On Feb 27, 2007, at 10:10 PM, g.caron@bell.ca wrote:
> - If the location provided verbally matches with the automated un-
> signed/fail-signed location, be suspicious before dispatching. Post-
> call investigation is required.
>
> - If the location provided verbally don’t match with the automated
> signed location, process the call and report the error afterward to
> the location source (presumably the LIS operator).
Guy,
Here's the problem with that logic. Administrative screw-ups can
cause both of those problems, yet one type of screw up is considered
suspicious while the other type is not. From a security perspective,
this opens up a social engineering attack... the caller needs no
technical skill to defeat the signed location. All they need to do
is just verbally disagree with it.
-andy
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Wed, 7 Mar 2007 10:20:25 -0500
This archive was generated by hypermail 2.1.8 : Wed Mar 07 2007 - 10:18:48 EST