Re: [stir] Permitted spoofing
Wilhelm Wimmreuter <wilhelm@wimmreuter.de> Wed, 12 June 2013 08:43 UTC
Return-Path: <wilhelm@wimmreuter.de>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58B6821F9BEA for <stir@ietfa.amsl.com>; Wed, 12 Jun 2013 01:43:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DTyEWWsHM8SA for <stir@ietfa.amsl.com>; Wed, 12 Jun 2013 01:43:24 -0700 (PDT)
Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187]) by ietfa.amsl.com (Postfix) with ESMTP id 4C56321F9BF1 for <stir@ietf.org>; Wed, 12 Jun 2013 01:43:20 -0700 (PDT)
Received: from wwnet.ww (p5DE95C29.dip0.t-ipconnect.de [93.233.92.41]) by mrelayeu.kundenserver.de (node=mreu2) with ESMTP (Nemesis) id 0Lkkvg-1UEio63bKm-00b42f; Wed, 12 Jun 2013 10:43:18 +0200
Received: by wwnet.ww (Postfix, from userid 783) id 47EBA88D68C; Wed, 12 Jun 2013 10:43:18 +0200 (CEST)
Received: from [192.168.178.24] (unknown [192.168.178.24]) (Authenticated sender: williw) by wwnet.ww (Postfix) with ESMTPSA id 8FA0F88D457; Wed, 12 Jun 2013 10:43:14 +0200 (CEST)
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset="us-ascii"
From: Wilhelm Wimmreuter <wilhelm@wimmreuter.de>
In-Reply-To: <51B799DD.6070705@dcrocker.net>
Date: Wed, 12 Jun 2013 10:43:12 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <C933BC70-42F9-4D44-B7EF-DDF18693089E@wimmreuter.de>
References: <CDDD0303.1CE56%brian.rosen@neustar.biz> <35573943-5A08-4CAB-AEA7-559B5F870F41@wimmreuter.de> <51B799DD.6070705@dcrocker.net>
To: Dave Crocker <dhc2@dcrocker.net>
X-Mailer: Apple Mail (2.1085)
X-Provags-ID: V02:K0:H7h9RC/PUg9bgcRTKjK5m1u53/ZO7WpGPpbnJWH/IXx mVNGsQvOjXsmeqPbWxut7//k8Ous27neyfh1j3k2nNN6PJG/Gj tG3JaM96m8/l2Qjd5UBulOpciwuXZkgNzRsIBxYPcx/HXjERkJ IIKNx5kwIc9qrsyKLOFBlJlVnScB1I9AlTQFU6WS14kpQdni8K VDtr33MPLXOh0BLIuum4ehkB+6FGMNM/KCoaylrz0S3XBOoj6t I658y98aNqlI+jh3NKUmjYTB9msQID7L8qepUbL33opHmp7lQL Ua28xTah5EXXAEDem55kVWAXDxtyqpyLZ/qI/0cTOsoSDshgGn IosOlnmzPICojTcvgR4nUvmTxnKq37Mv+oc6IbFCq
Cc: "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] Permitted spoofing
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2013 08:43:28 -0000
For the sake of strong authentication like secure Caller-ID we definitely need object-based proof only. This is an important distinction I guess and we shall keep that in mind. Willi On 11.06.2013, at 23:42, Dave Crocker wrote: > On 6/11/2013 2:35 PM, Wilhelm Wimmreuter wrote: >> OK, but server authentication is definitely next. >> DNS is the only way to reach these servers today. We are farther on the Internet than typical PSTN paradigms allow us to follow. >> >> SIP does not have decent server authentication and therefore one can pretend to be your telecom server of choice. > > > Well... > > Server authentication is needed if the model is trust via the channel. > > It isn't needed if the trust goes with the data object, independent of the channel. > > DNSSec and DKIM are object-based. Of course, TLS is channel-based. > > d/ > > -- > Dave Crocker > Brandenburg InternetWorking > bbiw.net > _______________________________________________ > stir mailing list > stir@ietf.org > https://www.ietf.org/mailman/listinfo/stir >
- Re: [stir] Call Forward/Follow-me Alan Johnston
- [stir] Call Forward/Follow-me Rosen, Brian
- Re: [stir] Call Forward/Follow-me Paul Kyzivat
- Re: [stir] Call Forward/Follow-me Hadriel Kaplan
- Re: [stir] Call Forward/Follow-me Bernard Aboba
- Re: [stir] Permitted spoofing Henning Schulzrinne
- Re: [stir] Permitted spoofing Richard Barnes
- Re: [stir] Permitted spoofing Hadriel Kaplan
- Re: [stir] Permitted spoofing Michael Hammer
- Re: [stir] Permitted spoofing Hadriel Kaplan
- Re: [stir] Permitted spoofing Richard Shockey
- Re: [stir] Permitted spoofing Rosen, Brian
- Re: [stir] Call Forward/Follow-me Paul Kyzivat
- Re: [stir] Permitted spoofing Michael Hammer
- Re: [stir] Permitted spoofing Michael Hammer
- Re: [stir] Permitted spoofing Rosen, Brian
- Re: [stir] Permitted spoofing Rosen, Brian
- Re: [stir] Permitted spoofing Dave Crocker
- Re: [stir] Permitted spoofing Wilhelm Wimmreuter
- Re: [stir] Permitted spoofing Rosen, Brian
- Re: [stir] Permitted spoofing Wilhelm Wimmreuter
- Re: [stir] Permitted spoofing Dave Crocker
- Re: [stir] Permitted spoofing Wilhelm Wimmreuter