Ole,
As the co-chair of the ENUM work group in the IETF, I was delighted with Geoff Huston's article. (The Internet Protocol
Journal, Volume 5, No. 2, June 2002, page 13).
I would like to point out and clarify several other issues raised by the Letters to the Editor published in the subsequent
issue.
First, as a practical matter though the North American Numbering Plan uses a single country code "1," there will not be a single
administration of ENUM within "1." The agreements between the IAB and the ITU on the administration of
e164.arpa clearly indicate that these resources will be administered on a nation-state basis.
The United States, Canada, Bermuda, and the 18 countries of the NANP will be free to administer their numbering resources as they
so choose through the use of 1 + NPA (area codes) zones within the root of e164.arpa.
Dr. Deleuze writes, "E.164 numbers are really telephone addresses. They are tied to telephone network topology and are surely not
user friendly. There are no user-friendly names in the telephone system."
In fact, this is not exactly correct either. Since the advent of Number Portability by several national telephone administrations,
including the United States, telephone numbers are no longer tied to the underlying network or routing structure of the PSTN.
Actual routing of phone calls in the United States is done on Local Routing Numbers for all landline calls and, beginning in
November of 2003, for wireless calls as well.
Phone numbers even now are essentially names, much like domain names in the Internet. In the United States, phone numbers can be
taken or "ported" to any wireline service provider within proscribed geographic boundaries, in 2003 between wireless service
providers and from wireline to wireless providers as well.
I partially take issue with Dr. Deleuze's thought that telephone numbers are not "user-friendly." Phone numbers are readily
identifiable, easy to use, and are not tied to culture or language, problems we have not yet solved with domain names.
Dear Editor,
The September 2002 issue of IPJ featured a very interesting, comprehensive article on visitor networks. One aspect I found not
mentioned, however, is the danger of users in such scenarios falling victim to fake visitor gateways. In public wireless hot spots,
as they are increasingly being setup at numerous locations these days, attackers could employ their own mobile WLAN device to
direct visitors trying to log on to the hot spot to their own fake login page, enabling them to easily collect their login details
such as credit card information. Using encryption does not help here as long as the gateway does not need to authenticate itself to
the customer's mobile device. The average user should not have a chance to realize whether he or she is connected to a legitimate
or a fake login page—if he or she is aware of that potential danger at all. Given the fact that all such an attack would
need, apart from readily available equipment such as a portable computer with a WLAN card, is some small piece of appropriate
software and that it would be quite difficult to detect,that kind of threat unfortunately should be quite realistic in such
environments.
The author responds:
This is a good point that was not discussed in the article. There are actually at least three cases that visitors need to worry
about. The first is, as you mentioned, that the service provider is not who they say they are. This can be dealt with by using SSL
certificates assuming the visitor is conscious of the URL that he/she is being directed to and knows that it belongs to the real
service provider. If the visitor has no idea who is a reasonable service provider, this is a different class of problem, very
similar to what has happened with public telephones that accept standard calling and credit cards—someone makes a call,
receives the service but then gets charged an outrageous rate. The third case is a man-in-the-middle attack or passive snooping
where someone with a laptop as you describe is able to grab traffic and gather passwords.
Some basic advice to visitors is for services that require subscription, although possibly inconvenient, never subscribe on a
potentially compromised connection. That way, only the service provider-assigned username and password is compromised, instead of
more sensitive personal information related to the account. Connections using 802.1x authentication with EAP-TLS provide mutual
authentication and are in the long run, a better solution than redirection of web pages. No matter what kind of security one has,
inevitably there will be legally legitimate providers that will take advantage of visitors and in that case it's just "buyer
beware."
Hi Ole,
Again, I found the latest issue of IPJ quite enlightening and useful. However, I do have one comment regarding the article by Greg
Scholz on "An Architecture for Securing Wireless Networks." Although the use of source IP addresses to provide policy group
membership on the firewall works in most cases, some client OSs and some IPSec VPN boxes allow the source address (even if it is
the endpoint address of the tunnel, not the "real" address of the host) to be changed,provided the source address of the enciphered
traffic does not change. This would allow users to change the policy group they belong to. A better solution is to use a VPN box
that can associate groups of IPSec tunnels to VLANs. Then the firewall could be configured to allow policy group membership based
on VLANs. This takes all determination of policy group membership off the client host and places it in the domain of trust of the
VPN and firewall boxes.