[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] The emergency services routing use case

To: Dale.Worley at comcast.net, sip at ietf.org
Subject: Re: [Sip] The emergency services routing use case
From: "James M. Polk" <jmpolk at cisco.com>
Date: Thu, 20 Mar 2008 15:28:41 -0500
Authentication-results: sj-dkim-3; header.From=jmpolk at cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; );
Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=3750; t=1206044924; x=1206908924; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jmpolk at cisco.com; z=From:=20=22James=20M.=20Polk=22=20<jmpolk at cisco.com> |Subject:=20Re=3A=20[Sip]=20The=20emergency=20services=20ro uting=20use=20case |Sender:=20; bh=KlMsFrCvYpHpjCH7Bigqm91RHpnQJpbzo0SJGL0MGaA=; b=Ia1BsmNb2SSBziAm6eDo+bkN3cH7sKPFa0HZI2uEFRDiy32pVs+k4D7Juw Dn2Vc22sQKs4+pqAf5/HFLRbuXUWOvYrBwixZCNQ7FvRkyvI66nm8eRWSBk/ B0lLNoRgwv;
In-reply-to: <200803200230.m2K2UcbI012455 at dragon.ariadne.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <200803200230.m2K2UcbI012455 at dragon.ariadne.com>
Sender: sip-bounces at ietf.org

Dave

I believe the To: field is always supposed to be urn:service:sos, 
regardless of the choice in how to do this.  I don't know if this 
helps the point you're making...

James

At 09:30 PM 3/19/2008, Dale.Worley at comcast.net wrote:
>In regard to this use case in draft-rosenberg-sip-ua-loose-route-02.txt:
>
>    2.6.  Emergency Services
>
>    Another problem that arises from Request-URI rewriting is with
>    emergency services for VoIP.  A key requirement of systems supporting
>    emergency calling is that the SIP INVITE request for an emergency
>    call be 'marked' in some way that makes it clear that it is an
>    emergency call, so that it can receive priority treatment
>    [I-D.ietf-ecrit-requirements].  However, such a marking needs to be
>    done in a way that it cannot be abused by attackers seeking to get
>    special treatment for non-emergency calls.  The solution for this is
>    that the marking needs to be the target address of the request
>    itself, which would unambiguously identify an emergency services
>    calltaker as the target.
>
>Implicitly, an additional requirement is the ability to do non-trivial
>routing and fowarding of the emergency request, that is, where one SIP
>agent could provide routing instructions to downstream SIP agents.  In
>a perfect world, a proxy could route locally-originating emergency
>requests to any specified SIP URI, based on local policy regarding
>routing of emergency requests.
>
>Unfortunately, neither draft-rosenberg-sip-ua-loose-route,
>draft-holmberg-sip-target-uri-delivery, nor History-Info solves this
>problem.  The problem is fundamental:  We desire the *routing* of the
>message to be controlled by one element of the request, while the
>*priority* is controlled by a different element, the alleged ultimate
>destination ("urn:service:sos").  But such a split automatically
>allows a malicious user to take advantage of emergency prioritization
>for his own use.
>
>As proposed, a message would have "routed emergency service" in one of
>the following ways.  (We assume that sip:psap at 10.1.1.1 is the
>emergency services address.  In North American usage, an emergency
>services operation is called a "PSAP", "Public-Safety Answering
>Point".)
>
>     INVITE urn:service:sos SIP/2.0
>     From: xxx
>     To: xxx
>     Route: <sip:psap at 10.1.1.1;lr>
>
>     INVITE sip:psap at 10.1.1.1 SIP/2.0
>     From: xxx
>     To: xxx
>     Target: urn:service:sos
>
>     INVITE sip:psap at 10.1.1.1 SIP/2.0
>     From: xxx
>     To: xxx
>     History-Info: <urn:service:sos?Reason=SIP%3Bcause%3D302>;index=1,
>             <sip:psap at 10.1.1.1>;index=2
>
>Unfortunately, all of mechanisms can be exploited (in the same way)
>for nefarious purposes:
>
>     INVITE urn:service:sos SIP/2.0
>     From: xxx
>     To: xxx
>     Route: <sip:Dale.Worley at example.com;lr>
>
>     INVITE sip:Dale.Worley at example.com SIP/2.0
>     From: xxx
>     To: xxx
>     Target: urn:service:sos
>
>     INVITE sip:Dale.Worley at example.com SIP/2.0
>     From: xxx
>     To: xxx
>     History-Info: <urn:service:sos?Reason=SIP%3Bcause%3D302>;index=1,
>             <sip:Dale.Worley at example.com>;index=2
>
>By hypothesis, all of these requests are intended to be routed to
>sip:Dale.Worley at example.com with emergency priority, before allegedly
>being forwarded to the correct PSAP destination.
>
>Dale
>_______________________________________________
>Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
>This list is for NEW development of the core SIP Protocol
>Use sip-implementors at cs.columbia.edu for questions on current sip
>Use sipping at ietf.org for new developments on the application of sip

_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] The emergency services routing use case
  - From: Dale . Worley

References:
- [Sip] The emergency services routing use case
  - From: Dale . Worley

Prev by Date: Re: [Sip] Straw-man for rfc4474 and e164
Next by Date: Re: [Sip] Outbound-12 comments
Previous by thread: [Sip] The emergency services routing use case
Next by thread: Re: [Sip] The emergency services routing use case
Index(es):
- Date
- Thread