On Apr 9, 2008, at 11:53 AM, Michael Thomas wrote: > >> Now, assume JoeBob is instead named "[EMAIL PROTECTED]". All >> of the above works fine, until somebody calls into example.com's >> PSTN gateway from a spoofed Caller-ID of "18005551212" and asks >> said gateway to connect them to messages.example.net >> > > So just don't sign it. Or sign it as @example.com. Or just tell the > voice > mail provider not to create voice mail boxes for users with [EMAIL PROTECTED] > like addresses. This really seems tenuous to me, Dean.
I'm getting REALLY TIRED OF EXPLAINING THIS. Yeah, I know, one must say things ten time to be heard once. But this is eleven . . . ;-) We need to sign it, because SRTP-DTLS relies on the signature in order to protect the fingerprint of the media key from MITM attacks. In short, SRTP-DTLS requires RFC 4474 (for full function), and PSTN interaction precludes RFC 4474. Something has to give. As I see it, we MUST pick at least one of the following: 1) Change RFC 4474 so that it can be used with phone gateways. 2) Change DTLS-SRTP so that it doesn't depend on RFC 4474. 3) Decide that we can live without integrity protection of the media key on calls transiting PSTN gateways, and document this. We already have a strong argument for amending RFC 4474 so that SBCs that tweak the SDP don't break the Identity signature. If we do this, add the "not really an identity" flag, and mod DTLS-SRTP to account for the changes, then I think we have a full solution. -- Dean _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
