This is a new development in the VoIP market. This is how one of my colleagues, Cullen Jennings explained it to me.

Today we have two widely deployed global identifiers for reaching people. One is delegated address out of DNS and the other is phone numbers. So I consider an address like email: [email protected] or xmpp:[email protected] to roughly be out of the DNS namespace and phone number to be out of the E.164 name space.

Phone numbers have lots of parts that are not cool, but they also have some cool parts: they are widely understood including social conventions of giving out someone else’s phone number to a third part, they are easy to enter on devices with highly contained user interfaces, humans can almost remember them, they are easy for a human to give to another human. The biggest problem with phone numbers is, well, the only thing you can do with them is make a phone call. Say I wanted to have a Skype video call with you, or view your twitter feed, or send you an email and all I knew was the phone number. In many cases it would be nice to use a phone number to reach some internet service for user. Fundamental, this vipr technology solves the problem of securely mapping a phone number to URL.

Clearly there have been other attempts at mapping phone numbers to internet resources. Public ENUM is one example. However, most of the previous ones have failed because the economic incentives to make the technology deploy did not line up right. The vipr technology makes sure that every player that has to do something to make the technology deploy has an economic incentive to go do whatever they need to do. It heavily relies on peer to peer technologies.

How does it work? Imagine two enterprises, A and B that both have devices that can do voice and video over IP using SIP or something like that. First of all everyone using this systems forms one large Distributed Hash Table (DHT) using peer to peer techniques. Think of this like a database in the cloud.

Enterprise B publishes it’s phone numbers to the DHT along with a pointer to B services on the internet. When A dials a phone number, it looks up the phone number in the DHT and notices that there is a pointer from this phone number to B. However, A has no reasons to believe this information so it more or less ignores it for now. Anyone could have published a link claiming that phone number was theirs and pointing to themselves. Now A call B over the normal PSTN and it’s a normal phone call. After the phone call ends, both A and B know a common shared secret.

They know who called who and the start and stop time of the call. At this point, A can lookup the person in the DHT that claims to have the phone number (B in this case), then initiates some crypto magic (related to zero knowledge proofs) and B proves to A it knows the start and stop time of the call that happened over the PSTN. At this point A has validated that B really is the “owner” of the phone number and at any future point that A wants to communicate with that phone number, the services that B published into the DHT can be directly contacted. So the next time A calls that number, instead of going over the PSNT, the call goes over the Internet and A and B suddenly get video as well voice. The details are a bit more complicated (over a hundred pages of IETF specification) but that is the gist of it.

The enterprises need to run the vipr technology but will both get more features by doing this as well as a potential reduction in PSTN toll charges. Today lots of people have video phones running over SIP yet when they call another person that also has one, the call is forced over the lowest common denominator of the PSTN. This takes a very useful set of globally deployed address (namely E.164 phone numbers) and makes them useful for all the services on the internet not just making a phone call.