Re: [VIPR] Agenda for 2011/09/23
Dean Willis <dean.willis@softarmor.com> Wed, 12 October 2011 17:40 UTC
Return-Path: <dean.willis@softarmor.com>
X-Original-To: vipr@ietfa.amsl.com
Delivered-To: vipr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id B986C21F8D0E for <vipr@ietfa.amsl.com>;
Wed, 12 Oct 2011 10:40:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.855
X-Spam-Level:
X-Spam-Status: No, score=-102.855 tagged_above=-999 required=5 tests=[AWL=0.745,
BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8sQTd49h1Jvy for
<vipr@ietfa.amsl.com>; Wed, 12 Oct 2011 10:40:32 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com
[209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id D574521F8CFE for
<vipr@ietf.org>; Wed, 12 Oct 2011 10:40:31 -0700 (PDT)
Received: by ywm3 with SMTP id 3so289805ywm.31 for <vipr@ietf.org>;
Wed, 12 Oct 2011 10:40:31 -0700 (PDT)
Received: by 10.146.181.41 with SMTP id d41mr18977yaf.11.1318441231419;
Wed, 12 Oct 2011 10:40:31 -0700 (PDT)
Received: from dwillis-mb1.local (cpe-66-25-15-110.tx.res.rr.com.
[66.25.15.110]) by mx.google.com with ESMTPS id
k31sm8001864ann.15.2011.10.12.10.40.28 (version=SSLv3 cipher=OTHER);
Wed, 12 Oct 2011 10:40:29 -0700 (PDT)
Message-ID: <4E95D10B.10203@softarmor.com>
Date: Wed, 12 Oct 2011 12:40:27 -0500
From: Dean Willis <dean.willis@softarmor.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6;
rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1
MIME-Version: 1.0
To: Marc Petit-Huguenin <petithug@acm.org>
References: <4E7B5199.5000409@petit-huguenin.org> <3175C4C5F682C145B25808EB5737F16C0ECA7F83@xmb-sjc-21b.amer.cisco.com> <1D062974A4845E4D8A343C653804920206805382@XMB-BGL-414.cisco.com> <4E89E235.6000908@acm.org> <1D062974A4845E4D8A343C6538049202068FE74D@XMB-BGL-414.cisco.com> <4E8F03CE.9000504@acm.org>
<4E8F276B.5090200@softarmor.com> <4E9493E6.8000804@acm.org>
In-Reply-To: <4E9493E6.8000804@acm.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Cc: vipr@ietf.org
Subject: Re: [VIPR] Agenda for 2011/09/23
X-BeenThere: vipr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Verification Involving PSTN Reachability working group <vipr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vipr>,
<mailto:vipr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vipr>
List-Post: <mailto:vipr@ietf.org>
List-Help: <mailto:vipr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vipr>,
<mailto:vipr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2011 17:40:32 -0000
On 10/11/11 2:07 PM, Marc Petit-Huguenin wrote: > Perhaps one way to solve this would be to lower the priority of a route if a > subsequent SIP call made using it does not match the capabilities advertized. > It could also be done with an OPTIONS, but the response can also be faked. It's > a little bit more difficult to fake the actual video (I suppose that wideband > audio can be faked by resampling the narrowband signal). My local broadcaster sends a lot of fake HDTV by just upsampling the SD signal. The problem is that a transit provider might get "greedy" and advertise capabilities they can't deliver in order to get more traffic. But the ability of a route to support a capability says nothing about what capability the called party might allow on a given call, so a caller can't just deprioritize a route when a completed call receives less capability than the route advertised. Nor can the called party withdraw validation support for a route just because it receives low-capability calls over that route, because the callers themselves might have low capabilities (or desires). Essentially, we're trying to detect a MITM "capability bid-down" attack. This might be a generic SIP problem, not just a ViPR problem, although we could perhaps use ViPR to help cure it. If we had a way for the caller to securely express the capabilities that the route is offering, then the callee could compare those capabilities to what it thinks the route should be offering, and thereby filter out "bad" routes. However, every attempt I make to solve this falls into "but the greedy intermediary could fake it" because they have access to the only actual authentication data in the system. It's a catch-22; by giving a transit provider access to your call verification data, you give them the keys to the city. The only answer I have so far is that one could audit the routes pointing at oneself and get upset about bogus/misleading entries. -- Dean
- [VIPR] Agenda for 2011/09/23 Marc Petit-Huguenin
- Re: [VIPR] Agenda for 2011/09/23 Hakim Mehmood (naim)
- Re: [VIPR] Agenda for 2011/09/23 Muthu Arul Mozhi Perumal (mperumal)
- Re: [VIPR] Agenda for 2011/09/23 Marc Petit-Huguenin
- Re: [VIPR] Agenda for 2011/09/23 Muthu Arul Mozhi Perumal (mperumal)
- Re: [VIPR] Agenda for 2011/09/23 Marc Petit-Huguenin
- Re: [VIPR] Agenda for 2011/09/23 Dean Willis
- Re: [VIPR] Agenda for 2011/09/23 Marc Petit-Huguenin
- Re: [VIPR] Agenda for 2011/09/23 Dean Willis