[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sip] Comment on DERIVE and B2BUAs

Viktor,

An interesting draft addressing a known problem space. Dan Wing has already pointed out similarities with draft-wing-sip-e164-rrc (now expired). I fear the present draft will not work in the presence of B2BUAs along the path of the INVITE request, since these tend to change things like call-ID, to-tag and from-tag. Since B2BUAs, and SBCs in particular, are the main reasons why RFC 4474 will not work, any solution has to be able to work through these devices.

John 

> -----Original Message-----
> From: sip-bounces at ietf.org [mailto:sip-bounces at ietf.org] On 
> Behalf Of Victor Pascual Ávila
> Sent: 25 October 2008 16:09
> To: sip at ietf.org
> Subject: [Sip] submission of a new I-D: "Dialog Event foR 
> Identity VErification"
> 
> Hi all,
> 
> A new I-D, draft-kuthan-sip-derive-00, was just submitted. Your
> comments are always welcome.
> 
> Filename:          draft-kuthan-sip-derive
> Version:           00
> Staging URL:
> http://www3.ietf.org/proceedings/staging/draft-kuthan-sip-deri
ve-00.txt
> Title:             Dialog Event foR Identity VErification
> Creation_date:     2008-10-25
> WG ID:             Indvidual Submission
> Number_of_pages: 24
> Abstract:
> This document provides a simple mechanism to prevent an attacker from
> presenting a forged "From" header field.  It offers an end-to-end
> identity assumption which does not require any previous association
> or trust relationship between administrative domains or the UAs.  The
> UAS verifies the "From" header by subscribing to the Dialog Event
> package [RFC 4235] at the AOR in the "From" header field.  If the
> entity calling is registered under this AOR, it will confirm that it
> is calling by sending some valid dialog state.  In this case, the
> identity of the caller is considered to be verified.
> 
> Submitter: Victor Pascual (victor at iptel.org)
> 
> Author(s):
> Jiri Kuthan, Jiri.Kuthan at tekelec.com
> Dorgham Sisalem, Dorgham.Sisalem at tekelec.com
> Raphael Coeffic, Raphael.Coeffic at tekelec.com
> Victor Pascual, Victor.Pascual at tekelec.com
> 
> 
> Thanks,
> -- 
> Victor Pascual Ávila
> _______________________________________________
> Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors at cs.columbia.edu for questions on current sip
> Use sipping at ietf.org for new developments on the application of sip
> 
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip