RE: Notes from Non-meeting

Because you need a way to vet a PSAP that is acceptable
to the PSAP, and you can't get one that works for all PSAPs,
and you need a single crypto that all terminals implement
and you can't get that.

Both these problems can be ignored by the IETF. We often
do, but I'm not interested in unimplemented standards.

It would be nice, for example to create a CA for PSAPs.
Put the root cert of the CA in every phone. Have the
CA give a cert to every PSAP. Then a signed message from
a PSAP could be verified to be a bona fide PSAP by the phone.

Sounds easy, and useful.

Completely impractical
        1) No way to create a single CA that every PSAP will
                get a cert from. Politically impossible (who
                runs the CA), operationally impossible (how
                does the CA determine if an application for a
                cert is a bona fide PSAP)
        2) Impossible to implement
                Can't fit digital signature code in all devices
                
        3) Impractical to use
                takes seconds to verify the signature on the
                processors in the devices. Cannot add a second
                to post dial delay

Anything using public key crypto has these problems.
Preplaced keys?
Tokens?

However, it is possible to put reasonable mechanisms in
place such that calls to a specific address (sos@anydomain)
gets to the PSAP serving the local domain. Such mechanisms
may not be perfect, but I think they are adequate.

Brian

> -----Original Message-----
> From: Adam Shostack [mailto:adam@zeroknowledge.com]
> Sent: Wednesday, March 20, 2002 12:25 PM
> To: Rosen, Brian
> Cc: 'Randy Bush'; Henning Schulzrinne; geopriv@mail.apps.ietf.org
> Subject: Re: Notes from Non-meeting
>
>
>
> Please explain why it is not practical to authenticate a PSAP with
> crypto. Are you working in the mobile-handset case, the voip case,
> or some other?
>
> Adam
>
>
> On Wed, Mar 20, 2002 at 12:05:32PM -0500, Rosen, Brian wrote:
> > Getting the callers identity is a hard problem that is
> > the subject of current discussion in SIP and not relevant
> > here.
> >
> > Authenticating the PSAP cryptographically is not
> > a practical approach. Doing it by addressing is
> > practical, and I assert acceptable in this use case.
> >
> > Brian
> >
> > > -----Original Message-----
> > > From: Randy Bush [mailto:randy@psg.com]
> > > Sent: Wednesday, March 20, 2002 11:23 AM
> > > To: Henning Schulzrinne
> > > Cc: Adam Shostack; Rosen, Brian; geopriv@mail.apps.ietf.org
> > > Subject: Re: Notes from Non-meeting
> > >
> > >
> > > > The problem is not authenticating the caller, but
> authenticating the
> > > > PSAP.
> > >
> > > i agree on the latter. i suspect the psap would like to get
> > > the caller's
> > > location if reasonably possible. i suspect it would also
> > > like to get the
> > > caller's identity, but not to check if they are
> authorized to call.
> > >
> > > randy
> > >
>
Received on Wed Mar 20 16:45:18 2002