RE: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures)

From: Dawson, Martin ^lt;Martin.Dawson@andrew.com>
Date: Mon Feb 26 2007 - 22:12:42 EST

What security hole? Please spell out exactly how you feel that ALIs (which is different to ANI anyway - no pun intended)are insecure? And, in any case, how has that got anything to do with how easy it is for an emergency caller from another country to appear to be calling from the PSAP catchment? Martin -----Original Message----- From: Andrew Newton [mailto:andy@hxr.us] Sent: Tuesday, 27 February 2007 2:04 PM To: g.caron@bell.ca Cc: Dawson, Martin; geopriv@ietf.org; mlinsner@cisco.com Subject: Re: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures) On Feb 26, 2007, at 9:50 PM, g.caron@bell.ca wrote: > When E9-1-1 was first introduced, there was no way at that time > that the ANI could be spoofed. It has been engineered to be > secured. Technology evolution on the PSTN created some "security > holes" and the Emergency Services community is quite concern about > those. From what I can tell, ANIs where originally created for billing purposes and only later repurposed for 9-1-1. They've never been secure. But my original statement was, there is no big outcry to fix the security hole in the PSTN. Sure it is a known problem. > For 1), it was mentioned this was a generalized threat to the > Internet. It may not be for this solution to solve it then. Let's be clear, crypto provides its own new attack vector. It isn't just that you have to worry about the standard class of threats faced my an email server or blog provider. > For 2), in the case where the signed LO (SLO) is passed to the > PSAP, it should not preclude the call taker to confirm the address > with the caller. This is normal procedures. Actually, a signed LO > should not create a higher sense of trust as with a call from the > PSTN today, but the lack of signature on the LO should raise > suspicion and direct the call taker to take special care with that > call. What, exactly, does the PSAP do differently with no signature or an invalid signature? -andy ------------------------------------------------------------------------------------------------ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any unauthorized use of this email is prohibited. ------------------------------------------------------------------------------------------------ [mf2]

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Mon, 26 Feb 2007 21:12:42 -0600

This archive was generated by hypermail 2.1.8 : Mon Feb 26 2007 - 22:12:26 EST