Network Working Group J. Rosenberg Request for Comments: 5039 C. Jennings Category: Informational Cisco January 2008
Network Working Group J. Rosenberg Request for Comments: 5039 C. Jennings Category: Informational Cisco January 2008
The Session Initiation Protocol (SIP) and Spam
会话启动协议(SIP)和垃圾邮件
Status of This Memo
关于下段备忘
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Abstract
摘要
Spam, defined as the transmission of bulk unsolicited messages, has plagued Internet email. Unfortunately, spam is not limited to email. It can affect any system that enables user-to-user communications. The Session Initiation Protocol (SIP) defines a system for user-to-user multimedia communications. Therefore, it is susceptible to spam, just as email is. In this document, we analyze the problem of spam in SIP. We first identify the ways in which the problem is the same and the ways in which it is different from email. We then examine the various possible solutions that have been discussed for email and consider their applicability to SIP.
垃圾邮件,定义为大量未经请求的信息的传输,一直困扰着互联网电子邮件。不幸的是,垃圾邮件并不局限于电子邮件。它可以影响任何能够实现用户对用户通信的系统。会话启动协议(SIP)定义了一个用于用户对用户多媒体通信的系统。因此,它很容易受到垃圾邮件的影响,就像电子邮件一样。在本文中,我们分析了SIP中的垃圾邮件问题。我们首先确定问题与电子邮件的相同之处和不同之处。然后,我们研究了各种可能的解决方案,已经讨论了电子邮件,并考虑其适用于SIP。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem Definition . . . . . . . . . . . . . . . . . . . . . . 3 2.1. Call Spam . . . . . . . . . . . . . . . . . . . . . . . . 4 2.2. IM Spam . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3. Presence Spam . . . . . . . . . . . . . . . . . . . . . . 7 3. Solution Space . . . . . . . . . . . . . . . . . . . . . . . . 8 3.1. Content Filtering . . . . . . . . . . . . . . . . . . . . 8 3.2. Black Lists . . . . . . . . . . . . . . . . . . . . . . . 9 3.3. White Lists . . . . . . . . . . . . . . . . . . . . . . . 9 3.4. Consent-Based Communications . . . . . . . . . . . . . . . 10 3.5. Reputation Systems . . . . . . . . . . . . . . . . . . . . 12 3.6. Address Obfuscation . . . . . . . . . . . . . . . . . . . 14 3.7. Limited-Use Addresses . . . . . . . . . . . . . . . . . . 14 3.8. Turing Tests . . . . . . . . . . . . . . . . . . . . . . . 15 3.9. Computational Puzzles . . . . . . . . . . . . . . . . . . 17 3.10. Payments at Risk . . . . . . . . . . . . . . . . . . . . . 17 3.11. Legal Action . . . . . . . . . . . . . . . . . . . . . . . 18 3.12. Circles of Trust . . . . . . . . . . . . . . . . . . . . . 19 3.13. Centralized SIP Providers . . . . . . . . . . . . . . . . 19 4. Authenticated Identity in Email . . . . . . . . . . . . . . . 20 4.1. Sender Checks . . . . . . . . . . . . . . . . . . . . . . 21 4.2. Signature-Based Techniques . . . . . . . . . . . . . . . . 21 5. Authenticated Identity in SIP . . . . . . . . . . . . . . . . 22 6. Framework for Anti-Spam in SIP . . . . . . . . . . . . . . . . 23 7. Additional Work . . . . . . . . . . . . . . . . . . . . . . . 24 8. Security Considerations . . . . . . . . . . . . . . . . . . . 24 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 24 10. Informative References . . . . . . . . . . . . . . . . . . . . 25
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem Definition . . . . . . . . . . . . . . . . . . . . . . 3 2.1. Call Spam . . . . . . . . . . . . . . . . . . . . . . . . 4 2.2. IM Spam . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3. Presence Spam . . . . . . . . . . . . . . . . . . . . . . 7 3. Solution Space . . . . . . . . . . . . . . . . . . . . . . . . 8 3.1. Content Filtering . . . . . . . . . . . . . . . . . . . . 8 3.2. Black Lists . . . . . . . . . . . . . . . . . . . . . . . 9 3.3. White Lists . . . . . . . . . . . . . . . . . . . . . . . 9 3.4. Consent-Based Communications . . . . . . . . . . . . . . . 10 3.5. Reputation Systems . . . . . . . . . . . . . . . . . . . . 12 3.6. Address Obfuscation . . . . . . . . . . . . . . . . . . . 14 3.7. Limited-Use Addresses . . . . . . . . . . . . . . . . . . 14 3.8. Turing Tests . . . . . . . . . . . . . . . . . . . . . . . 15 3.9. Computational Puzzles . . . . . . . . . . . . . . . . . . 17 3.10. Payments at Risk . . . . . . . . . . . . . . . . . . . . . 17 3.11. Legal Action . . . . . . . . . . . . . . . . . . . . . . . 18 3.12. Circles of Trust . . . . . . . . . . . . . . . . . . . . . 19 3.13. Centralized SIP Providers . . . . . . . . . . . . . . . . 19 4. Authenticated Identity in Email . . . . . . . . . . . . . . . 20 4.1. Sender Checks . . . . . . . . . . . . . . . . . . . . . . 21 4.2. Signature-Based Techniques . . . . . . . . . . . . . . . . 21 5. Authenticated Identity in SIP . . . . . . . . . . . . . . . . 22 6. Framework for Anti-Spam in SIP . . . . . . . . . . . . . . . . 23 7. Additional Work . . . . . . . . . . . . . . . . . . . . . . . 24 8. Security Considerations . . . . . . . . . . . . . . . . . . . 24 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 24 10. Informative References . . . . . . . . . . . . . . . . . . . . 25
Spam, defined as the transmission of bulk unsolicited email, has been a plague on the Internet email system. Many solutions have been documented and deployed to counter the problem. None of these solutions is ideal. However, one thing is clear: the spam problem would be much less significant had solutions been deployed ubiquitously before the problem became widespread.
垃圾邮件,定义为大量未经请求的电子邮件的传输,一直是互联网电子邮件系统的一大瘟疫。许多解决方案已被记录并部署以应对该问题。这些解决方案都不理想。然而,有一件事是明确的:如果在垃圾邮件问题蔓延之前普遍部署解决方案,那么垃圾邮件问题就不会那么重要了。
The Session Initiation Protocol (SIP) [2] is used for multimedia communications between users, including voice, video, instant messaging, and presence. Consequently, it can be just as much of a target for spam as email. To deal with this, solutions need to be defined and recommendations put into place for dealing with spam as soon as possible.
会话发起协议(SIP)[2]用于用户之间的多媒体通信,包括语音、视频、即时消息和状态。因此,它可能和电子邮件一样成为垃圾邮件的目标。为了解决这个问题,需要定义解决方案,并尽快提出处理垃圾邮件的建议。
This document serves to meet those goals by defining the problem space more concretely, analyzing the applicability of solutions used in the email space, identifying protocol mechanisms that have been defined for SIP that can help the problem, and making recommendations for implementors.
本文档旨在通过更具体地定义问题空间、分析电子邮件空间中使用的解决方案的适用性、确定为SIP定义的可帮助解决问题的协议机制,以及向实施者提出建议来实现这些目标。
The spam problem in email is well understood, and we make no attempt to further elaborate on it here. The question, however, is what is the meaning of spam when applied to SIP? Since SIP covers a broad range of functionality, there appear to be three related but different manifestations:
电子邮件中的垃圾邮件问题已经得到了很好的理解,我们在此不做进一步的阐述。然而,问题是,当应用于SIP时,垃圾邮件的含义是什么?由于SIP涵盖了广泛的功能,因此似乎有三种相关但不同的表现形式:
Call Spam: This type of spam is defined as a bulk unsolicited set of session initiation attempts (i.e., INVITE requests), attempting to establish a voice, video, instant messaging [1], or other type of communications session. If the user should answer, the spammer proceeds to relay their message over the real-time media. This is the classic telemarketer spam, applied to SIP. This is often called SPam over Ip Telephony, or SPIT.
呼叫垃圾邮件:这种类型的垃圾邮件被定义为大量未经请求的会话启动尝试(即邀请请求),试图建立语音、视频、即时消息[1]或其他类型的通信会话。如果用户应该回答,垃圾邮件发送者将继续通过实时媒体转发他们的消息。这是典型的电话营销垃圾邮件,应用于SIP。这通常被称为Ip电话上的垃圾邮件,或SPIT。
IM Spam: This type of spam is similar to email. It is defined as a bulk unsolicited set of instant messages, whose content contains the message that the spammer is seeking to convey. IM spam is most naturally sent using the SIP MESSAGE [3] request. However, any other request that causes content to automatically appear on the user's display will also suffice. That might include INVITE requests with large Subject headers (since the Subject is sometimes rendered to the user), or INVITE requests with text or HTML bodies. This is often called SPam over Instant Messaging, or SPIM.
IM垃圾邮件:这种类型的垃圾邮件类似于电子邮件。它被定义为大量未经请求的即时消息集,其内容包含垃圾邮件发送者试图传递的消息。IM垃圾邮件通常使用SIP消息[3]请求发送。但是,任何其他导致内容自动出现在用户显示器上的请求也就足够了。这可能包括具有大主题标题的INVITE请求(因为主题有时会呈现给用户),或者具有文本或HTML正文的INVITE请求。这通常被称为即时消息垃圾邮件,或SPIM。
Presence Spam: This type of spam is similar to IM spam. It is defined as a bulk unsolicited set of presence requests (i.e., SUBSCRIBE requests [4] for the presence event package [6]), in an attempt to get on the "buddy list" or "white list" of a user in order to send them IM or initiate other forms of communications. This is occasionally called SPam over Presence Protocol, or SPPP.
