Re: [Ecrit] some observations from yesterday wg meeting

["Stastny Richard" <Richard.Stastny at oefeg.at>]

>One would hope that the PSAP SIP server takes a look at the location
>information and does a sanity check on the data. ("I'm in Kansas and an
>address in Nigeria is beyond my service area.")

Do not forget VPNs. For a single call, You may bring up a warning
to the call taker, but not reject the call. Thy guy from Nigeria may sit
at Starbucks next door.

One may implement something if you get a DOS attack
from this address, but again, most DOS attacks nowadays
use differnt addresses.

-richard

________________________________

Von: ecrit-bounces at ietf.org im Auftrag von Henning Schulzrinne
Gesendet: Mi 03.08.2005 11:35
An: Andrew Newton
Cc: ecrit at ietf.org
Betreff: Re: [Ecrit] some observations from yesterday wg meeting



> The charter aside, if we create the most super,duper concrete  security
> mechanism and validation on location, what James is  suggesting is that
> an attacker can just side step that and  communicate directly with the
> PSAP's SIP server.

One would hope that the PSAP SIP server takes a look at the location
information and does a sanity check on the data. ("I'm in Kansas and an
address in Nigeria is beyond my service area.")

_______________________________________________
Ecrit mailing list
Ecrit at ietf.org
https://www1.ietf.org/mailman/listinfo/ecrit



_______________________________________________
Ecrit mailing list
Ecrit at ietf.org
https://www1.ietf.org/mailman/listinfo/ecrit