> Dan Wing wrote: > > Thanks for publishing that attack. It has similarities > > with the attack described by Hadriel in > > http://tools.ietf.org/html/draft-kaplan-sip-baiting-attack. > > Yes, it also modifies part of the request which are not signed by the > authentication/signature algorithm. I should mention this draft in a > later version. > > However, the goal is not the same. Hadriel's draft is focused on > impersonation, whereby the other draft is focused on breaking the > authentication done at the proxy.
By breaking the authentication the attacker can impersonate another user. For example, that proxy might create an RFC4474 signature. > The second difference is that it works right now with any > publicly reachable SIP provider. Yes, I agree that makes it much more interesting. -d _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
