ENUM (E.164 NUmber Mapping) is a technology that has been around for a little while that has promised much and delivered little to the average user. I thought it was time that I put my thoughts on this subject down in writing.
ENUM is a away of storing/supplying information about a entity using DNS like storage and retrieval. Up to now most applications have centered around telephony but other services such as email, IM and web could be accessed via ENUM. So a simple example would be that I have a URI of jonfarmer@mydomain.org and using this one single piece of information I could make available any data relating to me that I wanted to. This might be my phone or mobile number or a IM contact.
The major excitement around this technology is in the telecoms world. At the telco level ENUM allows different telcos to learn how to route calls between themselves. This becomes most valuable when those calls are routed over IP networks. So if a ENUM lookup is done on telephone number 01234567890 it might return sip:+4401234567890@telco2.co.uk as the preferred destination. As IP routing of voice calls is generally regarded as a cheaper method than TDM the advantages are evident. Even businesses and home users could potentially make use of ENUM to learn how to route calls over IP rather than the PSTN. However there are dangers inherent in this approach.
In order for a call to be routed over the IP network the receiving device has to accept and "trust" the incoming connection. This is a major issue. Why? Consider email. One of the major blights on email is SPAM. SPAM exists because in order for the email systems to work each email server has to accept and "trust" incoming connections from any other email server. This fact is used by the spammers to great effect. Most spam avoidance techniques working on spotting or blocking known or suspect emails or servers. Now return back to the issue of using IP to route calls using ENUM. If each receiving IP device has to accept and "trust" the incoming call it doesn't take a genius to spot the opportunity for the spammers. In the IP world there is no "friendly" telco to "generally" shield us from the bad guys.
Another issue exists around the validity of the data in a ENUM database. For instance a few months back I ran an experiment and did ENUM lookups with a couple of well known public ENUM servers for all the telephone numbers dialled from our office PBX. The results were surprising, a number of other telcos claimed to be the route for numbers that belong to another major telco. This is potentially a problem as a rogue user could publish ENUM data about a telephone number that didn't belong to them for mischievous or even criminal reasons. They could proxy the call through their own server, recording it along the way, and then pass it on to the legitimate receiver unbeknown to the caller. In one particular result from my experiment a competitor to the business claimed to be a route to a number used by BT (this is a number we call regularly as BT is a supplier). Now while there may be a innocent reason why this happened it illustrates the issues relating to privacy and corporate secrecy.
Recently Nominet the UK TLD registrar has been awarded the contract to administer the UK 4.4.e164.arpa delegation. They have put in place a system of Validation Agencies which will authenticate publishers of ENUM data and approve the validity of the data they publish. So in theorey this new ENUM service should stop the problem previously mentioned (in the UK at least). However it does nothing to stop spammers using VoIP as any PBX wanting to be contactable via ENUM has to be by definition open to the IP world. I made this point to a Nominet representative at a recent event and his response was that in time technology would overcome this issue. Well we are still waiting for a credible email spam solution so what hope for a SPIT (SPam over Internet Telephony) solution.
That being said ENUM is being used securely and successfully by telcos all around the world to route calls over IP. In time ENUM seems set to replace the existing routing technologies of the TDM world.
Will we see a day when individuals can reliably lookup the ENUM information of anyone around the world? That remains to be seen.
No comments:
Post a Comment