Secure Telephone Identity Threat Model, October 2014
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
As the Internet and the telephone network have become increasingly interconnected and interdependent, attackers can impersonate or obscure calling party numbers when orchestrating bulk commercial calling schemes, hacking voicemail boxes, or even circumventing multi-factor authentication systems trusted by banks. This document analyzes threats in the resulting system, enumerating actors, reviewing the capabilities available to and used by attackers, and describing scenarios in which attacks are launched.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.