Hi! Sorry for jumping in so late. I have a question regarding the first attack scenario:
What if Bob sends a reINVITE immediately after Alice has accepted the phone call? If the reINVITE contains Bob's SDP and Alice's client accept unsigned reIVNTEs then Bob would also have 2-way audio. regards klaus Hadriel Kaplan schrieb: > FYI, the draft on the Baiting attack with RFC4474 has been updated: > http://www.ietf.org/internet-drafts/draft-kaplan-sip-baiting-attack-02.txt > > I changed section 12.1 possible solution to the problem of the request being > delivered to unintended recipients. > > This new solution only works for true SIP ends, vs. to a PSTN-gateway, but > based on the mailing list discussion so far that appears to be a behavior the > WG may want in the end. > (Personally I feel one might as well then only make RFC4474 work for SIPS > URIs with S/MIME bodies, but that's just personal opinion) > > -hadriel > > _______________________________________________ > Sip mailing list http://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use [EMAIL PROTECTED] for questions on current sip > Use [EMAIL PROTECTED] for new developments on the application of sip _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
