Re: [stir] Permitted spoofing
Dave Crocker <dhc2@dcrocker.net> Tue, 11 June 2013 21:43 UTC
Return-Path: <dhc2@dcrocker.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCBD421F99FE for <stir@ietfa.amsl.com>; Tue, 11 Jun 2013 14:43:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jkwSMOqk7Rwi for <stir@ietfa.amsl.com>; Tue, 11 Jun 2013 14:43:02 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id C4F4C21F99ED for <stir@ietf.org>; Tue, 11 Jun 2013 14:43:02 -0700 (PDT)
Received: from [10.2.4.14] ([64.9.249.125]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id r5BLgwX4025593 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 11 Jun 2013 14:43:02 -0700
Message-ID: <51B799DD.6070705@dcrocker.net>
Date: Tue, 11 Jun 2013 14:42:53 -0700
From: Dave Crocker <dhc2@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6
MIME-Version: 1.0
To: Wilhelm Wimmreuter <wilhelm@wimmreuter.de>
References: <CDDD0303.1CE56%brian.rosen@neustar.biz> <35573943-5A08-4CAB-AEA7-559B5F870F41@wimmreuter.de>
In-Reply-To: <35573943-5A08-4CAB-AEA7-559B5F870F41@wimmreuter.de>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.66]); Tue, 11 Jun 2013 14:43:02 -0700 (PDT)
Cc: "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] Permitted spoofing
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2013 21:43:08 -0000
On 6/11/2013 2:35 PM, Wilhelm Wimmreuter wrote: > OK, but server authentication is definitely next. > DNS is the only way to reach these servers today. We are farther on the Internet than typical PSTN paradigms allow us to follow. > > SIP does not have decent server authentication and therefore one can pretend to be your telecom server of choice. Well... Server authentication is needed if the model is trust via the channel. It isn't needed if the trust goes with the data object, independent of the channel. DNSSec and DKIM are object-based. Of course, TLS is channel-based. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
- Re: [stir] Call Forward/Follow-me Alan Johnston
- [stir] Call Forward/Follow-me Rosen, Brian
- Re: [stir] Call Forward/Follow-me Paul Kyzivat
- Re: [stir] Call Forward/Follow-me Hadriel Kaplan
- Re: [stir] Call Forward/Follow-me Bernard Aboba
- Re: [stir] Permitted spoofing Henning Schulzrinne
- Re: [stir] Permitted spoofing Richard Barnes
- Re: [stir] Permitted spoofing Hadriel Kaplan
- Re: [stir] Permitted spoofing Michael Hammer
- Re: [stir] Permitted spoofing Hadriel Kaplan
- Re: [stir] Permitted spoofing Richard Shockey
- Re: [stir] Permitted spoofing Rosen, Brian
- Re: [stir] Call Forward/Follow-me Paul Kyzivat
- Re: [stir] Permitted spoofing Michael Hammer
- Re: [stir] Permitted spoofing Michael Hammer
- Re: [stir] Permitted spoofing Rosen, Brian
- Re: [stir] Permitted spoofing Rosen, Brian
- Re: [stir] Permitted spoofing Dave Crocker
- Re: [stir] Permitted spoofing Wilhelm Wimmreuter
- Re: [stir] Permitted spoofing Rosen, Brian
- Re: [stir] Permitted spoofing Wilhelm Wimmreuter
- Re: [stir] Permitted spoofing Dave Crocker
- Re: [stir] Permitted spoofing Wilhelm Wimmreuter