[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sipping] SPAM, consent & their requirements

To: "Jeroen van Bemmel" <jbemmel at zonnet.nl>
Subject: Re: [Sipping] SPAM, consent & their requirements
From: Dean Willis <dean.willis at softarmor.com>
Date: Thu, 8 Sep 2005 12:38:48 -0500
Cc: sipping <sipping at ietf.org>
In-reply-to: <007801c5b326$44d499c0$6402a8c0@BEMBUSTER>
List-help: <mailto:sipping-request@ietf.org?subject=help>
List-id: "SIPPING Working Group $applications of SIP$" <sipping.ietf.org>
List-post: <mailto:sipping@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=unsubscribe>
References: <007801c5b326$44d499c0$6402a8c0@BEMBUSTER>
Sender: sipping-bounces at ietf.org


On Sep 6, 2005, at 4:02 PM, Jeroen van Bemmel wrote:

All, It's been some time (last message dates back to 25th of July) since the drafts related to the Consent framework, its requirements and SIP SPAM were discussed on this list. A brief look at the pending drafts overview shows that several are waiting for this work to finish. Assuming there is still interest in this, I have a question (or rather observation) for discussion: I think a difference between SPAM and a DoS attack is, that SPAM can be addressed by preventing delivery to the end user, while a DoS attack requires prevention of delivery to the end user's device. Obviously the latter accomplishes the former, so a consent framework that prevents delivery to the device also prevents SPAM My question is: are any more "lightweight" solutions being considered that would perhaps not solve DoS attacks but could help prevent SPAM? I could think of some (perhaps obvious) approaches such as an endpoint-based whitelist using requestor Identity or (if not available) a shared secret per buddy

The IESG will require us to have an adequate solution to the DoS issues for advancing the list-services documents, independently of any SPAM issues.

We have a SPAM-related draft at:

http://www.ietf.org/internet-drafts/draft-ietf-sipping-spam-01.txt

--
Dean


_______________________________________________
Sipping mailing list  https://www1.ietf.org/mailman/listinfo/sipping
This list is for NEW development of the application of SIP
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sip at ietf.org for new developments of core SIP

References:
- [Sipping] SPAM, consent & their requirements
  - From: Jeroen van Bemmel

Prev by Date: Re: [Sipping] Query regarding m-lines in SDP
Next by Date: Re: [Sipping] New I-D: A solution for the HERFP caused by forked SIPINVITE requests
Previous by thread: [Sipping] SPAM, consent & their requirements
Next by thread: [Sipping] I-D ACTION:draft-ietf-sipping-message-tag-00.txt
Index(es):
- Date
- Thread