The SIP Identity Baiting Attack
draft-kaplan-sip-baiting-attack-02

Document Type Expired Internet-Draft (individual)
Last updated 2008-02-22
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-kaplan-sip-baiting-attack-02.txt

Abstract

This document identifies a potential SPIT and Phishing attack, which subverts the RFC 4474 SIP Identity and RFC 4916 Connected Identity mechanisms in a particular way. The attack is termed "Baiting", as it uses a RFC4474-signed call as the bait for malicious use.

Authors

Hadriel Kaplan (hkaplan@acmepacket.com)
Dan Wing (dwing@cisco.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)