[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Another possible limitation of DERIVE

To: Dean Willis <dean.willis at softarmor.com>, "Elwell, John" <john.elwell at siemens.com>
Subject: Re: [Sip] Another possible limitation of DERIVE
From: Hadriel Kaplan <HKaplan at acmepacket.com>
Date: Fri, 21 Nov 2008 11:04:01 -0500
Accept-language: en-US
Acceptlanguage: en-US
Cc: IETF SIP List <sip at ietf.org>
Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
In-reply-to: <EB7233C9-E4EB-4B5E-8A56-A9366C1F9828 at softarmor.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <0D5F89FAC29E2C41B98A6A762007F5D001483038 at GBNTHT12009MSX.gb002.siemens.net> <49257408.5000301 at iptel.org> <0D5F89FAC29E2C41B98A6A762007F5D0014839F8 at GBNTHT12009MSX.gb002.siemens.net> <EB7233C9-E4EB-4B5E-8A56-A9366C1F9828 at softarmor.com>
Sender: sip-bounces at ietf.org
Thread-index: AclL8XiSG1xwFTMBSCWGXytx4fFMbgAAblCg
Thread-topic: [Sip] Another possible limitation of DERIVE

> -----Original Message-----
> From: sip-bounces at ietf.org [mailto:sip-bounces at ietf.org] On Behalf Of Dean
> Willis
> Sent: Friday, November 21, 2008 10:56 AM
>
> I crate a CA cert claiming to be for "elwell.org" and use it to sign a
> cert for "sip.elwell.org".
> I then generate INVITE requests for everybody on the SIP mailing list,
> with RFC 4474 Identity headers signed by "sip.elwell.org" and send
> them off UDP. Not from a real SIP UP, but from a simple harassment
> program.
>
> How do existing identity mechanisms protect against this?

The answer to that is simple: will you pay for the calls?

-hadriel
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] Another possible limitation of DERIVE
  - From: Dean Willis

References:
- [Sip] Another possible limitation of DERIVE
  - From: Elwell, John
- Re: [Sip] Another possible limitation of DERIVE
  - From: Jiri Kuthan
- Re: [Sip] Another possible limitation of DERIVE
  - From: Elwell, John
- Re: [Sip] Another possible limitation of DERIVE
  - From: Dean Willis

Prev by Date: Re: [Sip] INFO Framework: Tags
Next by Date: Re: [Sip] INFO Framework: Tags
Previous by thread: Re: [Sip] Another possible limitation of DERIVE
Next by thread: Re: [Sip] Another possible limitation of DERIVE
Index(es):
- Date
- Thread