone numbers, that need to be treated as identities and be used to authenticate the user/subscriber to use that application and prove to the receiving network who they are and that they have been authenticated. No other web application on the internet would ever consider not using authentication of identity to properly secure and identify its subscribers end to end.
Telephone number administration happens centrally in a globally unique way following ITU-T e.164 with country codes that associate telephone allocation to many individual country jurisdictions and other number spaces that represent some non-geographic and other allocations. But it is a truly remarkably well-organized way of making sure we have globally unique identities that allow us to communicate with each other with a simple, easy to dial, numeric string. It’s quite a remarkable human achievement if you think about it. But our ability to transition from provisioned devices locked to telephone numbers to more modern concepts of digital identities that are used beyond hardware terminals connected physically to networks has been a challenge. Spoofing telephone numbers has created opportunities to build interesting and valuable applications but has also enabled a way of exploiting the “trust” the telecommunications industry relied upon when depending on security of physical network connectivity and telephony managed as a purely network service. It’s way past the time to reconsider how we think about these services, that telephony must be managed as an application with centrally managed and allocated federated identities that need to be authenticated end-to-end as part of a distributed multi-stakeholder network.
The Role of RTU in Preventing Impersonation
As an industry and in the context of authentication of entities, we have also discussed the use of Know-Your-Customer (KYC) and the establishment of clear and straight-forward policies around a vetting process to tie a person or a business entity specifically to a telephone identity. The idea of Right-to-Use (RTU) has been discussed, but really is at the core of directly tying the telephone number assignment to an entity. Establishing a robust and secure RTU framework is essential in combating impersonation. RTU can be a framework that ensures that each call or message is indisputably linked to a verified entity, making it difficult for fraudsters to misrepresent themselves. Of course, with the concepts of Display Names and Rich Call Data this concept extends beyond mere identity verification; it can includes the names, photos, and logos that individuals or organizations use to represent themselves. Interestingly, the industry currently relies on essentially paper documents known as “Letter of Authorization” or “Letter of Agency” (LOAs) as the primary mechanism for associating telephone numbers to entities, even though technically they are intended only for sharing information during the porting process. But I think we have a timely opportunity to make that much more robust and a core solution for truly associating telephone number assignment to an authenticated entity with the RTU. At its core, RTU as a specific framework can tie a digital identity, the telephone number, uniquely and non-repudiably to a specific entity, ensuring that the communication genuinely originates from the claimed source.
Now What
Implementing Granular Trust within a Zero Trust Framework
The zero-trust model operates on the simple principle of “never trust, always verify”. This means requiring continuous authentication and validation of each entity involved in the communication. Security cannot be limited to network boundaries. To effectively combat impersonation, we need to move beyond broad, generalized solutions and implement granular trust using the principles and goals of implementing a zero-trust framework. This approach tightly associates responsible parties with their authenticated digital identities, making it highly difficult for impersonators to operate.
By focusing on detailed and robust authentication methods tied explicitly to RTU, we can enhance the security and trustworthiness of our communications systems.
The Vesper Token – representing RTU and vetted information in a transparent and privacy-enabled framework
As the telecommunications industry continues to evolve, so must our strategies for establishing and maintaining trust. By prioritizing RTU and implementing robust authentication measures within the guidelines of a zero-trust framework, we can create a more secure digital communications environment. This approach not only protects against impersonation but also fosters confidence in our communications systems versus relying purely on opaque identifiers in the network, ultimately benefiting all users and setting a better path for telecommunications services more generally.
The Vesper token is a new proposal for a path forward to properly represent RTU and KYC related vetted information in the context of an authentication framework. It utilizes the three-party trust concept of issuer/holder/verifier and supports selective disclosure to represent the vetting of specifically disclosed information, whom performed the vetting, whom the vetting is about, and whom needs to verify the vetted party. This represents a proposed concrete path forward to encapsulate trusted information in a properly signed and secure token that can be delivered and referenced by interested parties with confidence.
Moving Forward
The evolution of telephone numbers from simple network routing identifiers to critical components of digital identity verification. Telephone numbers are now integral identities to various services, from account recovery to two-factor authentication. The STIR/SHAKEN framework is a cornerstone protocol for the authentication of communications transactions and caller IDs on a transaction basis, ensuring that telephone numbers are not spoofed, and that the communications originator is who they claim to be. But as the industry is actively discussing, trust can only be achieved with the implementation of a trusted association of the digital identity with the verification and validation of the true party (person or business entity) that is legitimately assigned and willing to take responsibility for the actions associated with that identity. The Vesper token can represent both the RTU association with a telephone identity and vetting of that entity and their associated information. Thus, both concepts can come together to form a solid Trust Framework in the context of use of the telephone number as a true trusted identity where RTU and conformance to a set of vetting policies can be truly represented to the recipient with explicit trust.
The telephone number is in essence the telecom industry’s most valuable asset, a globally unique identifier. Identity in the digital world is so important and crucial for communicating with each other but also for interacting with businesses and applications more generally. Wrapping the telephone number with explicit trust and an identity trust framework is at the cornerstone of what the telecommunications industry was founded. Telephone numbers as a national and global resource deserve a framework that is associated with trust and an explicit RTU association. A verifiable, transparent, but privacy-enabled trust framework is crucial for a path forward toward a trusted telephone identity to maintain its relevance as a timeless human achievement to uniquely identify ourselves on both the telephone network and beyond.
