draft-jennings-vipr-overview IETF 81

Slides:



Advertisements
Similar presentations
Draft-ietf-pim-port-06. port-06 update Changes made in response to second wglc comments and following discussion Many minor editorial issues fixed Changed.
Advertisements

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
Secure Network Bootstrapping Infrastructure May 15, 2014.
CSC 774 Advanced Network Security
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Ferry Astika Saputra Workshop Administrasi Jaringan TELNET & SSH.
UDP & TCP Where would we be without them!. UDP User Datagram Protocol.
1 TCP - Part I Relates to Lab 5. First module on TCP which covers packet format, data transfer, and connection management.
Network Services Networking for Home & Small Business.
UDP - User Datagram Protocol UDP – User Datagram Protocol Author : Nir Shafrir Reference The TCP/IP Guide - ( Version Version.
Examining IP Header Fields
1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.
Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,
V-SIPGW to V-SIPGW Connection
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Process-to-Process Delivery:
Lecture 3a Mobile IP 1. Outline How to support Internet mobility? – by Mobile IP. Our discussion will be based on IPv4 (the current version). 2.
Cosmos Security Feature Overview Product Planning Group Samsung IT Solutions Business 12 July 2010.
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Services Networking for Home and Small Businesses – Chapter.
Network Services Networking for Home & Small Business.
Shepard’s Valley Cowboy Church Web Server File Download Problem Analysis Last Update Copyright 2013 Kenneth M. Chipps Ph.D.
TCP1 Transmission Control Protocol (TCP). TCP2 Outline Transmission Control Protocol.
Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Internet Authentication Service.
Slide title In CAPITALS 50 pt Slide subtitle 32 pt RTSP 2.0 TLS handling Magnus Westerlund draft-ietf-mmusic-rfc2326bis-12.
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
UDP & TCP Where would we be without them!. UDP User Datagram Protocol.
ARP ‘n RARP. The Address Resolution Protocol (ARP) is a request sent out by a computer to find another computer’s MAC address. It already knows the IP.
Call Completion using BFCP draft-roach-sipping-callcomp-bfcp IETF 67 – San Diego November 7, 2006.
Emergency Text Messaging using SIP MESSAGE draft-kim-ecrit-text-00
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 BGP Overview Establishing BGP Sessions.
© 2002, Cisco Systems, Inc. All rights reserved..
Globally Identifiable Number (GIN) Registration Adam Roach draft-martini-roach-gin-01 IETF 77 – Anaheim, CA, USA March 22, 2010.
Secure Single Packet IP Traceback Mechanism to Identify the Source Zeeshan Shafi Khan, Nabila Akram, Khaled Alghathbar, Muhammad She, Rashid Mehmood Center.
ID NO : 1070 S. VARALAKSHMI Sethu Institute Of Tech IV year -ECE department CEC Batch : AUG 2012.
Skype.
Innovations in P2P Communications David A. Bryan College of William and Mary April 11, 2006 Advisor: Bruce B. Lowekamp.
Point-Point Protocol (PPP) by William F. Widulski.
Chapter 11 User Datagram Protocol
Chapter 9: Transport Layer
Instructor Materials Chapter 9: Transport Layer
A quick intro to networking
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
NAT State Synchronization using SCSP draft-xu-behave-nat-state-sync-01
Process-to-Process Delivery, TCP and UDP protocols
In-Band Authentication Extension for Protocol Independent Multicast (PIM) draft-bhatia-zhang-pim-auth-extension-00 Manav Bhatia
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
Jonathan Rosenberg dynamicsoft
KX-HTS Step by Step Guide SIP Trunk to PBX
100% Exam Passing Guarantee & Money Back Assurance
draft-jeyatharan-netext-pmip-partial-handoff-02
Extending Option Space Discussion Overview and its requirements
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
Configuration Framework draft-ietf-sipping-config-framework-06
A SIP Event Package for DTMF Event Monitoring
Chapter 14 User Datagram Protocol (UDP)
draft-ipdvb-sec-01.txt ULE Security Requirements
Process-to-Process Delivery:
CS4470 Computer Networking Protocols
TRANSMISSION CONTROL PROTOCOL
CS4470 Computer Networking Protocols
draft-ietf-p2psip-base-03
Technical Issues with draft-ietf-mpls-bfd-directed
Process-to-Process Delivery: UDP, TCP
Lecture 4a Mobile IP 1.
IETF 102 (Montreal) STIR WG Jul 2018
Presentation transcript:

draft-jennings-vipr-overview IETF 81 Cullen Jennings

Changes Editorial and typos Header name changed to remove X-Cisco Michael Proctor raised an interesting attack and provided more information about a two existing attacks (more later)

Document Refactoring Overview does more than just be an overview VAP draft contains bits essential to VIPR, but the VAP protocol was meant to be optional Proposal: Refactor the drafts to make the rest of the VIPR drafts not normatively dependent on VAP Refactor to move parts of overview to other drafts or new drafts. Consider moving section 7, 8, 9

Evil Tracking Attack: Let's assume EvilCorp registers its node-id against the hash of the sales number of its competitor, VictimCorp.  Then, whenever a ViPR-enabled caller tries to call VictimCorp to buy something, a few hours later their ViPR server will attempt to establish a connection to EvilCorp. Proposal (half baked): blacklist validations with EvilCorp after failed validation This solution is broken: in normal conditions with no attacks, if networks goes down, domain will get black listed

First Call Problem Particularly for video systems, the first call and re-validations falls back to the PSTN. This is an awful user experience Proposal: Define some more validation protocols based on passing the secret over the PSTN, rapidly detecting, and instantly moving the call to IP Might try ISDN USI (User Service Information) field Might try in band audio “flag” sent by sender, then audio secret is sent by receiver Fingerprint the audio Watermark inserted in the audio Send some DTMF like digits at start of call if other side claims to support this type of VIPR validation Use a “cocktail” approach where try all of the above at the same time

Proposal Find a better editor for overview Refactor documents by Sept 15 Have some assigned reviewers provide reviews Have a virtual interim meeting mid October

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.