RFC 7375

Secure Telephone Identity Threat Model, October 2014

Canonical URL:
https://www.rfc-editor.org/rfc/rfc7375.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Author:
J. Peterson
Stream:
IETF
Source:
stir (rai)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC7375

Discuss this RFC: Send questions or comments to stir@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

As the Internet and the telephone network have become increasingly interconnected and interdependent, attackers can impersonate or obscure calling party numbers when orchestrating bulk commercial calling schemes, hacking voicemail boxes, or even circumventing multi-factor authentication systems trusted by banks. This document analyzes threats in the resulting system, enumerating actors, reviewing the capabilities available to and used by attackers, and describing scenarios in which attacks are launched.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×