|Subject:||Re: [Ecrit] requirements|
|Date:||Fri, 25 Mar 2005 09:09:48 -0500|
Marc Linsner wrote:
Excuse me, but in the security considerations we will have to discuss the effects of a fraudulant, modified, or replayed location used foremergency routing.[[ml]] agreed I can't imagine not making a signed location a MUST,even with a general discussion of the difficulty of getting a good cert.[[ml]] What about the PSAP that will accept non-cert lo?
Saying that PIDF-LO must be signed without specifying the trust model is the worst kind of self-delusional security specifically designed not to stymie black hats but rather fool the pointy-haired bosses. "Look at all the fancy crypto bits, and it's X.509 and uses the new-fangled government approved crypto standard, too - this must be really secure".
See http://www.antioffline.com/pki.txt for additional reading. _______________________________________________ Ecrit mailing list Ecrit@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ecrit
|<Prev in Thread]||Current Thread||[Next in Thread>|
|Previous by Date:||RE: [Ecrit] requirements, Marc Linsner|
|Next by Date:||Re: [Ecrit] requirements, Henning Schulzrinne|
|Previous by Thread:||RE: [Ecrit] requirements, Marc Linsner|
|Next by Thread:||Re: [Ecrit] requirements, Henning Schulzrinne|
|Indexes:||[Date] [Thread] [Top] [All Lists]|