状态垃圾邮件:这种类型的垃圾邮件类似于IM垃圾邮件。它被定义为大量未经请求的状态请求集(即,状态事件包[6]的订阅请求[4]),试图进入用户的“好友列表”或“白名单”,以便向他们发送IM或发起其他形式的通信。这有时被称为存在状态协议上的垃圾邮件,或SPPP。
There are many other SIP messages that a spammer might send. However, most of the other ones do not result in content being delivered to a user, nor do they seek input from a user. Rather, they are answered by automata. OPTIONS is a good example of this. There is little value for a spammer in sending an OPTIONS request, since it is answered automatically by the User Agent Server (UAS). No content is delivered to the user, and they are not consulted.
垃圾邮件发送者可能会发送许多其他SIP消息。然而,大多数其他方法不会将内容交付给用户,也不会寻求用户的输入。相反,它们是由自动机来回答的。选项就是一个很好的例子。垃圾邮件发送者发送选项请求没有什么价值,因为它是由用户代理服务器(UAS)自动响应的。未向用户交付任何内容,也未咨询用户。
In the sections below, we consider the likelihood of these various forms of SIP spam. This is done in some cases by a rough cost analysis. It should be noted that all of these analyses are approximate, and serve only to give a rough sense of the order of magnitude of the problem.
在下面的部分中,我们考虑了各种形式的SIP垃圾邮件的可能性。在某些情况下,这是通过粗略的成本分析来实现的。应该注意的是,所有这些分析都是近似的,仅用于粗略了解问题的数量级。
Will call spam occur? That is an important question to answer. Clearly, it does occur in the existing telephone network, in the form of telemarketer calls. Although these calls are annoying, they do not arrive in the same kind of volume as email spam. The difference is cost; it costs more for the spammer to make a phone call than it does to send email. This cost manifests itself in terms of the cost for systems that can perform telemarketer call, and in cost per call.
电话垃圾邮件会发生吗?这是一个需要回答的重要问题。显然,它确实发生在现有的电话网络中,以电话销售电话的形式。尽管这些电话很烦人,但它们与垃圾邮件的数量并不相同。区别在于成本;垃圾邮件发送者打电话要比发电子邮件花费更多。这一成本体现在能够执行电话销售呼叫的系统的成本和每次呼叫的成本方面。
Both of these costs are substantially reduced by SIP. A SIP call spam application is easy to write. It is just a SIP User Agent that initiates, in parallel, a large number of calls. If a call connects, the spam application generates an ACK and proceeds to play out a recorded announcement, and then it terminates the call. This kind of application can be built entirely in software, using readily available (and indeed, free) off-the-shelf software components. It can run on a low-end PC and requires no special expertise to execute.
SIP大大降低了这两种成本。SIP呼叫垃圾邮件应用程序很容易编写。它只是一个SIP用户代理,并行地发起大量调用。如果呼叫连接,垃圾邮件应用程序将生成ACK并继续播放录制的公告,然后终止呼叫。这种应用程序可以完全在软件中构建,使用现成的(实际上是免费的)现成软件组件。它可以在低端PC上运行,不需要特殊的专业知识即可执行。
The cost per call is also substantially reduced. A normal residential phone line allows only one call to be placed at a time. If additional lines are required, a user must purchase more expensive connectivity. Typically, a T1 or T3 would be required for a large-volume telemarketing service. That kind of access is very expensive and well beyond the reach of an average user. A T1 line is approximately US $250 per month, and about 1.5 cents per minute for calls. T1 lines used only for outbound calls (such as in this case)
每次通话的成本也大大降低。普通住宅电话线一次只允许打一个电话。如果需要额外的线路,用户必须购买更昂贵的连接。通常,大容量电话营销服务需要T1或T3。这种访问非常昂贵,并且远远超出了普通用户的能力范围。T1线路每月大约250美元,通话每分钟约1.5美分。T1线路仅用于出站呼叫(如本例)
are even more expensive than inbound trunks due to the reciprocal termination charges that a provider pays and receives.
由于提供商支付和接收的对等终止费用,其成本甚至比入站中继更高。
There are two aspects to the capacity: the call attempt rate, and the number of simultaneous successful calls that can be in progress. A T1 would allow a spammer, at most, 24 simultaneous calls, and assuming about 10 seconds for each call attempt, about 2.4 call attempts per second. At high-volume calling, the per-minute rates far exceed the flat monthly fee for the T1. The result is a cost of 250,000 microcents for each successful spam delivery, assuming 10 seconds of content.
容量有两个方面:呼叫尝试率和同时进行的成功呼叫数。T1允许垃圾邮件发送者最多同时拨打24次电话,并且假设每次尝试通话时间为10秒,每秒尝试通话次数约为2.4次。在大容量通话中,每分钟费率远远超过T1的固定月费。其结果是每成功发送一次垃圾邮件就要花费250000微币,假设10秒的内容。
With SIP, this cost is much reduced. Consider a spammer using a typical broadband Internet connection that provides 500 Kbps of upstream bandwidth. Initiating a call requires just a single INVITE message. Assuming, for simplicity's sake, that this is 1 KB, a 500 Kbps upstream DSL or cable modem connection will allow about 62 call attempts per second. A successful call requires enough bandwidth to transmit a message to the receiver. Assuming a low compression codec (say, G.723.1 at 5.3 Kbps), this requires approximately 16 Kbps after RTP, UDP, and IP overheads. With 500 Kbps upstream bandwidth, this means as many as 31 simultaneous calls can be in progress. With 10 seconds of content per call, that allows for 3.1 successful call attempts per second. If broadband access is around $50/month, the cost per successful voice spam is about 6.22 microcents each. This assumes that calls can be made 24 hours a day, 30 days a month, which may or may not be the case.
使用SIP,这一成本大大降低。考虑一个垃圾邮件发送者使用典型的宽带互联网连接,提供500 kbps的上行带宽。发起呼叫只需要一条INVITE消息。为了简单起见,假设这是1kb,一个500kbps的上行DSL或电缆调制解调器连接将允许每秒62次呼叫尝试。成功的呼叫需要足够的带宽将消息传输到接收器。假设采用低压缩编解码器(例如,G.723.1以5.3 Kbps的速率),这需要在RTP、UDP和IP开销之后大约16 Kbps。由于上游带宽为500 Kbps,这意味着可以同时进行多达31个呼叫。每次通话有10秒的内容,允许每秒3.1次成功的通话尝试。如果宽带接入费用为每月50美元左右,那么每成功发送一次语音垃圾邮件的成本约为6.22微信。这假设电话可以一天24小时、一个月30天拨打,情况可能是这样,也可能不是这样。
These figures indicate that SIP call spam is roughly four orders of magnitude cheaper to send than traditional circuit-based telemarketer calls. This low cost is certainly going to be very attractive to spammers. Indeed, many spammers utilize computational and bandwidth resources provided by others, by infecting their machines with viruses that turn them into "zombies" that can be used to generate spam. This can reduce the cost of call spam to nearly zero.
这些数字表明,SIP呼叫垃圾邮件的发送成本比传统的基于电路的电话营销呼叫便宜大约四个数量级。这种低成本肯定会对垃圾邮件发送者非常有吸引力。事实上,许多垃圾邮件发送者利用他人提供的计算和带宽资源,用病毒感染他们的机器,使其变成可用于生成垃圾邮件的“僵尸”。这可以将呼叫垃圾邮件的成本降低到几乎为零。
Even ignoring the zombie issue, this reduction in cost is even more amplified for international calls. Currently, there are few telemarketing calls across international borders, largely due to the large cost of making international calls. This is one of the reasons why the "do not call list", a United States national list of numbers that telemarketers cannot call -- has been effective. The law only affects U.S. companies, but since most telemarketing calls are domestic, it has been effective. Unfortunately (and fortunately), the IP network provides no boundaries of these sorts, and calls to any SIP URI are possible from anywhere in the world. This will allow for international spam at a significantly reduced cost.
即使忽略了僵尸问题,这一成本的降低对于国际通话来说也更加明显。目前,跨越国际边界的电话营销电话很少,这主要是因为打国际电话的成本很高。这就是为什么“不打电话列表”(do not call list)一直有效的原因之一,该列表是美国全国电话销售人员无法拨打的电话号码列表。这项法律只影响美国公司,但由于大多数电话销售电话都是国内电话,因此一直有效。不幸的是(幸运的是),IP网络不提供此类边界,可以从世界任何地方调用任何SIPURI。这将使国际垃圾邮件的成本大大降低。
International spam is likely to be even more annoying than national spam, since it may arrive in languages that the recipient doesn't even speak.
国际垃圾邮件可能比国内垃圾邮件更烦人,因为它可能以收件人甚至不会说的语言发送。
These figures assume that the primary limitation is the access bandwidth and not CPU, disk, or termination costs. Termination costs merit further discussion. Currently, most Voice over IP (VoIP) calls terminate on the Public Switched Telephone Network (PSTN), and this termination costs the originator of the call money. These costs are similar to the per-minute rates of a T1. It ranges anywhere from half a cent to three cents per minute, depending on volume and other factors. However, equipment costs, training, and other factors are much lower for SIP-based termination than a T1, making the cost still lower than circuit connectivity. Furthermore, the current trend in VoIP systems is to make termination free for calls that never touch the PSTN, that is, calls to actual SIP endpoints. Thus, as more and more SIP endpoints come online, termination costs will probably drop. Until then, SIP spam can be used in concert with termination services for a lower-cost form of traditional telemarketer calls, made to normal PSTN endpoints.
