After numerous requests and a fair bit of discussing this afternoon, we came to the conclusion that there is no more risk in verifying against information stored in e164.arpa then there is in the current system of sending calls out via the PSTN network.
In fact there could be less risk since deployment is fairly limited and the benefit in attacking e164.arpa to have details listed with e164.org seems kind of pointless, it would be easier to hijack the phone call we send out.
In fact there could be less risk since deployment is fairly limited and the benefit in attacking e164.arpa to have details listed with e164.org seems kind of pointless, it would be easier to hijack the phone call we send out.
