RFC 7340 on Secure Telephone Identity Problem Statement and Requirements

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A new Request for Comments is now available in online RFC libraries.

        
        RFC 7340

        Title:      Secure Telephone Identity Problem Statement 
                    and Requirements 
        Author:     J. Peterson, H. Schulzrinne, H. Tschofenig
        Status:     Informational
        Stream:     IETF
        Date:       September 2014
        Mailbox:    jon.peterson@neustar.biz, 
                    hgs@cs.columbia.edu, 
                    Hannes.Tschofenig@gmx.net
        Pages:      25
        Characters: 65026
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-stir-problem-statement-05.txt

        URL:        https://www.rfc-editor.org/rfc/rfc7340.txt

Over the past decade, Voice over IP (VoIP) systems based on SIP have
replaced many traditional telephony deployments.  Interworking VoIP
systems with the traditional telephone network has reduced the
overall level of calling party number and Caller ID assurances by
granting attackers new and inexpensive tools to impersonate or
obscure calling party numbers when orchestrating bulk commercial
calling schemes, hacking voicemail boxes, or even circumventing
multi-factor authentication systems trusted by banks.  Despite
previous attempts to provide a secure assurance of the origin of SIP
communications, we still lack effective standards for identifying the
calling party in a VoIP session.  This document examines the reasons
why providing identity for telephone numbers on the Internet has
proven so difficult and shows how changes in the last decade may
provide us with new strategies for attaching a secure identity to SIP
sessions.  It also gives high-level requirements for a solution in
this space.

This document is a product of the Secure Telephone Identity Revisited Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/rfc.html

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux