RE: [Ecrit] some observations from yesterday wg meeting

["Brian Rosen" <br at brianrosen.net>]

Chairs?

I was not a fan of the narrow focus of the charter.  It is what it is.

Each change in technology changes the situation for emergency call systems.
It takes away things, and provides new things.  When mobile phones came,
they removed accurate location and substituted inaccurate location in a
totally different, and difficult-for-psap-to-use form.  They even took away
call back number in the case of un-initialized phones. They gave the
possibility of tracking a moving caller, and they gave the ability to get
calls immediately from the scene of common events like car crashes.  On
balance, it's a good thing.

VoIP is the same; some things are being taken away, some things are being
added.  It's different, get over it.

Brian

________________________________________
From: James Winterbottom [mailto:winterb at nortel.com] 
Sent: Wednesday, August 03, 2005 5:46 AM
To: Brian Rosen; 'Andrew Newton'
Cc: ecrit at ietf.org
Subject: RE: [Ecrit] some observations from yesterday wg meeting

Bah!!! 
The problem must exist in someone's charter, and GeoPriv don't seem to want
it either! 
It is not easy, without having relatively substantial local foot print, to
spoof emergency calls with in the USA today. In a IP world, that is simply
not true any longer with the currently proposed mechanisms of user created
location documents, no matter where the source data came from. That is
consumers of location (location recipients LRs) have absolutely NO means of
assuring that this correct. The same is absolutely not true for 99.999% of
PSTN calls. 
Location is today in the cellular and wireline world is the responsibility
of the access provider, and this will need to remain the responsibility of
the access provider in the future until telekenic-osmosis becomes a reality.
ECRIT or GeoPriv pick it up until then, but stop passing the buck!!!

Cheers 
James 

-----Original Message----- 
From: ecrit-bounces at ietf.org [mailto:ecrit-bounces at ietf.org] On Behalf Of
Brian Rosen 
Sent: Wednesday, 3 August 2005 7:21 PM 
To: 'Andrew Newton' 
Cc: ecrit at ietf.org 
Subject: RE: [Ecrit] some observations from yesterday wg meeting 

But that problem is not in our charter.  If an attacker learned a PSAP's SIP
URI from any mechanism, they can mount an attack.
True. 
Not in our charter. 
Determining that a location represents the location of the caller is within
charter. 
I believe identity of caller is NOT a requirement in general, but I think
it's clearly not a requirement in ecrit. 
Brian 
-----Original Message----- 
From: Andrew Newton [mailto:andy at hxr.us] 
Sent: Wednesday, August 03, 2005 5:07 AM 
To: Brian Rosen 
Cc: 'James Seng'; ecrit at ietf.org 
Subject: Re: [Ecrit] some observations from yesterday wg meeting 

On Aug 3, 2005, at 3:23 AM, Brian Rosen wrote: 
> This discussion is more or less out of charter, as the work in ecrit 
> addresses the first point above. 
I don't think so.  I think James has made a fairly important point:  
the notion that L2 location must be signed can simply be circumvented  
by an attacker contacting the PSAP's SIP server directly. 
-andy 

_______________________________________________ 
Ecrit mailing list 
Ecrit at ietf.org 
https://www1.ietf.org/mailman/listinfo/ecrit 


_______________________________________________
Ecrit mailing list
Ecrit at ietf.org
https://www1.ietf.org/mailman/listinfo/ecrit