这些数字假设主要限制是访问带宽,而不是CPU、磁盘或终端成本。终止费用值得进一步讨论。目前,大多数IP语音(VoIP)呼叫在公共交换电话网络(PSTN)上终止,这种终止需要支付呼叫发起人的费用。这些成本与T1的每分钟费率相似。根据音量和其他因素的不同,它的范围从每分钟半美分到三美分不等。然而,基于SIP的终端的设备成本、培训和其他因素远低于T1,使得成本仍然低于电路连接。此外,VoIP系统中当前的趋势是对从不接触PSTN的呼叫(即对实际SIP端点的呼叫)提供无终止。因此,随着越来越多的SIP端点上线,终止成本可能会下降。在此之前,SIP垃圾邮件可以与终端服务一起使用,用于对普通PSTN端点进行的较低成本的传统电话销售呼叫。
It is useful to compare these figures with email. VoIP can deliver approximately 3.1 successful call attempts per second. Email spam can, of course, deliver more. Assuming 1 KB per email, and an upstream link of 500 Kbps, a spammer can generate 62.5 messages per second. This number goes down with larger messages of course. Interestingly, spam filters delete large numbers of these mails, so the cost per viewed message is likely to be much higher. In that sense, call spam is much more attractive, since its content is much more likely to be examined by a user if a call attempt is successful.
将这些数字与电子邮件进行比较是很有用的。VoIP每秒可以提供大约3.1次成功的呼叫尝试。当然,垃圾邮件可以带来更多好处。假设每封邮件1KB,上游链接500Kbps,垃圾邮件发送者每秒可以生成62.5条消息。当然,这个数字会随着更大的消息而下降。有趣的是,垃圾邮件过滤器会删除大量此类邮件,因此每次查看邮件的成本可能要高得多。从这个意义上说,呼叫垃圾邮件更具吸引力,因为如果呼叫尝试成功,其内容更有可能被用户检查。
Another part of the cost of spamming is collecting addresses. Spammers have, over time, built up immense lists of email addresses, each of the form user@domain, to which spam is directed. SIP uses the same form of addressing, making it likely that email addresses can easily be turned into valid SIP addresses. Telephone numbers also represent valid SIP addresses; in concert with a termination provider, a spammer can direct SIP calls at traditional PSTN devices. It is not clear whether email spammers have also been collecting phone numbers as they perform their Web sweeps, but it is probably not hard to do so. Furthermore, unlike email addresses, phone numbers are a finite address space and one that is fairly densely packed. As a result, going sequentially through phone numbers is likely to produce a fairly high hit rate. Thus, it seems like the cost is relatively low for a spammer to obtain large numbers of SIP addresses to which spam can be directed.
垃圾邮件的另一部分成本是收集地址。随着时间的推移,垃圾邮件发送者已经建立了大量的电子邮件地址列表,每种形式都有user@domain,垃圾邮件将被定向到其中。SIP使用相同的寻址形式,使得电子邮件地址可以很容易地转换为有效的SIP地址。电话号码也代表有效的SIP地址;通过与终端提供商合作,垃圾邮件发送者可以在传统PSTN设备上直接进行SIP呼叫。目前尚不清楚垃圾邮件发送者在进行网络扫描时是否也在收集电话号码,但这样做可能并不困难。此外,与电子邮件地址不同,电话号码是一个有限的地址空间,而且相当密集。因此,按顺序浏览电话号码可能会产生相当高的命中率。因此,对于垃圾邮件发送者来说,获取大量可定向垃圾邮件的SIP地址的成本似乎相对较低。
IM spam is very much like email, in terms of the costs for deploying and generating spam. Assuming, for the sake of argument, a 1KB message to be sent and 500 Kbps of upstream bandwidth, that is 62.5 messages per second. At $50/month, the result is .31 microcents per message. This is less than voice spam, but not substantially less. The cost is probably on par with email spam. However, IM is much more intrusive than email. In today's systems, IMs automatically pop up and present themselves to the user. Email, of course, must be deliberately selected and displayed. However, most popular IM systems employ white lists, which only allow IM to be delivered if the sender is on the white list. Thus, whether or not IM spam will be useful seems to depend a lot on the nature of the systems as the network is opened up. If they are ubiquitously deployed with white-list access, the value of IM spam is likely to be low.
就部署和生成垃圾邮件的成本而言,IM垃圾邮件非常类似于电子邮件。为了论证起见,假设要发送1KB的消息和500Kbps的上行带宽,即每秒62.5条消息。以每月50美元的价格计算,结果是每条消息0.31微信。这比语音垃圾邮件要少,但实质上并没有少。费用可能与电子邮件垃圾邮件相当。然而,IM比电子邮件更具侵入性。在当今的系统中,IMs会自动弹出并向用户展示自己。当然,电子邮件必须经过精心选择和显示。然而,大多数流行的即时通讯系统使用白名单,只有当发送者在白名单上时,才允许发送即时通讯。因此,IM垃圾邮件是否有用似乎在很大程度上取决于网络开放时系统的性质。如果他们普遍使用白名单访问,IM垃圾邮件的价值可能很低。
It is important to point out that there are two different types of IM systems: page mode and session mode. Page mode IM systems work much like email, with each IM being sent as a separate message. In session mode IM, there is signaling in advance of communication to establish a session, and then IMs are exchanged, perhaps point-to-point, as part of the session. The modality impacts the types of spam techniques that can be applied. Techniques for email can be applied identically to page mode IM, but session mode IM is more like telephony, and many techniques (such as content filtering) are harder to apply.
需要指出的是,IM系统有两种不同的类型:页面模式和会话模式。页面模式IM系统的工作原理与电子邮件非常相似,每个IM都作为单独的消息发送。在会话模式IM中,在通信之前有信令来建立会话,然后IM作为会话的一部分交换,可能是点对点交换。该模式影响可应用的垃圾邮件技术的类型。电子邮件技术可以同样应用于页面模式IM,但会话模式IM更像电话,许多技术(如内容过滤)更难应用。
As defined above, presence spam is the generation of bulk unsolicited SUBSCRIBE messages. The cost of this is within a small constant factor of IM spam so the same cost estimates can be used here. What would be the effect of such spam? Most presence systems provide some kind of consent framework. A watcher that has not been granted permission to see the user's presence will not gain access to their presence. However, the presence request is usually noted and conveyed to the user, allowing them to approve or deny the request. In SIP, this is done using the watcherinfo event package [7]. This package allows a user to learn the identity of the watcher, in order to make an authorization decision.
如上所述,状态垃圾邮件是指生成大量未经请求的订阅消息。这样做的成本在IM垃圾邮件的一个小的常数因子内,因此这里可以使用相同的成本估算。这样的垃圾邮件会有什么影响?大多数存在系统提供某种同意框架。未被授予查看用户状态权限的观察者将无法访问其状态。然而,存在请求通常被记录并传达给用户,允许用户批准或拒绝该请求。在SIP中,这是使用watcherinfo事件包[7]完成的。该软件包允许用户了解观察者的身份,以便做出授权决策。
Interestingly, this provides a vehicle for conveying information to a user. By generating SUBSCRIBE requests from identities such as sip:please-buy-my-product@spam.example.com, brief messages can be conveyed to the user, even though the sender does not have, and never will receive, permission to access presence. As such, presence spam can be viewed as a form of IM spam, where the amount of content to be
有趣的是,这提供了一种向用户传递信息的工具。通过从身份生成订阅请求,如sip:please buy my-product@spam.example.com,即使发件人没有也永远不会获得访问状态的权限,也可以向用户传递简短消息。因此,状态垃圾邮件可以被视为IM垃圾邮件的一种形式,其中包含的内容量
conveyed is limited. The limit is equal to the amount of information generated by the watcher that gets conveyed to the user through the permission system.
这是有限的。该限制等于观察者通过权限系统向用户传达的信息量。
This type of spam also shows up in consent frameworks used to prevent call spam, as discussed in Section 3.4.
如第3.4节所述,这种类型的垃圾邮件也出现在用于防止呼叫垃圾邮件的同意框架中。
In this section, we consider the various solutions that might be possible to deal with SIP spam. We primarily consider techniques that have been employed to deal with email spam. It is important to note that the solutions documented below are not meant to be an exhaustive study of the spam solutions used for email but rather just a representative set. We also consider some solutions that appear to be SIP-specific.
在这一节中,我们考虑可能处理SIP垃圾邮件的各种解决方案。我们主要考虑已经被用来处理电子邮件垃圾邮件的技术。需要注意的是,下面记录的解决方案并不是对用于电子邮件的垃圾邮件解决方案的详尽研究,而是一组具有代表性的解决方案。我们还考虑了一些似乎是SIP特定的解决方案。
The most common form of spam protection used in email is based on content filtering. Spam filters analyze the content of the email, and look for clues that the email is spam. Bayesian spam filters are in this category.
电子邮件中最常见的垃圾邮件保护形式是基于内容过滤。垃圾邮件过滤器分析电子邮件的内容,并寻找电子邮件是垃圾邮件的线索。贝叶斯垃圾邮件过滤器属于这一类。
Unfortunately, this type of spam filtering, while successful for email spam, is completely useless for call spam. There are two reasons. First, in the case where the user answers the call, the call is already established and the user is paying attention before the content is delivered. The spam cannot be analyzed before the user sees it. Second, if the content is stored before the user accesses it (e.g., with voicemail), the content will be in the form of recorded audio or video. Speech and video recognition technology is not likely to be good enough to analyze the content and determine whether or not it is spam. Indeed, if a system tried to perform speech recognition on a recording in order to perform such an analysis, it would be easy for the spammers to make calls with background noises, poor grammar, and varied accents, all of which will throw off recognition systems. Video recognition is even harder to do and remains primarily an area of research.
