IETF Logo Mail Archive

Re: [stir] I-D Action: draft-kaplan-stir-ikes-out-00.txt

<philippe.fouquart@orange.com> Thu, 25 July 2013 15:48 UTC

Return-Path: <philippe.fouquart@orange.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2340721F8423 for <stir@ietfa.amsl.com>; Thu, 25 Jul 2013 08:48:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wpDropO5ZP47 for <stir@ietfa.amsl.com>; Thu, 25 Jul 2013 08:48:34 -0700 (PDT)
Received: from relais-inet.francetelecom.com (relais-ias92.francetelecom.com [193.251.215.92]) by ietfa.amsl.com (Postfix) with ESMTP id C42FA21F8456 for <stir@ietf.org>; Thu, 25 Jul 2013 08:48:33 -0700 (PDT)
Received: from omfedm06.si.francetelecom.fr (unknown [xx.xx.xx.2]) by omfedm14.si.francetelecom.fr (ESMTP service) with ESMTP id E3CD022D13C; Thu, 25 Jul 2013 17:48:32 +0200 (CEST)
Received: from Exchangemail-eme1.itn.ftgroup (unknown [10.114.1.183]) by omfedm06.si.francetelecom.fr (ESMTP service) with ESMTP id C3FB327C06F; Thu, 25 Jul 2013 17:48:32 +0200 (CEST)
Received: from PEXCVZYM12.corporate.adroot.infra.ftgroup ([fe80::81f:1640:4749:5d13]) by PEXCVZYH02.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.02.0328.009; Thu, 25 Jul 2013 17:48:32 +0200
From: philippe.fouquart@orange.com
To: Hadriel Kaplan <hadriel.kaplan@oracle.com>
Thread-Topic: [stir] I-D Action: draft-kaplan-stir-ikes-out-00.txt
Thread-Index: AQHOfrnJIrVpZ/tZPUKeljXpre8LSZlychJwgABBJQCAANhWAIAAMFyAgAAkSPCAAO7UAIAAz3/Q
Date: Thu, 25 Jul 2013 15:48:31 +0000
Message-ID: <28459_1374767312_51F148D0_28459_2743_1_B5939C6860701C49AA39C5DA5189448B0B5B5B@PEXCVZYM12.corporate.adroot.infra.ftgroup>
References: <20130712043221.11767.74779.idtracker@ietfa.amsl.com> <1F4B4D44-BD3E-4995-876A-147832C925F9@oracle.com> <19893_1374596593_51EEADF1_19893_9071_1_B5939C6860701C49AA39C5DA5189448B0B55A6@PEXCVZYM12.corporate.adroot.infra.ftgroup> <15BB6D07-F5D4-4945-80B9-0648CB32A6CA@oracle.com> <7699_1374659827_51EFA4F3_7699_4570_1_B5939C6860701C49AA39C5DA5189448B0B576C@PEXCVZYM12.corporate.adroot.infra.ftgroup> <4380BD56-E3E5-4CBD-B329-2D9964F91E01@oracle.com> <17414_1374680796_51EFF6DC_17414_333_1_B5939C6860701C49AA39C5DA5189448B0B5956@PEXCVZYM12.corporate.adroot.infra.ftgroup> <A0EFAA3C-9A6C-4EF0-B3F0-2302006C4858@oracle.com>
In-Reply-To: <A0EFAA3C-9A6C-4EF0-B3F0-2302006C4858@oracle.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.197.38.3]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2013.7.25.150624
Cc: "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] I-D Action: draft-kaplan-stir-ikes-out-00.txt
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jul 2013 15:48:39 -0000

Thanks. More in-line...

Philippe Fouquart
Orange Labs Networks
+33 (0) 1 45 29 58 13


-----Original Message-----
From: Hadriel Kaplan [mailto:hadriel.kaplan@oracle.com] 
Sent: Thursday, July 25, 2013 7:23 AM
To: FOUQUART Philippe OLNC/OLN
Cc: stir@ietf.org
Subject: Re: [stir] I-D Action: draft-kaplan-stir-ikes-out-00.txt


On Jul 24, 2013, at 11:46 AM, <philippe.fouquart@orange.com> wrote:

> [PhF] I'm missing something here: how does an interconnect point detect that a particular end site expect UUI or not? Suppose one of your malicious source adds those RFC 6567 UUIs to get through, how would you possibly know upstream whether it is legitimate or not, as you said it's a local policy? 

Sorry, I didn't mean the ingress point (SBC/IBCF) of a carrier could block it - I just meant the carrier could block it somewhere, for example in the S-CSCF that routes the call to the IP-PBX's trunk, or an SBC connecting to the IP-PBX trunk, or whatever. 

[PhF]  OK, thanks. The difference then is that the call server would then know whether UUI is supported to/from a particular site, it doesn't mean that UUI 'must' or 'must not' be present for a particular message. (see next) 

> The hard part is how to block it for IP-PBXs that do expect 6567 UUIs.  
> [PhF] It seems to me that part of the problem is precisely that you don't know which do and which don't.  

As far as I know, the carriers know if a PBX-trunk/Enterprise-customer has UUI support or not.  For example it's in the service contract/agreement with the Enterprise for SIP trunk service.  Is that not the case? (I could easily be wrong about that - it was just what I heard)

[PhF] It is. I don't know if it's the general situation for all such contracts but indeed for the baseline offer I'm familiar with, UUI is actually always included by default, but the endpoint may or may not use it, or may use it only occasionally, so at a given point in time, how would the network know whether to expect UUI to/from that site? 

-hadriel


_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email