IETF Logo Mail Archive

Re: [stir] Permitted spoofing

"Rosen, Brian" <Brian.Rosen@neustar.biz> Tue, 11 June 2013 13:04 UTC

Return-Path: <brian.rosen@neustar.biz>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F83421F8EBE for <stir@ietfa.amsl.com>; Tue, 11 Jun 2013 06:04:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.188
X-Spam-Level:
X-Spam-Status: No, score=-6.188 tagged_above=-999 required=5 tests=[AWL=-0.142, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d3KYKvCN-oaT for <stir@ietfa.amsl.com>; Tue, 11 Jun 2013 06:04:18 -0700 (PDT)
Received: from neustar.com (keys.neustar.biz [156.154.17.104]) by ietfa.amsl.com (Postfix) with ESMTP id BC6C621F8476 for <stir@ietf.org>; Tue, 11 Jun 2013 06:04:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neustar.biz; s=neustarbiz; t=1370956018; x=1686313945; q=dns/txt; h=From:Subject:Date:Message-ID:Content-Language: Content-Type:Content-ID:Content-Transfer-Encoding; bh=IjzT8U1084 c8e5B/Rmy/XHxSf0/w3HUhFDxQNczMoks=; b=d820pKeAEK91wWsN0hQ8HdkRWV qF0avOFOEB02YAViQrGTZXlpNET8WDVgCzO/uvpFvEIJg6OR+/tgyBz7Y1HA==
Received: from ([10.31.13.242]) by stihiron2.va.neustar.com with ESMTP with TLS id J041124103.24935089; Tue, 11 Jun 2013 09:06:57 -0400
Received: from STNTEXCHCASHT04.cis.neustar.com (10.31.15.156) by STNTEXCHHT03.cis.neustar.com (10.31.13.242) with Microsoft SMTP Server (TLS) id 8.3.279.1; Tue, 11 Jun 2013 09:03:55 -0400
Received: from stntexmb12.cis.neustar.com ([169.254.2.76]) by STNTEXCHCASHT04.cis.neustar.com ([::1]) with mapi id 14.02.0247.003; Tue, 11 Jun 2013 09:03:52 -0400
From: "Rosen, Brian" <Brian.Rosen@neustar.biz>
To: Michael Hammer <michael.hammer@yaanatech.com>
Thread-Topic: [stir] Permitted spoofing
Thread-Index: AQHOY+81QVR2lI4PHEaFqY34c3fHK5ksZHCAgAADK4CAAAkdAIAD3+GAgABy0gA=
Date: Tue, 11 Jun 2013 13:03:51 +0000
Message-ID: <02A4880B-8DBE-48D8-A5EC-DD82EC282527@neustar.biz>
References: <5DDB5576-CAEF-453C-8C90-0C6709DAD84F@neustar.biz> <172B7D9C-1E4F-49C7-90E5-5848682625CF@cs.columbia.edu> <15ABDCF6-F127-4E8B-807F-FC3FAD78B905@oracle.com> <00C069FD01E0324C9FFCADF539701DB3A03DAAEF@ex2k10mb2.corp.yaanatech.com> <E18AFC23-F162-4EEE-AAC1-FEA53438E15A@oracle.com> <00C069FD01E0324C9FFCADF539701DB3A03DB34C@ex2k10mb2.corp.yaanatech.com>
In-Reply-To: <00C069FD01E0324C9FFCADF539701DB3A03DB34C@ex2k10mb2.corp.yaanatech.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.33.193.6]
x-ems-proccessed: R64IxjzeHPwwd+efoj3ZcA==
x-ems-stamp: arvAzsd4OTv0gT88bMIzbg==
Content-Type: text/plain; charset="us-ascii"
Content-ID: <78A9833D5BA5C04E9DB0930870D385C7@neustar.biz>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "Rosen, Brian" <Brian.Rosen@neustar.biz>, "hgs@cs.columbia.edu" <hgs@cs.columbia.edu>, "hadriel.kaplan@oracle.com" <hadriel.kaplan@oracle.com>, "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] Permitted spoofing
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2013 13:04:25 -0000

For the problems we're aiming at (robocalling, vishing and swatting), they are 100% spoofed from the start.  MITM is a potential problem, which would be desirable to cut off, but it's not the stated problem we're trying to solve.

There may be some number of service providers in the path that are tolerant of the problem, but not really complicit.   The goal is to make them be intolerant of their customers not providing verifiable identity.

Brian

On Jun 11, 2013, at 2:12 AM, Michael Hammer <michael.hammer@yaanatech.com> wrote:

> If you stop it at the start, wouldn't that solve some fraction of the
> problem?
> 
> Do we know how many calls are spoofed from the start versus from
> redirections?
> 
> Mike
> 
> 
> -----Original Message-----
> From: Hadriel Kaplan [mailto:hadriel.kaplan@oracle.com] 
> Sent: Saturday, June 08, 2013 10:03 PM
> To: Michael Hammer
> Cc: hgs@cs.columbia.edu; Brian.Rosen@neustar.biz; stir@ietf.org
> Subject: Re: [stir] Permitted spoofing
> 
> 
> I think the hope was to proactively prevent a bogus call from succeeding, as
> opposed to reactively hunting down the perpetrators after it happened.  The
> latter case should be possible now, since CDRs record enough to backtrack to
> the upstream provider, and that provider's CDRs can find its upstream
> provider, etc.
> 
> -hadriel
> 
> 
> On Jun 8, 2013, at 2:30 PM, Michael Hammer <michael.hammer@yaanatech.com>
> wrote:
> 
>> Question:  Do we really care how many redirections occurred in the 
>> middle network hops if we know what the original source of the signaling
> was?
>> 
>> Put another way, if we have a legitimate scape-goat for a problem 
>> call, do you need to catch all the stooges all at once?
>> 
>> Mike
>> 
> 
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir

v2.23.0 | Report a Bug | By Email