不幸的是,这种类型的垃圾邮件过滤虽然成功地过滤了电子邮件垃圾邮件,但对呼叫垃圾邮件却毫无用处。有两个原因。首先,在用户应答呼叫的情况下,呼叫已经建立,并且用户在交付内容之前正在注意。在用户看到垃圾邮件之前,无法对其进行分析。其次,如果内容是在用户访问之前存储的(例如,通过语音邮件),则内容将以录制的音频或视频的形式出现。语音和视频识别技术不太可能很好地分析内容并确定它是否是垃圾邮件。事实上,如果一个系统试图对录音进行语音识别以进行这种分析,垃圾邮件发送者很容易拨打背景噪音、糟糕的语法和各种口音的电话,所有这些都会使识别系统失效。视频识别甚至更难做到,而且仍然是一个主要的研究领域。
IM spam, due to its similarity to email, can be countered with content analysis tools. Indeed, the same tools and techniques used for email will directly work for IM spam.
IM垃圾邮件,由于其与电子邮件的相似性,可以通过内容分析工具进行反击。事实上,用于电子邮件的相同工具和技术将直接用于IM垃圾邮件。
Black listing is an approach whereby the spam filter maintains a list of addresses that identify spammers. These addresses include both usernames (spammer@example.com) and entire domains (example.com). Pure blacklists are not very effective in email for two reasons. First, email addresses are easy to spoof, making it easy for the sender to pretend to be someone else. If the sender varies the addresses they send from, the black list becomes almost completely useless. The second problem is that, even if the sender doesn't forge the From address, email addresses are in almost limitless supply. Each domain contains an infinite supply of email addresses, and new domains can be obtained for very low cost. Furthermore, there will always be public providers that will allow users to obtain identities for almost no cost (for example, Yahoo or AOL mail accounts). The entire domain cannot be blacklisted because it contains so many valid users. Blacklisting needs to be for individual users. Those identities are easily changed.
黑名单是垃圾邮件过滤器维护识别垃圾邮件发送者的地址列表的一种方法。这些地址包括两个用户名(spammer@example.com)和整个域(example.com)。纯粹的黑名单在电子邮件中并不十分有效,原因有二。首先,电子邮件地址很容易被欺骗,这使得发件人很容易伪装成其他人。如果发送者改变了他们发送的地址,黑名单几乎完全没有用处。第二个问题是,即使发件人没有伪造发件人地址,电子邮件地址的供应几乎是无限的。每个域都包含无限的电子邮件地址,并且可以以非常低的成本获得新域。此外,总会有公共提供商允许用户以几乎无成本的方式获得身份(例如,雅虎或AOL邮件帐户)。整个域不能被列入黑名单,因为它包含太多有效用户。黑名单需要针对个人用户。这些身份很容易改变。
As a result, as long as identities are easy to manufacture, or zombies are used, black lists will have limited effectiveness for email.
因此,只要身份易于制造,或者使用僵尸,黑名单对电子邮件的效力就会有限。
Blacklists are also likely to be ineffective for SIP spam. Mechanisms for inter-domain authenticated identity for email and SIP are discussed in Section 4 and Section 5. Assuming these mechanisms are used and enabled in inter-domain communications, it becomes difficult to forge sender addresses. However, it still remains cheap to obtain a nearly infinite supply of addresses.
黑名单也可能对SIP垃圾邮件无效。第4节和第5节讨论了电子邮件和SIP的域间身份验证机制。假设在域间通信中使用并启用了这些机制,那么伪造发送方地址就变得很困难。然而,获得几乎无限的地址仍然很便宜。
White lists are the opposite of black lists. It is a list of valid senders that a user is willing to accept email from. Unlike black lists, a spammer cannot change identities to get around the white list. White lists are susceptible to address spoofing, but a strong identity authentication mechanism can prevent that problem. As a result, the combination of white lists and strong identity, as described in Section 4.2 and Section 5, are a good form of defense against spam.
白名单与黑名单相反。它是用户愿意接受电子邮件的有效发件人列表。与黑名单不同,垃圾邮件发送者不能改变身份来绕过白名单。白名单容易受到地址欺骗的影响,但强大的身份验证机制可以防止这一问题。因此,如第4.2节和第5节所述,白名单和强身份的结合是抵御垃圾邮件的一种良好形式。
However, they are not a complete solution, since they would prohibit a user from ever being able to receive email from someone who was not explicitly put on the white list. As a result, white lists require a solution to the "introduction problem" - how to meet someone for the first time, and decide whether they should be placed in the white list. In addition to the introduction problem, white lists demand time from the user to manage.
然而,它们并不是一个完整的解决方案,因为它们将禁止用户从没有明确列入白名单的人那里接收电子邮件。因此,白名单需要解决“介绍问题”——如何与某人初次见面,并决定是否将他们列入白名单。除了介绍问题,白名单还需要用户花时间来管理。
In IM systems, white lists have proven exceptionally useful at preventing spam. This is due, in no small part, to the fact that the white list exists naturally in the form of the buddy list. Users don't have to manage this list just for the purposes of spam prevention; it provides general utility, and assists in spam prevention for free. Many popular IM systems also have strong identity mechanisms since they do not allow communications with IM systems in other administrative domains. The introduction problem in these systems is solved with a consent framework, described below.
在即时通讯系统中,白名单被证明在防止垃圾邮件方面非常有用。这在很大程度上是由于白名单以好友名单的形式自然存在。用户不必仅仅为了防止垃圾邮件而管理此列表;它提供通用工具,并免费帮助防止垃圾邮件。许多流行的IM系统也具有强大的身份机制,因为它们不允许与其他管理域中的IM系统进行通信。这些系统中的引入问题通过许可框架解决,如下所述。
The success of white lists in IM systems has applicability to SIP as well. This is because SIP also provides a buddy list concept and has an advanced presence system as part of its specifications. The introduction problem remains. In email, techniques like Turing tests have been employed to address the introduction problem. Turing tests are considered further in the sections below. As with email, a technique for solving the introduction problem would need to be applied in conjunction with a white list.
IM系统中白名单的成功也适用于SIP。这是因为SIP还提供了好友列表的概念,并且作为其规范的一部分,它有一个高级的存在系统。引入问题仍然存在。在电子邮件中,图灵测试等技术被用来解决介绍问题。图灵测试将在以下章节中进一步考虑。与电子邮件一样,解决介绍问题的技巧需要与白名单结合使用。
If a user's computer is compromised and used a zombie, that computer can usually be used to send spam to anyone that has put the user on their white list.
如果用户的计算机遭到破坏并被僵尸使用,该计算机通常可用于向任何将用户列入白名单的人发送垃圾邮件。
A consent-based solution is used in conjunction with white or black lists. That is, if user A is not on user B's white or black list, and user A attempts to communicate with user B, user A's attempt is initially rejected, and they are told that consent is being requested. Next time user B connects, user B is informed that user A had attempted communications. User B can then authorize or reject user A.
基于同意的解决方案与白名单或黑名单结合使用。也就是说,如果用户A不在用户B的白名单或黑名单上,并且用户A尝试与用户B通信,则用户A的尝试最初被拒绝,并且他们被告知正在请求同意。下次用户B连接时,将通知用户B用户A已尝试通信。然后,用户B可以授权或拒绝用户A。
These kinds of consent-based systems are used widely in presence and IM. Since most of today's popular IM systems only allow communications within a single administrative domain, sender identities can be authenticated. Email often uses similar consent-based systems for mailing lists. They use a form of authentication based on sending cookies to an email address to verify that a user can receive mail at that address.
这些类型的基于同意的系统在存在和IM中被广泛使用。由于当今大多数流行的IM系统只允许在单个管理域内进行通信,因此可以对发送者身份进行身份验证。电子邮件通常使用类似的基于同意的邮件列表系统。他们使用一种基于向电子邮件地址发送cookie的身份验证形式来验证用户是否可以在该地址接收邮件。
This kind of consent-based communications has been standardized in SIP for presence, using the watcher information event package [7] and data format [8], which allow a user to find out that someone has subscribed. Then, the XML Configuration Access Protocol (XCAP) [10] is used, along with the XML format for presence authorization [11] to provide permission for the user to communicate.
这种基于同意的通信在SIP中已经标准化,使用了观察者信息事件包[7]和数据格式[8],允许用户发现有人已经订阅。然后,使用XML配置访问协议(XCAP)[10]以及存在授权的XML格式[11],为用户提供通信权限。
A consent framework has also been developed that is applicable to other forms of SIP communications [12]. However, this framework focuses on authorizing the addition of users to "mailing lists", known as exploders in SIP terminology. Though spammers typically use such exploder functions, presumably one run by a spammer would not use this technique. Consequently, this consent framework is not directly applicable to the spam problem. It is, however, useful as a tool for managing a white list. Through the PUBLISH mechanism, it allows a user to upload a permission document [13] that indicates that they will only accept incoming calls from a particular sender.
还开发了适用于其他形式SIP通信的同意框架[12]。然而,该框架侧重于授权将用户添加到“邮件列表”中,在SIP术语中称为爆炸器。虽然垃圾邮件发送者通常使用这种爆炸器功能,但据推测,由垃圾邮件发送者运行的爆炸器不会使用这种技术。因此,此同意框架不直接适用于垃圾邮件问题。但是,它作为管理白名单的工具很有用。通过发布机制,它允许用户上传一个权限文档[13],表明他们将只接受来自特定发件人的来电。
Can a consent framework, like the ones used for presence, help solve call spam? At first glance, it would seem to help a lot. However, it might just change the nature of the spam. Instead of being bothered with content, in the form of call spam or IM spam, users are bothered with consent requests. A user's "communications inbox" might instead be filled with requests for communications from a multiplicity of users. Those requests for communications don't convey much useful content to the user, but they can convey some. At the very least, they will convey the identity of the requester. The user part of the SIP URI allows for limited free form text, and thus could be used to convey brief messages. One can imagine receiving consent requests with identities like "sip:please-buy-my-product-at-this-website@spam.example.com", for example. Fortunately, it is possible to apply traditional content filtering systems to the header fields in the SIP messages, thus reducing these kinds of consent request attacks.
一个同意框架,比如用于状态的框架,能帮助解决呼叫垃圾邮件吗?乍一看,这似乎很有帮助。然而,它可能只是改变了垃圾邮件的性质。用户不必为内容而烦恼,比如呼叫垃圾邮件或即时消息垃圾邮件,而是为同意请求而烦恼。用户的“通信收件箱”可能会被来自多个用户的通信请求填满。这些通信请求不会向用户传达太多有用的内容,但它们可以传达一些有用的内容。至少,它们将传达请求者的身份。SIPURI的用户部分允许有限的自由格式文本,因此可以用来传递简短的消息。你可以想象收到的同意请求带有“sip:请在这里购买我的产品”这样的标识-website@spam.example.com“例如。幸运的是,可以将传统的内容过滤系统应用于SIP消息中的报头字段,从而减少此类同意请求攻击。
In order for the spammer to convey more extensive content to the user, the user must explicitly accept the request, and only then can the spammer convey the full content. This is unlike email spam, where, even though much spam is automatically deleted, some percentage of the content does get through, and is seen by users, without their explicit consent that they want to see it. Thus, if consent is required first, the value in sending spam is reduced, and perhaps it will cease for those spam cases where consent is not given to spammers.
为了让垃圾邮件发送者向用户传达更广泛的内容,用户必须明确接受请求,只有这样,垃圾邮件发送者才能传达完整的内容。这与电子邮件垃圾邮件不同,在电子邮件垃圾邮件中,即使许多垃圾邮件被自动删除,但仍有一定比例的内容能够通过,并被用户看到,而用户没有明确同意他们想看到它。因此,如果首先需要同意,则发送垃圾邮件的价值会降低,并且对于那些未向垃圾邮件发送者提供同意的垃圾邮件案例,发送垃圾邮件的价值可能会停止。
As such, the real question is whether or not the consent system would make it possible for a user to give consent to non-spammers and reject spammers. Authenticated identity can help. A user in an enterprise would know to give consent to senders in other enterprises in the same industry, for example. However, in the consumer space, if sip:bob@example.com tries to communicate with a user, how does that user determine whether Bob is a spammer or a long-lost friend from high school? There is no way based on the identity alone. In such a case, a useful technique is to grant permission for Bob to communicate but to ensure that the permission is extremely limited.
因此,真正的问题是同意系统是否能够让用户同意非垃圾邮件发送者并拒绝垃圾邮件发送者。身份验证可以有所帮助。例如,企业中的用户会知道同意同行业中其他企业的发件人。但是,在消费者空间中,如果sip:bob@example.com尝试与用户通信时,该用户如何确定Bob是垃圾邮件发送者还是高中时失散多年的朋友?单凭身份是不可能的。在这种情况下,一种有用的技术是授予Bob进行通信的权限,但要确保该权限非常有限。
In particular, Bob may be granted permission to send no more than 200 words of text in a single IM, which he can use to identify himself, so that the user can determine whether or not more permissions are appropriate. It may even be possible that an automated system could do some form of content analysis on this initial short message. However, this 200 words of text may be enough for a spammer to convey their message, in much the same way they might convey it in the user part of the SIP URI.
特别是,Bob可以被授予在单个IM中发送不超过200个单词的文本的权限,他可以使用该权限来识别自己,以便用户可以确定是否需要更多的权限。甚至有可能,一个自动化系统可以对这个最初的短消息进行某种形式的内容分析。然而,对于垃圾邮件发送者来说,这200个单词的文本可能足以传达他们的消息,这与他们在SIP URI的用户部分传达消息的方式大致相同。
Thus, it seems that a consent-based framework, along with white lists and black lists, cannot fully solve the problem for SIP, although it does appear to help.
因此,基于同意的框架,连同白名单和黑名单,似乎不能完全解决SIP的问题,尽管它看起来确实有帮助。
A reputation system is also used in conjunction with white or black lists. Assume that user A is not on user B's white list, and A attempts to contact user B. If a consent-based system is used, B is prompted to consent to communications from A, and along with the consent, a reputation score might be displayed in order to help B decide whether or not they should accept communications from A.
声誉系统还与白名单或黑名单结合使用。假设用户A不在用户B的白名单上,并且A尝试联系用户B。如果使用基于同意的系统,则提示B同意A的通信,并且在同意的同时,可能会显示声誉分数,以帮助B决定是否接受A的通信。
Traditionally, reputation systems are implemented in highly centralized messaging architectures; the most widespread reputation systems in messaging today have been deployed by monolithic instant messaging providers (though many Web sites with a high degree of interactivity employ very similar concepts of reputation). Reputation is calculated based on user feedback. For example, a button on the user interface of the messaging client might empower users to inform the system that a particular user is abusive. Of course, the input of any single user has to be insufficient to ruin one's reputation, but consistent negative feedback would give the abusive user a negative reputation score.
传统上,信誉系统是在高度集中的消息传递体系结构中实现的;当今消息传递中最广泛的声誉系统是由单一即时消息传递提供商部署的(尽管许多具有高度交互性的网站使用非常相似的声誉概念)。信誉是根据用户反馈来计算的。例如,消息传递客户机的用户界面上的按钮可能会授权用户通知系统某个特定用户存在虐待行为。当然,任何单个用户的输入都不足以毁掉一个人的声誉,但是持续的负面反馈会给滥用的用户一个负面的声誉分数。
Reputation systems have been successful in systems where centralization of resources (user identities, authentication, etc.) and monolithic control dominate. Examples of these include the large instant messaging providers that run IM systems that do not exchange messages with other administrative domains. That control, first of all, provides a relatively strong identity assertion for users (since all users trust a common provider, and the common provider is the arbiter of authentication and identity). Secondly, it provides a single place where reputation can be managed.
声誉系统在资源集中(用户身份、身份验证等)和单一控制占主导地位的系统中取得了成功。这些示例包括运行IM系统的大型即时消息提供商,这些IM系统不与其他管理域交换消息。该控件首先为用户提供了一个相对强大的身份断言(因为所有用户都信任一个公共提供者,而公共提供者是身份验证和身份验证的仲裁者)。其次,它提供了一个可以管理声誉的单一场所。
Reputation systems based on negative reputation scores suffer from many of the same problems as black lists, since effectively the consequence of having a negative reputation is that you are blacklisted. If identities are very easy to acquire, a user with a
基于负面声誉分数的声誉系统面临许多与黑名单相同的问题,因为负面声誉的后果实际上是你被列入黑名单。如果身份很容易获得,则具有
negative reputation will simply acquire a new identity. Moreover, negative reputation is generated by tattling, which requires users to be annoyed enough to click the warning button -- a process that can be abused. In some reputation systems, "reputation mafias" consisting of large numbers of users routinely bully or extort victims by threatening collectively to give victims a negative reputation.
负面声誉只会获得一个新的身份。此外,负面声誉是由流言蜚语产生的,这需要用户足够恼怒,点击警告按钮——这一过程可能被滥用。在一些声誉系统中,由大量用户组成的“声誉黑手党”经常通过集体威胁给予受害者负面声誉来欺负或勒索受害者。
Reputation systems based on positive reputation, where users praise each other for being good, rather than tattling on each other for being bad, have some similar drawbacks. Collectives of spammers, or just one spammer who acquires a large number identities, could praise one another in order to create an artificial positive reputation. Users similarly have to overcome the inertia required to press the "praise" button. Unlike negative reputation systems, however, positive reputation is not circumvented when users acquire a new identity, since basing authorization decisions on positive reputation is essentially a form of white listing.
基于正面声誉的声誉系统也有一些类似的缺点,在这种系统中,用户互相称赞对方的好,而不是互相指责对方的坏。垃圾邮件发送者的集体,或者仅仅一个获得大量身份的垃圾邮件发送者,可以互相表扬,以创造一个虚假的正面声誉。用户同样必须克服按下“表扬”按钮所需的惯性。然而,与负面声誉系统不同,当用户获得新身份时,正面声誉不会被规避,因为基于正面声誉的授权决策本质上是一种白名单形式。
So, while positive reputation systems are superior to negative reputation systems, they are far from perfect. Intriguingly, though, combining presence-based systems with reputation systems leads to an interesting fusion. The "buddy-list" concept of presence is, in effect, a white list - and one can infer that the users on one's buddy list are people whom you are "praising". This eliminates the problem of user inertia in the use of the "praise" button, and automates the initial establishment of reputation.
因此,尽管正面声誉系统优于负面声誉系统,但它们还远远不够完善。然而,有趣的是,将基于状态的系统与声誉系统相结合会导致有趣的融合。“好友列表”的存在概念实际上是一个白名单——你可以推断好友列表上的用户是你“赞扬”的人。这消除了用户在使用“表扬”按钮时的惯性问题,并自动化了声誉的初始建立。
And of course, your buddies in turn have buddies. Collectively, you and your buddies (and their buddies, and so on) constitute a social network of reputation. If there were a way to leverage this social network, it would eliminate the need for centralization of the reputation system. Your perception of a particular user's reputation might be dependent on your relationship to them in the social network: are they one buddy removed (strong reputation), four buddies removed (weaker reputation), three buddies removed but connected to you through several of your buddies, etc. This web of trust furthermore would have the very desirable property that circles of spammers adding one another to their own buddy lists would not affect your perception of their reputation unless their circle linked to your own social network.
当然,你的朋友也会有朋友。总的来说,你和你的伙伴(以及他们的伙伴,等等)构成了一个声誉的社会网络。如果有一种方法可以利用这个社交网络,它将消除声誉系统集中化的需要。您对特定用户声誉的感知可能取决于您在社交网络中与他们的关系:他们是否删除了一个好友(高声誉)、删除了四个好友(低声誉)、删除了三个好友但通过几个好友与您建立了联系,此外,这种信任网络还具有一个非常理想的特性,即垃圾邮件发送者的圈子相互添加到他们自己的好友列表中不会影响你对他们的声誉的感知,除非他们的圈子链接到你自己的社交网络。
If a users machine is compromised and turned into a zombie, this allows SPAM to be sent and may impact their reputation in a negative way. Once their reputation decreases, it becomes extremely difficult to reestablish a positive reputation.
如果用户的计算机被破坏并变成僵尸,这将允许发送垃圾邮件,并可能以负面方式影响其声誉。一旦他们的声誉下降,重建积极的声誉就变得极其困难。
Spammers build up their spam lists by gathering email addresses from Web sites and other public sources of information. One way to minimize spam is to make your address difficult or impossible to gather. Spam bots typically look for text in pages of the form "user@domain", and assume that anything of that form is an email address. To hide from such spam bots, many Web sites have recently begun placing email addresses in an obfuscated form, usable to humans but difficult for an automata to read as an email address. Examples include forms such as, "user at example dot com" or "j d r o s e n a t e x a m p l e d o t c o m".
垃圾邮件发送者通过从网站和其他公共信息源收集电子邮件地址来建立垃圾邮件列表。减少垃圾邮件的一种方法是使您的地址难以或无法收集。垃圾邮件机器人通常在表单的页面中查找文本”user@domain,并假设该形式的任何内容都是电子邮件地址。为了躲避这些垃圾邮件机器人,许多网站最近开始将电子邮件地址放在一种模糊的形式中,人类可以使用,但自动机很难将其理解为电子邮件地址。示例包括“示例网站上的用户”或“j d r o s e n a t e x a m p l e d o t c o m”等表格。
These techniques are equally applicable to prevention of SIP spam, and are likely to be as equally effective or ineffective in its prevention.
这些技术同样适用于SIP垃圾邮件的预防,并且在预防方面可能同样有效或无效。
It is worth mentioning that the source of addresses need not be a Web site - any publicly accessible service containing addresses will suffice. As a result, ENUM [9] has been cited as a potential gold mine for spammers. It would allow a spammer to collect SIP and other URIs by traversing the tree in e164.arpa and mining it for data. This problem is mitigated in part if only number prefixes, as opposed to actual numbers, appear in the DNS. Even in that case, however, it provides a technique for a spammer to learn which phone numbers are reachable through cheaper direct SIP connectivity.
值得一提的是,地址的来源不一定是一个网站——任何包含地址的可公开访问的服务就足够了。因此,ENUM[9]被认为是垃圾邮件发送者的潜在金矿。它允许垃圾邮件发送者通过遍历e164.arpa中的树并挖掘数据来收集SIP和其他URI。如果DNS中只出现数字前缀,而不是实际数字,则部分缓解了此问题。然而,即使在这种情况下,它也为垃圾邮件发送者提供了一种技术,让他们了解通过更便宜的直接SIP连接可以访问哪些电话号码。
A related technique to address obfuscation is limited-use addresses. In this technique, a user has a large number of email addresses at their disposal, each of which has constraints on its applicability. A limited-use address can be time-bound, so that it expires after a fixed period. Or, a different email address can be given to each correspondent. When spam arrives from that correspondent, the limited-use address they were given is terminated. In another variation, the same limited-use address is given to multiple users that share some property; for example, all work colleagues, all coworkers from different companies, all retailers, and so on. Should spam begin arriving on one of the addresses, it is invalidated, preventing communications from anyone else that received the limited use address.
地址混淆的相关技术是有限使用地址。在这种技术中,用户有大量的电子邮件地址可供使用,每个地址的适用性都受到限制。有限使用地址可以是有时间限制的,以便在固定期限后过期。或者,可以为每个通讯员提供不同的电子邮件地址。当该通讯员收到垃圾邮件时,他们获得的有限使用地址将被终止。在另一个变体中,相同的有限使用地址被给予共享某些属性的多个用户;例如,所有同事、来自不同公司的所有同事、所有零售商,等等。如果垃圾邮件开始到达其中一个地址,它将无效,从而阻止接收有限使用地址的任何其他人的通信。
This technique is equally applicable to SIP. One of the drawbacks of the approach is that it can make it hard for people to reach you; if an email address you hand out to a friend becomes spammed, changing it requires you to inform your friend of the new address. SIP can help solve this problem in part, by making use of presence [6].
该技术同样适用于SIP。这种方法的缺点之一是,它会使人们很难找到你;如果您发送给朋友的电子邮件地址被垃圾邮件,更改它需要您通知您的朋友新地址。SIP可以通过利用存在[6]部分地帮助解决这个问题。
Instead of handing out your email address to your friends, you would hand out your presence URI. When a friend wants to send you an email, they subscribe to your presence (indeed, they are likely to be continuously subscribed from a buddy list application). The presence data can include an email address where you can be reached. This email address can be obfuscated and be of single use, different for each buddy who requests your presence. They can also be constantly changed, as these changes are pushed directly to your buddies. In a sense, the buddy list represents an automatically updated address book, and would therefore eliminate the problem.
你不会把你的电子邮件地址发给你的朋友,你会把你的状态URI发给他们。当朋友想给你发电子邮件时,他们会订阅你的状态(事实上,他们很可能会从好友列表应用程序中连续订阅)。状态数据可以包括可以联系到您的电子邮件地址。此电子邮件地址可能会被混淆,并且是一次性使用的,每个请求您出席的好友都会有所不同。他们也可以不断地改变,因为这些改变直接推给你的朋友。从某种意义上说,好友列表代表一个自动更新的地址簿,因此可以消除这个问题。
Another approach is to give a different address to each and every correspondent, so that it is never necessary to tell a "good" user that an address needs to be changed. This is an extreme form of limited-use addresses, which can be called a single-use address. Mechanisms are available in SIP for the generation of [16] an infinite supply of single use addresses. However, the hard part remains a useful mechanism for distribution and management of those addresses.
另一种方法是给每个通讯员一个不同的地址,这样就不必告诉“好”用户地址需要更改。这是有限使用地址的一种极端形式,可以称为单次使用地址。SIP中的机制可用于生成[16]无限量的一次性地址。然而,困难的部分仍然是分发和管理这些地址的有用机制。
In email, Turing tests are mechanisms whereby the sender of the message is given some kind of puzzle or challenge, which only a human can answer (since Turing tests rely on video or audio puzzles, they sometimes cannot be solved by individuals with handicaps). These tests are also known as captchas (Completely Automated Public Turing test to tell Computers and Humans Apart). If the puzzle is answered correctly, the sender is placed on the user's white list. These puzzles frequently take the form of recognizing a word or sequence of numbers in an image with a lot of background noise. The tests need to be designed such that automata cannot easily perform the image recognition needed to extract the word or number sequence, but a human user usually can. Designing such tests is not easy, since ongoing advances in image processing and artificial intelligence continually raise the bar. Consequently, the effectiveness of captchas are tied to whether spammers can come up with or obtain algorithms for automatically solving them.
在电子邮件中,图灵测试是一种机制,通过这种机制,信息的发送者会被给予某种只有人类才能回答的谜题或挑战(因为图灵测试依赖于视频或音频谜题,所以有时残疾人无法解决这些问题)。这些测试也称为CAPTCHA(区分计算机和人类的全自动公共图灵测试)。如果谜题回答正确,发送者将被置于用户的白名单上。这些谜题通常采取的形式是在背景噪声很大的图像中识别单词或数字序列。测试的设计需要确保自动机无法轻松执行提取单词或数字序列所需的图像识别,但人类用户通常可以。设计这样的测试并不容易,因为图像处理和人工智能的不断进步不断提高标准。因此,验证码的有效性取决于垃圾邮件发送者是否能够想出或获得自动解决这些问题的算法。
Like many of the other email techniques, Turing tests are dependent on sender identity, which cannot easily be authenticated in email.
和许多其他电子邮件技术一样,图灵测试依赖于发件人身份,而发件人身份在电子邮件中很难验证。
Turing tests can be used to prevent IM spam in much the same way they can be used to prevent email spam.
图灵测试可以用来防止IM垃圾邮件,就像它们可以用来防止电子邮件垃圾邮件一样。
Turing tests can be applied to call spam as well, although not directly, because call spam does not usually involve the transfer of images and other content that can be used to verify that a human is
图灵测试也可以应用于呼叫垃圾邮件,尽管不是直接的,因为呼叫垃圾邮件通常不涉及图像和其他内容的传输,这些内容可用于验证人是否是垃圾邮件
on the other end. If most of the calls are voice, the technique needs to be adapted to voice. This is not that difficult to do. Here is how it could be done. User A calls user B and is not on user B's white or black list. User A is transferred to an Interactive Voice Response (IVR) system. The IVR system tells the user that they are going to hear a series of numbers (say 5 of them), and that they have to enter those numbers on the keypad. The IVR system reads out the numbers while background music is playing, making it difficult for an automated speech recognition system to be applied to the media. The user then enters the numbers on their keypad. If they are entered correctly, the user is added to the white list.
在另一端。如果大多数通话都是语音通话,则该技术需要适应语音。这并不难做到。以下是如何做到这一点。用户A呼叫用户B并且不在用户B的白名单或黑名单上。用户A被传送到交互式语音应答(IVR)系统。IVR系统告诉用户,他们将听到一系列数字(比如5个),他们必须在键盘上输入这些数字。IVR系统在播放背景音乐时读取数字,这使得自动语音识别系统难以应用于媒体。然后用户在键盘上输入数字。如果输入正确,用户将被添加到白名单中。
This kind of voice-based Turing test is easily extended to a variety of media, such as video and text, and user interfaces by making use of the SIP application interaction framework [14]. This framework allows client devices to interact with applications in the network, where such interaction is done with stimulus signaling, including keypads (supported with the Keypad Markup Language [15]), but also including Web browsers, voice recognition, and so on. The framework allows the application to determine the media capabilities of the device (or user, in cases where they are handicapped) and interact with them appropriately.
通过使用SIP应用程序交互框架,这种基于语音的图灵测试很容易扩展到各种媒体,如视频和文本,以及用户界面[14]。该框架允许客户端设备与网络中的应用程序进行交互,这种交互通过刺激信号完成,包括键盘(由键盘标记语言[15]支持),但也包括Web浏览器、语音识别等。该框架允许应用程序确定设备(或用户,如果他们有残疾)的媒体能力,并与他们进行适当的交互。
In the case of voice, the Turing test would need to be made to run in the language of the caller. This is possible in SIP, using the Accept-Language header field, though this is not widely used at the moment, and meant for languages of SIP message components, not the media streams.
对于语音,需要使用调用者的语言运行图灵测试。这在SIP中是可能的,使用Accept Language header字段,尽管目前还没有广泛使用,这意味着SIP消息组件的语言,而不是媒体流。
The primary problem with the voice Turing test is the same one that email tests have: instead of having an automata process the test, a spammer can pay cheap workers to take the tests. Assuming cheap labor in a poor country can be obtained for about 60 cents per hour, and assuming a Turing test of a 30-second duration, this is about 0.50 cents per test and thus 0.50 cents per message to send an IM spam. Lower labor rates would reduce this further; the number quoted here is based on real online bids in September of 2006 made for actual work of this type.
语音图灵测试的主要问题与电子邮件测试的问题相同:垃圾邮件发送者可以支付廉价工人参加测试,而不是让自动机处理测试。假设贫穷国家的廉价劳动力每小时只需60美分,假设图灵测试持续时间为30秒,则每次测试约为0.50美分,因此发送IM垃圾邮件的每封邮件为0.50美分。较低的劳动率将进一步降低这一水平;此处引用的数字基于2006年9月针对此类实际工作进行的实际在线投标。
As an alternative to paying cheap workers to take the tests, the tests can be taken by human users that are tricked into completing the tests in order to gain access to what they believe is a legitimate resource. This was done by a spambot that posted the tests on a pornography site, and required users to complete the tests in order to gain access to content.
作为支付廉价工人参加测试的替代方案,测试可以由被欺骗完成测试的人类用户进行,以获得他们认为合法的资源。这是由一家spambot公司完成的,该公司将测试结果发布在色情网站上,并要求用户完成测试以获取内容。
Due to these limitations, Turing tests may never completely solve the problem.
由于这些限制,图灵测试可能永远无法完全解决问题。
This technique is similar to Turing tests. When user A tries to communicate with user B, user B asks user A to perform a computation and pass the result back. This computation has to be something a human user cannot perform and something expensive enough to increase user A's cost to communicate. This cost increase has to be high enough to make it prohibitively expensive for spammers but inconsequential for legitimate users.
这种技术类似于图灵测试。当用户A尝试与用户B通信时,用户B要求用户A执行计算并将结果传回。这种计算必须是人类用户无法执行的,并且成本高得足以增加用户a的通信成本。这一成本的增加必须足够高,使其对垃圾邮件发送者来说过于昂贵,但对合法用户来说却无关紧要。
One of the problems with the technique is that there is wide variation in the computational power of the various clients that might legitimately communicate. The CPU speed on a low-end cell phone is around 50 MHz, while a high-end PC approaches 5 GHz. This represents almost two orders of magnitude difference. Thus, if the test is designed to be reasonable for a cell phone to perform, it is two orders of magnitude cheaper to perform for a spammer on a high-end machine. Recent research has focused on defining computational puzzles that challenge the CPU/memory bandwidth, as opposed to just the CPU [26]. It seems that there is less variety in the CPU/memory bandwidth across devices, roughly a single order of magnitude.
该技术的一个问题是,可能合法通信的各种客户端的计算能力存在很大差异。低端手机的CPU速度约为50 MHz,而高端PC的CPU速度接近5 GHz。这代表了几乎两个数量级的差异。因此,如果测试的目的是合理的手机执行,它是两个数量级的便宜执行的垃圾邮件发送者在高端机器上。最近的研究集中于定义挑战CPU/内存带宽的计算难题,而不仅仅是CPU[26]。似乎不同设备之间的CPU/内存带宽变化较小,大约只有一个数量级。
Recent work [28] suggests that, due to the ability of spammers to use virus-infected machines (also known as zombies) to generate the spam, the amount of computational power available to the spammers is substantial, and it may be impossible to have them compute a puzzle that is sufficiently hard that will not also block normal emails. If combined with white listing, computational puzzles would only be utilized for new communications partners. Of course, if the partner on the white list is a zombie, spam will come from that source. The frequency of communications with new partners is arguably higher for email than for multimedia, and thus the computational puzzle techniques may be more effective for SIP than for email in dealing with the introduction problem.
最近的研究[28]表明,由于垃圾邮件发送者能够使用受病毒感染的机器(也称为僵尸)来生成垃圾邮件,因此垃圾邮件发送者可用的计算能力是巨大的,并且可能不可能让他们计算出一个足够难的谜题,而该谜题也不会阻止正常的电子邮件。如果结合白名单,计算难题将只用于新的通信合作伙伴。当然,如果白名单上的合作伙伴是一个僵尸,垃圾邮件将来自该来源。电子邮件与新合作伙伴的通信频率可能比多媒体更高,因此,在处理介绍问题时,计算谜题技术对于SIP可能比电子邮件更有效。
These techniques are an active area of research right now, and any results for email are likely to be usable for SIP.
这些技术目前是一个活跃的研究领域,电子邮件的任何结果都有可能用于SIP。
This approach has been proposed for email [27]. When user A sends email to user B, user A deposits a small amount of money (say, one dollar) into user B's account. If user B decides that the message is not spam, user B refunds this money back to user A. If the message is spam, user B keeps the money. This technique requires two transactions to complete: a transfer from A to B, and a transfer from B back to A. The first transfer has to occur before the message can be received in order to avoid reuse of "pending payments" across
这种方法已被提议用于电子邮件[27]。当用户A向用户B发送电子邮件时,用户A向用户B的帐户中存入一小笔钱(比如一美元)。如果用户B决定该邮件不是垃圾邮件,用户B将这笔钱退还给用户A。如果该邮件是垃圾邮件,用户B保留这笔钱。这种技术需要两个事务来完成:从a到B的传输,以及从B到a的传输。第一个传输必须在收到消息之前进行,以避免在整个系统中重复使用“待定付款”
several messages, which would eliminate the utility of the solution. The second one then needs to occur when the message is found not to be spam.
多条消息,这将消除解决方案的效用。当发现邮件不是垃圾邮件时,需要执行第二个操作。
This technique appears just as applicable to call spam and IM spam as it is to email spam. Like many of the other techniques, this exchange would only happen the first time you talk to people. Its proper operation therefore requires a good authenticated identity infrastructure.
这种技术似乎同样适用于呼叫垃圾邮件和IM垃圾邮件,就像它适用于电子邮件垃圾邮件一样。像许多其他技术一样,这种交流只会在你第一次与人交谈时发生。因此,它的正常运行需要良好的身份验证基础设施。
This technique has the potential to make it arbitrarily expensive to send spam of any sort. However, it relies on cheap micro-payment techniques on the Internet. Traditional costs for Internet payments are around 25 cents per transaction, which would probably be prohibitive. However, recent providers have been willing to charge 15% of the transaction for small transactions, as small as one cent. This cost would have to be shouldered by users of the system. The cost that would need to be shouldered per user is equal to the number of messages from unknown senders (that is, senders not on the white list) that are received. For a busy user, assume about 10 new senders per day. If the deposit is 5 cents, the transaction provider would take 0.75 cents and deliver 4.25 cents. If the sender is allowed, the recipient returns 4.25 cents, the provider takes 0.64 cents, and returns 3.6 cents. This costs the sender 0.65 cents on each transaction, if it was legitimate. If there are ten new recipients per day, that is US $1.95 per month, which is relatively inexpensive.
