On 03.12.2019 03:59, volga629 via Users wrote:
If call from originator is being replaced by middle with same source
and destination and change Identity header with keys and certificate
location is possible that terminator will authorize it ?
Hi Volga,
Yes, it is perfectly possible to rebuild the Identity header and
re-attribute the
asserted source/destination to yourself. In order to do this, you only
need to own
an officially recognized STIR/SHAKEN X509 cert along with its private
key, issued by
a STIR/SHAKEN certification authority.
So, while this is possible, I don't see why anyone in their right mind
would do it.
Doing so would jeopardize the image of the carrier, putting their
business at risk.
It's similar to how public IP routing in the internet works: any ISP
could MITM any
piece of traffic, yet none do. Or do they? :)
Best regards,
--
Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
