RFC 7375
Secure Telephone Identity Threat Model, October 2014
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC7375
Discuss this RFC: Send questions or comments to the mailing list stir@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 7375
Abstract
As the Internet and the telephone network have become increasingly interconnected and interdependent, attackers can impersonate or obscure calling party numbers when orchestrating bulk commercial calling schemes, hacking voicemail boxes, or even circumventing multi-factor authentication systems trusted by banks. This document analyzes threats in the resulting system, enumerating actors, reviewing the capabilities available to and used by attackers, and describing scenarios in which attacks are launched.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.