Re: ACTION-40: Phones and scope

Here's my proposed text. 

=================
Out of scope:
- Security context information, controls, and authentication information 
based on non-Internet protocols and data such as telephony network 
protocols (SS7, ISDN, NANP)
=================

Unfortunately the term "non-Internet protocols" seems a little 
underspecified, but gets to the intent of what we discussed on the phone 
today.  If anyone has better text or objections, please respond, 
otherwise I will put this in the Wiki.

--Brad


Mary Ellen Zurko wrote:
>
> Thanks. Please add it to the wiki:
>
> http://www.w3.org/2006/WSC/wiki/NoteOutOfScope
>
>
>           Mez
>
> Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
> Lotus/WPLC Security Strategy and Patent Innovation Architect
>
>
>
> *"Hallam-Baker, Phillip" <pbaker@verisign.com>*
> Sent by: public-wsc-wg-request@w3.org
>
> 01/09/2007 09:44 AM
>
> 	
> To
> 	"W3 Work Group" <public-wsc-wg@w3.org>
> cc
> 	
> Subject
> 	ACTION-40: Phones and scope
>
>
>
> 	
>
>
>
>
>
> Out of scope:
>  
> Communications that are initiated by means of a telephone number 
> including telephone calls and SMS messages regardless of whether 
> Internet Protocol and/or Web Services are employed as a transport 
> mechanism
>  
>  
> Rationale:
>  
> While attacks against both the legacy telephone system and VOIP are 
> increasing the architecture and governance of the telephone network 
> and Internet are very different. In particular any communication that 
> is initiated by means of a telephone number is effectively regulated 
> by one or more governments at a detailed level regardless of where it 
> is made. Remediation methods such as interception or termination that 
> are routinely used to control telephone based fraud are challenging in 
> the unregulated Internet environment where accountability is poor and 
> even the determining who the responsible party is represents a 
> significant challenge, let alone getting them to act.
>