[Kamailio-Devel] [ openser-Feature Requests-2726791 ] check r-r header of reply

[Iñaki Baz Castillo]

El Jueves 02 Abril 2009, Juha Heinanen escribió:
> Iñaki Baz Castillo writes:
>  > And then how does the From looks in the in-dialog request? Corrumpetd?
>  > or un- touched?
>
> untouched.

Ok. However I don't consider it so critic (I must mean the From modication). 
Usually uac_replace_from() is just used when Kamailio routes requests to 
stupid gateways/softswitches requiring the PSTN number in the From header 
insted of inspecting PAI/RPID headers.

If you want to send a request to an "untrusted" UAS, a proxy can do very few 
work on "protecting" your identity (the second Via will show where you are, 
the Contact header probably will show your username...).

If a malicious UAS spoofes the RR in the 200 OK, the proxy could detect it and 
drop the request, but no more. The UAS could get the same effect by setting a 
spoofed Contact in the 200 OK.

Such issues show us what I already think: a SIP topology just based on proxies 
cannot offer enough privacy and security, it's not possible according to SIP 
specifications. For privacy requeriments (real privacy) a B2BUA is required, 
for secure accounting a B2BUA is required (there are more or less 200 ways to 
confuse a proxy on accounting...).

A proxy can do some efforts on offering privacy and other services not related 
to a proxy node, but we cannot expect them to be perfect and 100% reliable.
If not, we will require more and more "features" in the proxy, features not 
belonging to a SIP proxy (as Contact hidding, second Via removing...). All 
these task belong to a B2BUA.

Just my opinion. Regards.


-- 
Iñaki Baz Castillo <ibc at aliax.net>