Richard Shockey wrote:
>> Frank,
>>
>> So are you asserting that reliable callerid is not needed, or that it
>> is not possible?
>>
>> If its not needed, then I guess sip identity was a waste of time, as
>> is P-Asserted-ID. From should be good enough.
>>
>> The PSTN callerid is to a large extend based on transitive trust, and
>> is> reliable if the providers are careful. It breaks when providers
> trust
>> sources that they shouldn't. Apparently that is becoming an
>> increasingly common case.
>
> Really ??? Transitive trust seems to have worked reasonable well for the
> time being .what examples have you found of sources that providers thought
> they could trust but found they shouldn't have?
All the cases of callerid spoofing.
Paul
>> If we create a cert-based mechanism similar to 4474 that works for
>> phone numbers then there should be no way around it other than stealing
> the
>> certs. So it should be better than the PSTN.
>
>
> <sigh>
>
>
>>
>> Paul
>>
>> Frank W. Miller wrote:
>> >
>> > K, got this just after my response. Inline...
>> >
>> > -----Original Message-----
>> > From: Dean Willis [mailto:[EMAIL PROTECTED]
>> > Sent: Monday, February 18, 2008 10:49 AM
>> > To: Frank W. Miller
>> > Cc: IETF SIP List
>> > Subject: Re: [Sip] New I-D on RFC4474 and phone numbers
>> >
>> >
>> > On Feb 18, 2008, at 11:07 AM, Frank W. Miller wrote:
>> >
>> >> I'm a little confused by the need to "sign" phone numbers. I mean,
>> >> whomever
>> >> uses the number makes a call to or from it right? If the receiver
>> >> of the
>> >> call doesn't want to talk to whomever calls, don't they just hang
>> >> up? This
>> >> seems like a lot of extra work for little gain.
>> >
>> > How do they know who called? Can the thing being presented as
>> caller-
>> > ID be trusted?
>> >
>> > Example use case:
>> >
>> > You get a call from "Memorial Hospital" at 999-454-5678. Your child
>> > was apparently injured at school and is claimed to be in ICU, but
>> your
>> > signature is urgently needed before a life-saving procedure can be
>> > administered. You double-check by calling back 999-454-5678 and get
>> > the front desk at Memorial Hospital. Just to be sure, you look in
>> the
>> > phone book, and yep, that's their number. Of course, you rush to the
>> > hospital.
>> >
>> > FM: Call me crazy but I get weird caller-ids on my phones all the
>> time now,
>> > with the trusted PSTN. You don't think that people won't figure out
>> how to
>> > circumvent what we do if they really want to?
>> >
>> >
>> > While you're out, the burglar who faked the call cleans out your
>> house.
>> >
>> > Or even more fun: Your neighbors are having a really noisy party.
>> Call
>> > 911, faking their phone number as the source, and report a murder-
>> in-
>> > progress. Stand by and wait for the SWAT team to show up.
>> >
>> >
>> > FM: Any reasonable person would call the hospital back first before
>> rushing
>> > out. Besides, this same trick can be done now with Private or
>> Blocked in
>> > the PSTN.
>> >
>> > FM
>> >
>> >
>> >
>> >
>> > _______________________________________________
>> > Sip mailing list http://www.ietf.org/mailman/listinfo/sip
>> > This list is for NEW development of the core SIP Protocol
>> > Use [EMAIL PROTECTED] for questions on current sip
>> > Use [EMAIL PROTECTED] for new developments on the application of sip
>> >
>> _______________________________________________
>> Sip mailing list http://www.ietf.org/mailman/listinfo/sip
>> This list is for NEW development of the core SIP Protocol
>> Use [EMAIL PROTECTED] for questions on current sip
>> Use [EMAIL PROTECTED] for new developments on the application of sip
>
>
_______________________________________________
Sip mailing list http://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
