Re: [Sip] SIP Dialog Match

To: Karunesh Sharma <Karunesh.Sharma at globallogic.com>

Subject: Re: [Sip] SIP Dialog Match

From: aayush bhatnagar <abhatnagar192006 at gmail.com>

Date: Sat, 1 Aug 2009 19:17:31 +0530

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:cc:content-type; bh=Ku8R+OVLwDzs2KqtSiN2pLRk8p9FLIBFAED0J0bgRso=; b=v2qU2d0bped6r8046Rct9l/IzMdfvsLImyYUS1/oZDKgiimg0CszUw4h1KEC7ge8n+ axiaU4X0RiRSso7y+eBa8ziN/p2e/cb6NmTF8w+viEBByxdxFlmFxU/J4c0aw4hsCnUY WagERZ25nHymCfEMLNQ37IkaoKfNkpvmGnPi4=

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=k4FmRNkOWi0mOdFFJAVa8zwwEAVHA12lFb87uCCGUzYc81MkmgWaqJC76EJYPbjnmN 6AXGJER3pcO0zJ7f2NlCevBx6s+cEjRe0HubLDGsrqUd9IimvCRXH19rVoaqUK5+yUEr iOWvIZOwslc24IiZYv2is989BJ4h0gg7yfAPM=

In-reply-to: <5F063FC3F0C8F14E945465A68E63C43E9451DB at ex3-del1.synapse.com>

List-archive: <http://www.ietf.org/mail-archive/web/sip>

List-help: <mailto:sip-request@ietf.org?subject=help>

List-id: Session Initiation Protocol <sip.ietf.org>

List-post: <mailto:sip@ietf.org>

List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>

List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>

References: <5F063FC3F0C8F14E945465A68E63C43E9451DB at ex3-del1.synapse.com>

It may be a security concern to allow C to Join the existing dialog, but it can be a way to implement a call screening server (call tapping) for lawful interception services.

For more details look here: http://www.rfc-editor.org/rfc/rfc3911.txt

On Thu, Jul 30, 2009 at 09:28, Karunesh Sharma <Karunesh.Sharma at globallogic.com> wrote:

List:

I am having a question about SIP dialog validation using src/dst ip. If there is established sip dialog between ‘A’ & ‘B’ then can ‘C’ who is not party to existing dialog and who somehow knows all sip dialog identifiers (Call-ID, To/From Tags) of the dialog between ‘A’ & ‘B’, sends target refresh request with its own IP in contact. This is a typical call hijacking case. If this is valid how to avoid that? Is Authentication is only way out or do we have other alternate as well?

I didn’t find anything on this in 3261 or other related RFCs.

Thanks

K$

_______________________

_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

--
aayush
----------------------------------------------------
"A philosopher always knows what to do...until it happens to him"

Follow-Ups:

Re: [Sip] SIP Dialog Match
- From: Dale Worley

References:

[Sip] SIP Dialog Match
- From: Karunesh Sharma