IETF Logo Mail Archive

[Sipping] draft-camarillo-sipping-sbc-funcs-02.txt

henry@sinnreich.net Thu, 20 October 2005 22:34 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ESizo-0005qm-1e; Thu, 20 Oct 2005 18:34:48 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ESizl-0005oj-I0 for sipping@megatron.ietf.org; Thu, 20 Oct 2005 18:34:45 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA19256 for <sipping@ietf.org>; Thu, 20 Oct 2005 18:34:36 -0400 (EDT)
From: henry@sinnreich.net
Message-Id: <200510202234.SAA19256@ietf.org>
Received: from xmail.bluehost.com ([70.98.111.4]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1ESjBm-00048X-3j for sipping@ietf.org; Thu, 20 Oct 2005 18:47:11 -0400
Received: (qmail 24069 invoked by uid 0); 20 Oct 2005 22:34:02 -0000
Received: from unknown (HELO box6.bluehost.com) (70.98.111.61) by xmail.bluehost.com with SMTP; 20 Oct 2005 22:34:02 -0000
Received: from c-24-1-136-53.hsd1.tx.comcast.net ([24.1.136.53] helo=1AB764895C324D3) by box6.bluehost.com with esmtp (Exim 4.52) id 1ESizW-0005N3-9H; Thu, 20 Oct 2005 16:34:30 -0600
To: 'sipping' <sipping@ietf.org>
Date: Thu, 20 Oct 2005 17:34:10 -0500
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
In-reply-to: <200510111545.LAA10366@ietf.org>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Thread-Index: AcXN50oe+1T9HFhIR8idQWMKjH4nygAhQnUQAAG8TAAAAJZKYAABOrfQAdICEIA=
X-PopBeforeSMTPSenders: henry@sinnreich.net
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - box6.bluehost.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12]
X-AntiAbuse: Sender Address Domain - sinnreich.net
X-Spam-Score: 2.9 (++)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Content-Transfer-Encoding: 7bit
Cc: bpenfield@acmepacket.com, alan@jasomi.com, 'Dean Willis' <deanwillis@cisco.com>, Jani.Hautakorpi@ericsson.com, mankin@psg.com, 'Gonzalo Camarillo' <Gonzalo.Camarillo@ericsson.com>, mbhatia@nextone.com
Subject: [Sipping] draft-camarillo-sipping-sbc-funcs-02.txt
X-BeenThere: sipping@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SIPPING Working Group \(applications of SIP\)" <sipping.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sipping@ietf.org>
List-Help: <mailto:sipping-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sipping>, <mailto:sipping-request@ietf.org?subject=subscribe>
Sender: sipping-bounces@ietf.org
Errors-To: sipping-bounces@ietf.org

The I-D "SIP-Unfriendly Functions in Current
Communication Architectures"
http://www.ietf.org/internet-drafts/draft-camarillo-sipping-sbc-funcs-02.txt


 is both very timely and an excellent piece of work.

The section "4.Security Considerations" needs however to go in some more
detail. For example:

- If the SBC is compromised (it happens on the Internet) then what are the
vulnerabilities for (1) SIP signaling and (2) RTP media streams?

- What possible attacks and vulnerabilities are there for the users and for
the operator of the SBC? (DOS, SPIT, impersonation, telemarketing, MIM,
theft of service, traffic monitoring, privacy, collecting internal IP
addresses, other - if all this may indeed apply.) What are the techniques
for securing an SBC, besides obscurity?

- How are the above vulnerabilities affected from keeping call state in the
SBC?

Maybe a section on interoperability could also be added. If two networks use
SBCs from different vendors, how will the interoperability be tested with
two SBCs in the path? See also the transparency criteria from Dean Willis.

Congratulations again for dealing with this difficult topic with such
clarity!

Thanks, Henry


_______________________________________________
Sipping mailing list  https://www1.ietf.org/mailman/listinfo/sipping
This list is for NEW development of the application of SIP
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sip@ietf.org for new developments of core SIP

v2.23.0 | Report a Bug | By Email