Re: [rtcweb] Identity and PSTN gateways
Igor Faynberg <igor.faynberg@alcatel-lucent.com> Tue, 03 April 2012 17:12 UTC
Return-Path: <igor.faynberg@alcatel-lucent.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5F5321F856C for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 10:12:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.11
X-Spam-Level:
X-Spam-Status: No, score=-9.11 tagged_above=-999 required=5 tests=[BAYES_05=-1.11, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ami3EUD0kPMd for <rtcweb@ietfa.amsl.com>; Tue, 3 Apr 2012 10:12:08 -0700 (PDT)
Received: from ihemail2.lucent.com (ihemail2.lucent.com [135.245.0.35]) by ietfa.amsl.com (Postfix) with ESMTP id B55F321F87A8 for <rtcweb@ietf.org>; Tue, 3 Apr 2012 10:12:08 -0700 (PDT)
Received: from usnavsmail3.ndc.alcatel-lucent.com (usnavsmail3.ndc.alcatel-lucent.com [135.3.39.11]) by ihemail2.lucent.com (8.13.8/IER-o) with ESMTP id q33HC7MZ000585 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <rtcweb@ietf.org>; Tue, 3 Apr 2012 12:12:07 -0500 (CDT)
Received: from umail.lucent.com (umail-ce2.ndc.lucent.com [135.3.40.63]) by usnavsmail3.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q33HC6Oj000323 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <rtcweb@ietf.org>; Tue, 3 Apr 2012 12:12:07 -0500
Received: from [135.244.35.225] (faynberg.lra.lucent.com [135.244.35.225]) by umail.lucent.com (8.13.8/TPES) with ESMTP id q33HC65E024073; Tue, 3 Apr 2012 12:12:06 -0500 (CDT)
Message-ID: <4F7B2F66.1050700@alcatel-lucent.com>
Date: Tue, 03 Apr 2012 13:12:06 -0400
From: Igor Faynberg <igor.faynberg@alcatel-lucent.com>
Organization: Alcatel-Lucent
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <4F7AF40D.3010706@alvestrand.no> <A61DB206-1B56-44B5-AADE-E4A820D76B93@edvina.net> <CAD5OKxsn5X2g+kcJjShGQHfOMdadhDFxwDEodZK+RaxnK=a=+A@mail.gmail.com> <CALiegfmvHWKSFeLEpX2RFYtT_=4OcmJNkYBrGXvOdu5m-MVroA@mail.gmail.com> <CAD5OKxt9f1xiMjNSqk=gmB+Lm4fa=FsrDN_YsxkJwE25HYLMhQ@mail.gmail.com> <CALiegf=5LVYx474D-NZvek679CtqrOm1s6YgE4uwQqXoFzZMxA@mail.gmail.com>
In-Reply-To: <CALiegf=5LVYx474D-NZvek679CtqrOm1s6YgE4uwQqXoFzZMxA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.35
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.11
Subject: Re: [rtcweb] Identity and PSTN gateways
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: igor.faynberg@alcatel-lucent.com
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 17:12:09 -0000
I cannot quite agree with Iñaki, although I do need to qualify this. (Maybe we don't disagree after all.) POTS has been as secure as anything could be (short of attacks involving splicing the twisted pair or cable), but all kinds of games played with gateways have made it vulnerable as far as caller identification is concerned. But here--at least in the US--there are strong regulations that protect the POTS end-points (i.e., consumers). The major point though is that wireless networking has been sufficiently secure in 3G and 4G. To this end, a mobile phone with the SIM application is a strong authentication device, and there are many interesting way to bootstrap this into IdP services. We had a very interesting discussion during the BrowserID session, which came I think very closely to this point. Igor On 4/3/2012 12:59 PM, Iñaki Baz Castillo wrote: > ... > And for sure you are 100% right. PSTN is insecure by nature (signed: a > telco worker). > > >
- Re: [rtcweb] Identity and PSTN gateways Olle E. Johansson
- [rtcweb] Identity and PSTN gateways Harald Alvestrand
- Re: [rtcweb] Identity and PSTN gateways Iñaki Baz Castillo
- Re: [rtcweb] Identity and PSTN gateways Harald Alvestrand
- Re: [rtcweb] Identity and PSTN gateways Iñaki Baz Castillo
- Re: [rtcweb] Identity and PSTN gateways Lu, Hui-Lan (Huilan)
- Re: [rtcweb] Identity and PSTN gateways Martin Thomson
- Re: [rtcweb] Identity and PSTN gateways Martin Thomson
- Re: [rtcweb] Identity and PSTN gateways Ravindran, Parthasarathi
- Re: [rtcweb] Identity and PSTN gateways Iñaki Baz Castillo
- Re: [rtcweb] Identity and PSTN gateways Roman Shpount
- Re: [rtcweb] Identity and PSTN gateways Iñaki Baz Castillo
- Re: [rtcweb] Identity and PSTN gateways Roman Shpount
- Re: [rtcweb] Identity and PSTN gateways Roman Shpount
- Re: [rtcweb] Identity and PSTN gateways Olle E. Johansson
- Re: [rtcweb] Identity and PSTN gateways Iñaki Baz Castillo
- Re: [rtcweb] Identity and PSTN gateways Igor Faynberg
- Re: [rtcweb] Identity and PSTN gateways Randell Jesup
- Re: [rtcweb] Identity and PSTN gateways Iñaki Baz Castillo
- Re: [rtcweb] Identity and PSTN gateways Randell Jesup