Hacker News new | ask | show | jobs
by jstummbillig 246 days ago
I was interested in how we could do much better, but I should have been more specific.
1 comments
zokier 246 days ago
Incoming calls should be subject to acls and default-deny policy should be practical. This means that

- caller identity should not be spoofable

- identities should form hierarchies and groups so you can allow whole organizations instead of individuals

- organizations should use predictable identities for egress calls

- most likely managing multiple identities per device is needed (e.g. personal and work identites)

etc

None of this is particularly difficult technically. Even simply slapping x509 certs on calls and having some basic filtering would achieve a lot.

link
CaptainOfCoit 246 days ago
> None of this is particularly difficult technically. Even simply slapping x509 certs on calls and having some basic filtering would achieve a lot.

Slapping x509 certs on probably some of the oldest telecommunications infrastructure in the world (both in terms of devices using it, and devices enabling it) wouldn't be "technically difficult"?

But I've never worked in telecommunications, maybe I'm overestimating how large piece of work this would be.

link
zokier 246 days ago
Relative to the effort that has been poured to volte etc and 3g/4g/5g in general.
link
jstummbillig 246 days ago
> maybe I'm overestimating

Probably not.

link