[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ecrit] Solution Approaches

To: Henning Schulzrinne <hgs at cs.columbia.edu>
Subject: Re: [Ecrit] Solution Approaches
From: Hannes Tschofenig <Hannes.Tschofenig at gmx.net>
Date: Tue, 17 Apr 2007 15:08:16 +0200
Cc: ECRIT <ecrit at ietf.org>
In-reply-to: <218EBEE4-8857-40DE-A774-4CFED54DA2F7@cs.columbia.edu>
List-help: <mailto:ecrit-request@ietf.org?subject=help>
List-id: ecrit.ietf.org
List-post: <mailto:ecrit@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
References: <46248F45.6030807@gmx.net> <218EBEE4-8857-40DE-A774-4CFED54DA2F7@cs.columbia.edu>
User-agent: Thunderbird 2.0.0.0 (Windows/20070326)

Hi Henning,

Henning Schulzrinne wrote:

2) Provide LbyR + Dial String + PSAP URI to the end host. We could ignore the potential security vulnerabilities if charging does not work on a call-by-call basis.
CONSEQUENCE: No changes needed.
We still would need to define how the UA acquires the dial string and PSAP URI.

Right. I forgot that part.

Using LoST would require a change to LoST (resolving LbyR) and a business relationship between the LoST server and the ISP (as well as a way to discover the LoST server that can resolve the LbyR).

The alternative is to provide the country code (via LCP/DHCP/...) to the UA and have the dial string be looked up via LoST, with the PSAP configured via SIP configuration.
Thus, whichever way it's done, this requires additional protocol work.

Correct.

3) Provide LbyR + Dial String + PSAP URI to the end host. VSP does a reverse LoST lookup to verify the PSAP URI.

CONSEQUENCE: Solution needs to be developed.
This seems to be the same as #2.

No. Item (2) just assumes that we ignore the security vulnerability (fraud) because we believe it is not a real problem. For item (3) we believe it is a problem and provide a solution to it.

4) Provide LbyR + Dial String + PSAP URI to the end host. VSP verifies the PSAP URI with the PSAP URIs being flooded (using the LoST synchronization mechanism). This mechanism is potentially similar to (3) -- details might vary. (3) might use a distributed approach whereas this is brute force.

CONSEQUENCE: Solution needs to be developed.
Again, I'd like to separate the verify-URL-is-PSAP problem from the location problem. These are completely separate issues, as the verification problem only affects the VSP, as it charges for calls.

There are many aspects that play an important role for the solution:
* location
* verification
* authentication
* deployment considerations
* callback aspects

All these issues have to be considered and cannot be treated independently. For some of the solutions we solve the PSAP URI verification with call routing through a SIP proxy in the access. This also addresses the location aspect.


Ciao
Hannes

Henning

_______________________________________________
Ecrit mailing list
Ecrit at ietf.org
https://www1.ietf.org/mailman/listinfo/ecrit

Follow-Ups:
- Re: [Ecrit] Solution Approaches
  - From: Henning Schulzrinne

References:
- [Ecrit] Solution Approaches
  - From: Hannes Tschofenig
- Re: [Ecrit] Solution Approaches
  - From: Henning Schulzrinne

Prev by Date: Re: [Ecrit] LoST civic caching issue
Next by Date: AW: [Ecrit] Solution Approaches
Previous by thread: Re: [Ecrit] Solution Approaches
Next by thread: Re: [Ecrit] Solution Approaches
Index(es):
- Date
- Thread