IETF Logo Mail Archive

Re: [rtcweb] Identity and PSTN gateways

Roman Shpount <roman@telurix.com> Tue, 03 April 2012 15:51 UTC

Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 867F511E80F9 for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 08:51:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.874
X-Spam-Level:
X-Spam-Status: No, score=-2.874 tagged_above=-999 required=5 tests=[AWL=0.102, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L4wut7pJm9O4 for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 08:51:17 -0700 (PDT)
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id EA74C11E80EF for <rtcweb@ietf.org>; Tue, 3 Apr 2012 08:51:16 -0700 (PDT)
Received: by pbbrq13 with SMTP id rq13so29988pbb.31 for <rtcweb@ietf.org>; Tue, 03 Apr 2012 08:51:16 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=9aZee0qP0/41gTfRugzTZAydR3Ha1c3Zv4ynRMlG8/A=; b=pFfdi8aHj6sRBWHMKG0HvsVDTWH34DlT6hO5NNdkRKJgvuxUbqJJOOwkx/PUUL23IQ gav3QG8B902GIxYVHqYndAE+Cnl3tm7OaFqoP43FAOIJbEwAv4Ohs+Flc/a6jDAqFUi8 BJOpn1KPsgJXhw00od1BvS69lSqI0QUrNQiVk3dqqHDlFrmGFKo5Yjq565Z7GLyt3iU5 PXXvAAM8PfrIxv5NyOOY8XH4TBnpfYUNnyke4zY20Mmtj18Q/KfkiiJryVvFdIZxUUjg +2UMt5UYLQvU/3nLRBclXszauafcLMkf+WMf/Unl/CaH1XHJJ5gI+JfmiRL402yblqKx S1/g==
Received: by 10.68.197.194 with SMTP id iw2mr30174722pbc.26.1333468276723; Tue, 03 Apr 2012 08:51:16 -0700 (PDT)
Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com [209.85.210.54]) by mx.google.com with ESMTPS id d3sm10280569pbq.9.2012.04.03.08.51.14 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 03 Apr 2012 08:51:14 -0700 (PDT)
Received: by dady13 with SMTP id y13so5025390dad.27 for <rtcweb@ietf.org>; Tue, 03 Apr 2012 08:51:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.191.69 with SMTP id gw5mr29962105pbc.141.1333468273757; Tue, 03 Apr 2012 08:51:13 -0700 (PDT)
Received: by 10.68.6.67 with HTTP; Tue, 3 Apr 2012 08:51:13 -0700 (PDT)
In-Reply-To: <A61DB206-1B56-44B5-AADE-E4A820D76B93@edvina.net>
References: <4F7AF40D.3010706@alvestrand.no> <A61DB206-1B56-44B5-AADE-E4A820D76B93@edvina.net>
Date: Tue, 03 Apr 2012 11:51:13 -0400
Message-ID: <CAD5OKxsn5X2g+kcJjShGQHfOMdadhDFxwDEodZK+RaxnK=a=+A@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: "Olle E. Johansson" <oej@edvina.net>
Content-Type: multipart/alternative; boundary="e89a8fb208dcc6ce7004bcc84696"
X-Gm-Message-State: ALoCoQkF4ZA4ak6dTSJGmtelyNqxzB93AZcan9ekyjaxT+F5/O9aMqsWlHlBLOdNiaRFdoHOtyX/
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Identity and PSTN gateways
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 15:51:17 -0000

On Tue, Apr 3, 2012 at 9:05 AM, Olle E. Johansson <oej@edvina.net> wrote:

>
> Now we will have to separate "PSTN-emulating" gateways that accept calls
> to all phone numbers but play a prompt saying "You gotta be kidding me -
> calling a phone number?" from REAL gateways that have a connection to the
> PSTN world.
>
> Will guys connecting with SS7 have a certificate signed by the ITU as a
> "TRUE" PSTN provider and the voip guy in the basement next door just have a
> "Best effort fourth-tier PSTN service" certificate?
>
> I think that any identity of any PSTN gateway just identifies the gateway
> as a server. Not as a service.
>
> I agree with you that you can only identify the gateway. Above this, I
think the whole discussion is pointless since there are no security
guarantees within PSTN. A million of people can be listening in. You can be
connected to a completely different number then the one you've dialed due
to LNP, call routing rules, call forwarding, or anything else. If you are
dialing internationally your traffic often goes over unsecured public
internet. So far, 99.999% of all phone calls were unsecured, tapped into,
recorded and listen by anybody who possessed even the moderate desire to do
so. If you start talking about calls coming from PSTN, you have even less
guarantees about accuracy of the caller ID information. You are currently
trying to secure the edge and provide identity on top of this mess.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email