Old email, but I wanted to respond. Takumi Ohba wrote:
> Hi, > > Suppose a malicious user A initiates a call to a user B with the following > INVITE to pretend a user C; > > INVITE > From: SIP URL of user C > Remote-Party-ID: SIP URL of user A; privacy=full > > As in the sip-privacy draft, the proxy that serves to the user A verifies > the Remote-Party-ID header field and it passes. > However, the proxy has no way to check the contents of the From header, as > they should be a cryptographically random identifier for the userinfo, and a > non-identifying hostname, as specified in the draft. If you want to verify the authenticity of the caller, the right way to do that is end-to-end authentication. Unfortunately, that is quite hard, since you frequently receive calls from people you don't know, and therefore some kind of user level PKI needs to be around in deployed, which is not the case. Relying on hbh transitivity of trust for authenticated user identities can also work, but is risky IMHO and not very likely. -Jonathan R. -- Jonathan D. Rosenberg, Ph.D. 72 Eagle Rock Avenue Chief Scientist First Floor dynamicsoft East Hanover, NJ 07936 [EMAIL PROTECTED] FAX: (973) 952-5050 http://www.jdrosen.net PH: (973) 952-5000 http://www.dynamicsoft.com _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
