> The idea of "authenticating the incoming calls" only applies if you're really going to block incoming calls.
Sort of. Even if the goal is to update the CLID (e.g. Spam likely) one needs to authenticate it. That is, to do the verify the Identity. > anybody can get an OCN and CLLI code Agreed. This doesn't protect anyone anymore than an SSL cert on a web page prevents a site from being malicious (e.g. an "authentic" phishing page) So, while the SHAKEN idea is well-intentioned, we may be spinning our wheels, just as it was well-intentioned to prepare for Y2K a short 20 years ago; we all knew nothing would happen but we prepared anyway :-) >
_______________________________________________ VoiceOps mailing list VoiceOps@voiceops.org https://puck.nether.net/mailman/listinfo/voiceops