Re: Policy makers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/21/2013 8:24 AM, Richard Shockey wrote:
The issue in STIR is particularly distressing. The regulators are actively
asking for help here and I'm convinced the IETF can make a substantial
contribution here.

http://www.cs.columbia.edu/~hgs/papers/2013/2013-source-identity.pptx
...
http://tools.ietf.org/html/draft-peterson-secure-origin-ps-00



STIR is having an interesting discussion about viable architectural models.

The basic problem it seeks to solve is validating the authorization to use a given telephone number in the SIP From field.

The main proposal is for two mechanisms to be operated in parallel, for all SIP-originated calls (and maybe all SS7>SIP calls):

1. In-band signing - package a signature in a separate field, that carries the semantics of authorization for the From field number. The proposal calls for the public key to be in a credential, managed in the same loose-trust bushy-root CA anchor model used for Web TLS server authentication.

2. Out-of-band caching - store signature information in a public cache, to provide recovery from transit handling that destroys the in-band signature, such as transit over SS7 (SIP-SS7-SIP). The validation agent checks the cache whenever a valid signature is not present. A proposal for this is at:


https://github.com/ekr/ietf-drafts/blob/master/draft-rescorla-callerid-fallback.txt


Draft charter for the activity:

   http://www.ietf.org/mail-archive/web/stir/current/msg00200.html


Mailing list:

   Mailing List: ​https://www.ietf.org/mailman/listinfo/stir


d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]