[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Ecrit] some observations from yesterday wg meeting
But that problem is not in our charter. If an attacker learned a PSAP's SIP
URI from any mechanism, they can mount an attack.
True.
Not in our charter.
Determining that a location represents the location of the caller is within
charter.
I believe identity of caller is NOT a requirement in general, but I think
it's clearly not a requirement in ecrit.
Brian
-----Original Message-----
From: Andrew Newton [mailto:andy at hxr.us]
Sent: Wednesday, August 03, 2005 5:07 AM
To: Brian Rosen
Cc: 'James Seng'; ecrit at ietf.org
Subject: Re: [Ecrit] some observations from yesterday wg meeting
On Aug 3, 2005, at 3:23 AM, Brian Rosen wrote:
> This discussion is more or less out of charter, as the work in ecrit
> addresses the first point above.
I don't think so. I think James has made a fairly important point:
the notion that L2 location must be signed can simply be circumvented
by an attacker contacting the PSAP's SIP server directly.
-andy
_______________________________________________
Ecrit mailing list
Ecrit at ietf.org
https://www1.ietf.org/mailman/listinfo/ecrit