[SIPForum-techwg] Interoperability Draft v3 - a few more com m ents

Nekrasovskaia, Sofia sofia.nekrasovskaia at siemens.com
Wed Jan 18 10:03:27 EST 2006 

The example provided by Chris is very valid in an integration case, where
the SP may be able to provide some features/services to some of the PBX
users. Would it be possible without user portion validation?
I agree with Chris that the SP does need to validate the user portion of the
URI to prevent fraudulent activities...


  

-----Original Message-----
From: techwg-bounces at sipforum.org [mailto:techwg-bounces at sipforum.org] On
Behalf Of Chris Sibley
Sent: Tuesday, January 17, 2006 2:39 PM
To: Elwell, John; David R Oran
Cc: SIP Forum Tech WG
Subject: RE: [SIPForum-techwg] Interoperability Draft v3 - a few more comm
ents

Hi John,

The SP will definitely want to validate *at least* the host/domain
portion of the URI, but I think the SP will also need to enforce some
form of "screening" on the user portion also. 

To illustrate my point, assume that the SP is providing PSTN
connectivity (inbound and outbound) for Enterprise A and Enterprise B.
Enterprise A (acmerockets.com) has the following telephone numbers:
678-990-0000 through 0999. Enterprise B (joesexplosives.com) has the
following telephone numbers: 678-397-1000 through 1999.

If the SP were only to validate the host portion of the URI, Enterprise
A would be able to place calls to the PSTN using a FROM URI of, for
example, 678-397-1000 at acmerockets.com. If this call were allowed to
proceed to the PSTN, the callee would receive caller ID information
stating the call came from 678-397-1000 (Enterprise B's number).

I don't think this behavior is desirable, so the SP should not only
validate the host portion of the URI but the user portion as well. My
reasoning is that while the Enterprise is authoritative for their DNS
domain in the SIP world, the SP is "authoritative" for the Enterprise's
telephone numbers in the PSTN world (i.e. they are routed to
SP-controlled switches on the SS7 network). Accordingly, I think the SP
has at least some amount of responsibility for validating that the
identity asserted by an Enterprise is legitimate before it lets that
call go to the PSTN. (This obviously requires the SP and Enterprise to
agree to the list of "valid" identities that can utilize the SIP
interface ahead of time.)

Finally, please note that while I think the SP does need to validate the
user portion of the URI, our interface specification as currently
written doesn't require it. 

Per Section 10 (Enterprise PSTN Identities): "It therefore naturally
follows that validating the PBXs asserted PSTN identity against a list
of "legal" identities for the Enterprise is desirable before allowing
the call to proceed. While this interface specification does not
explicitly make this type of screening/validation required, it is HIGHLY
RECOMMENDED."

Thanks,

--Chris


> 

**********************************************************************
This email may contain confidential information. If you are not
the intended recipient, please advise by return email and delete
immediately without reading or forwarding to others.
 - Cbeyond 
**********************************************************************-----O
riginal Message-----
> From: Elwell, John [mailto:john.elwell at siemens.com]
> Sent: Wednesday, January 11, 2006 3:23 AM
> To: Chris Sibley; David R Oran
> Cc: Horvath Ernst; SIP Forum Tech WG
> Subject: RE: [SIPForum-techwg] Interoperability Draft v3 - a few more
comm
> ents
> 
> Chris,
> 
> But it is likely to be only the domain part of the URI that the SP can
> check. Right?
> 
> John
> 
> > -----Original Message-----
> > From: Chris Sibley [mailto:Chris.Sibley at cbeyond.net]
> > Sent: 10 January 2006 19:01
> > To: David R Oran; Elwell, John
> > Cc: Horvath Ernst; SIP Forum Tech WG
> > Subject: RE: [SIPForum-techwg] Interoperability Draft v3 - a
> > few more comm ents
> >
> > I agree with David. The current draft of the specification describes
> > this concept in more detail in section 10, Enterprise PSTN
identities.
> > Since PSTN origination / termination (using SIP as the signaling
> > protocol between Enterprise and SP) is the main focus of the
> > specification, there is the fundamental problem of "policing" which
> > identities the Enterprise should be allowed to assert (when the call
> > terminates to the PSTN). To put it another way, it would be highly
> > unlikely that the Service Provider would want to allow the
> > Enterprise to
> > make calls to PSTN endpoints using any telephone number (identity,
> > caller ID information, or whatever you want to call it) they chose
to
> > put in the FROM field (or P-Preferred-ID). At a minimum, the SP
should
> > maintain a list of "Enterprise Identities" from the Enterprise realm
> > that are "authorized" to use the interface for purposes of
> > reaching the
> > PSTN.
> >
> > Thanks,
> >
> > --Chris
> >
> > >
> >
> >
**********************************************************************
> > This email may contain confidential information. If you are not
> > the intended recipient, please advise by return email and delete
> > immediately without reading or forwarding to others.
> >  - Cbeyond
> > **************************************************************
> > ********-----Original Message-----
> > > From: David R Oran [mailto:oran at cisco.com]
> > > Sent: Monday, January 09, 2006 4:34 PM
> > > To: Elwell, John
> > > Cc: Chris Sibley; Horvath Ernst; SIP Forum Tech WG
> > > Subject: Re: [SIPForum-techwg] Interoperability Draft v3 -
> > a few more
> > comm
> > > ents
> > >
> > >
> > > On Jan 9, 2006, at 4:22 PM, Elwell, John wrote:
> > >
> > > > Chris,
> > > >
> > > > <snip/>
> > > >> As I understand, P-Asserted-ID is only supposed to be
> > used between
> > > >> two
> > > >> proxies that are in the same trust domain AND in situations
where
> > the
> > > >> proxy adding the P-Asserted field has already authenticated the
> > > >> user's
> > > >> identity. In our case, I don't think the Service Provider can
> > > >> necessarily trust that the identity asserted by the
> > > >> Enterprise is valid,
> > > >> even if it has already been "screened" by the Enterprise.
> > > >>
> > > >> However, we can accept a "hint" from the Enterprise to
determine
> > the
> > > >> correct identity to use. Section 6 of RFC 3325 states: "If a
> > > >> P-Preferred-Identity header field is present in the message
> > > >> that a proxy
> > > >> receives from an entity that it does not trust, the proxy MAY
use
> > > >> this
> > > >> information as a hint suggesting which of multiple valid
> > > >> identities for
> > > >> the authenticated user should be asserted."
> > > > What is meant by "valid identities" here? How does the SP
> > know that
> > > > xxx at example.com, if received in a P-Preferred-Identity header
> > > > field, is a
> > > > valid identity? The PBX's domain, in this case example.com, is
> > > > responsible
> > > > for assigning URIs, so how does the SP know which values
> > are valid?
> > > >
> > > Well, it can't tell if xxx is valid (that's the job of
example.com),
> > > but if a enterprise domain has multiple identities it could
> > know that
> > > xxx at example.com and xxx at example-the-sequel.com were valid, but
> > > xxx at example-the-counterfeit-knockoff.com was not.
> > >
> > > > John
> > > > _______________________________________________
> > > > techwg mailing list
> > > > Send mail to: techwg at sipforum.org
> > > > Unsubscribe or edit options at:  http://sipforum.org/mailman/
> > > > listinfo/techwg
> >


_______________________________________________
techwg mailing list
Send mail to: techwg at sipforum.org
Unsubscribe or edit options at:  http://sipforum.org/mailman/listinfo/techwg

More information about the techwg mailing list