这种技术有可能使发送任何形式的垃圾邮件的成本变得任意昂贵。然而,它依赖于互联网上廉价的小额支付技术。互联网支付的传统成本约为每笔交易25美分,这可能会让人望而却步。然而,最近的供应商愿意对小额交易收取15%的交易费用,仅为1美分。这项费用必须由系统用户承担。每个用户需要承担的成本等于收到来自未知发件人(即不在白名单上的发件人)的邮件数。对于忙碌的用户,假设每天有10个新发件人。如果存款为5美分,交易提供商将收取0.75美分,交付4.25美分。如果允许发件人,则收件人返回4.25美分,提供程序接收0.64美分,返回3.6美分。如果合法的话,发送方每次交易的费用为0.65美分。如果每天有十个新的接受者,那就是每月1.95美元,这是相对便宜的。
Assuming a micro-payment infrastructure exists, another problem with payment-at-risk is that it loses effectiveness when there are strong inequities in the value of currency between sender and recipient. For example, a poor person in a Third World country might keep the money in each mail message, regardless of whether it is spam. Similarly, a poor person might not be willing to include money in an email, even if legitimate, for fear that the recipient might keep it. If the amount of money is lowered to help handle these problems, it might become sufficiently small that spammers can just afford to spend it.
假设存在小额支付基础设施,风险支付的另一个问题是,当发送方和接收方之间的货币价值存在严重不平等时,它就会失去效力。例如,第三世界国家的穷人可能会把钱存在每封邮件中,而不管它是否是垃圾邮件。同样,穷人可能不愿意在电子邮件中包含金钱,即使是合法的,因为他们担心收件人可能会保留它。如果降低金额以帮助解决这些问题,那么金额可能会变得足够小,以至于垃圾邮件发送者只能负担得起。
In this solution, countries pass laws that prohibit spam. These laws could apply to IM or call spam just as easily as they could apply to email spam. There is a lot of debate about whether these laws would really be effective in preventing spam.
在这个解决方案中,各国通过了禁止垃圾邮件的法律。这些法律可以适用于IM或呼叫垃圾邮件,就像适用于电子邮件垃圾邮件一样简单。关于这些法律是否真的能有效防止垃圾邮件,有很多争论。
As a recent example in the US, "do not call" lists seem to be effective. However, due to the current cost of long-distance phone
美国最近的一个例子是,“不要打电话”列表似乎很有效。然而,由于目前长途电话的成本
calls, the telemarketing is coming from companies within the US. As such, calls from such telemarketers can be traced. If a telemarketer violates the "do not call" list, the trace allows legal action to be taken against them. A similar "do not irritate" list for VoIP or for email would be less likely to work because the spam is likely to come from international sources. This problem could be obviated if there was a strong way to identify the sender's legal entity, and then determine whether it was in a jurisdiction where it was practical to take legal action against them. If the spammer is not in such a jurisdiction, the SIP spam could be rejected.
电话,电话营销来自美国境内的公司。因此,这些电话销售人员的电话可以追踪。如果电话销售员违反了“禁止呼叫”列表,跟踪允许对其采取法律行动。类似的VoIP或电子邮件“请勿打扰”列表不太可能奏效,因为垃圾邮件可能来自国际来源。如果有一种强有力的方法来确定发送者的法律实体,然后确定其是否在对其采取法律行动切实可行的司法管辖区内,这个问题就可以避免。如果垃圾邮件发送者不在此类管辖区内,SIP垃圾邮件可能会被拒绝。
There are also schemes that cause laws other than anti-spam laws to be broken if spam is sent. This does not inherently reduce SPAM, but it allows more legal options to be brought to bear against the spammer. For example, Habeas <http://www.habeas.com> inserts material in the header that, if it was inserted by a spammer without an appropriate license, would allegedly causes the spammer to violate US copyright and trademark laws, possibly reciprocal laws, and similar laws in many countries.
如果发送垃圾邮件,还有一些方案会导致违反反垃圾邮件法律以外的法律。这并不能从本质上减少垃圾邮件,但它允许更多的法律选择来对抗垃圾邮件发送者。例如,人身保护<http://www.habeas.com>在标题中插入材料,如果该材料是由垃圾邮件发送者在没有适当许可证的情况下插入的,则据称会导致垃圾邮件发送者违反美国版权和商标法,可能是互惠法,以及许多国家的类似法律。
In this model, a group of domains (e.g., a set of enterprises) all get together. They agree to exchange SIP calls amongst each other, and they also agree to introduce a fine should any one of them be caught spamming. Each company would then enact measures to terminate employees who spam from their accounts.
在这个模型中,一组域(例如,一组企业)都聚集在一起。他们同意互相交换SIP电话,并且他们还同意,如果其中任何一人被抓到发送垃圾邮件,将处以罚款。然后,每家公司都将制定措施,终止从其账户发送垃圾邮件的员工。
This technique relies on secure inter-domain authentication - that is, domain B can know that messages are received from domain A. In SIP, this is readily provided by usage of the mutually authenticated Transport Level Security (TLS)[22] between providers or SIP Identity [17].
该技术依赖于安全域间身份验证,即域B可以知道消息是从域A接收的。在SIP中,这可以通过在提供者之间使用相互认证的传输级别安全性(TLS)[22]或SIP标识[17]来实现。
This kind of technique works well for small domains or small sets of providers, where these policies can be easily enforced. However, it is unclear how well it scales up. Could a very large domain truly prevent its users from spamming? At what point would the network be large enough that it would be worthwhile to send spam and just pay the fine? How would the pricing be structured to allow both small and large domains alike to participate?
这种技术适用于小型域或小型提供者集,在这些域或提供者集中可以轻松实施这些策略。然而,目前尚不清楚它的扩展程度如何。一个非常大的域名真的能阻止它的用户发送垃圾邮件吗?什么时候网络会足够大,值得发送垃圾邮件并支付罚款?定价将如何安排,以允许小型和大型域名同样参与?
This technique is a variation on the circles of trust described in Section 3.12. A small number of providers get established as "inter-domain SIP providers". These providers act as a SIP-equivalent to the interexchange carriers in the PSTN. Every enterprise, consumer
该技术是第3.12节所述信任圈的一种变体。少数提供者被建立为“域间SIP提供者”。这些提供商充当相当于PSTN中交换间载波的SIP。每个企业、每个消费者
SIP provider, or other SIP network (call these the local SIP providers) connects to one of these inter-domain providers. The local SIP providers only accept SIP messages from their chosen inter-domain provider. The inter-domain provider charges the local provider, per SIP message, for the delivery of SIP messages to other local providers. The local provider can choose to pass on this cost to its own customers if it so chooses.
SIP提供者或其他SIP网络(称为本地SIP提供者)连接到这些域间提供者之一。本地SIP提供商仅接受来自其所选域间提供商的SIP消息。域间提供商根据SIP消息向本地提供商收取向其他本地提供商传递SIP消息的费用。当地供应商可以选择将此成本转嫁给自己的客户(如果其选择的话)。
The inter-domain SIP providers then form bi-lateral agreements with each other, exchanging SIP messages according to strict contracts. These contracts require that each of the inter-domain providers be responsible for charging a minimum per-message fee to their own customers. Extensive auditing procedures can be put into place to verify this. Besides such contracts, there may or may not be a flow of funds between the inter-domain providers.
域间SIP提供者然后彼此形成双边协议,根据严格的契约交换SIP消息。这些合同要求每个域间提供商负责向其客户收取最低的每条消息费用。可以实施广泛的审计程序来验证这一点。除此类合同外,域间提供商之间可能存在资金流,也可能不存在资金流。
The result of such a system is that a fixed cost can be associated with sending a SIP message, and that this cost does not require micro-payments to be exchanged between local providers, as it does in Section 3.10. Since all of the relationships are pre-established and negotiated, cheaper techniques for monetary transactions (such as monthly post-paid transactions) can be used.
这种系统的结果是,发送SIP消息可能会产生固定成本,并且这种成本不需要在本地提供商之间交换小额支付,如第3.10节所述。由于所有的关系都是预先建立和协商的,因此可以使用更便宜的货币交易技术(例如每月后付费交易)。
This technique can be made to work in SIP, whereas it cannot in email, because inter-domain SIP connectivity has not yet been broadly established. In email, there already exists a no-cost form of inter-domain connectivity that cannot be eliminated without destroying the utility of email. If, however, SIP inter-domain communications get established from the start using this structure, there is a path to deployment.
这种技术可以在SIP中使用,但不能在电子邮件中使用,因为域间SIP连接尚未广泛建立。在电子邮件中,已经存在一种无成本的域间连接形式,如果不破坏电子邮件的效用,就无法消除这种连接。但是,如果使用此结构从一开始就建立SIP域间通信,则有一条部署路径。
This structure is more or less the same as the one in place for the PSTN today, and since there is relatively little spam on the PSTN (compared to email!), there is some proof that this kind of arrangement can work. However, centralized architectures as these are deliberately eschewed because they put back into SIP much of the complexity and monopolistic structures that the protocol aims to eliminate.
这种结构与现在的PSTN大致相同,而且由于PSTN上的垃圾邮件相对较少(与电子邮件相比!),因此有一些证据表明这种安排是可行的。然而,由于这些集中式体系结构将协议旨在消除的许多复杂性和垄断性结构放回到SIP中,因此故意避开了这些集中式体系结构。
Though not a form of anti-spam in and of itself, authenticated or verifiable identities are a key part of making other anti-spam mechanisms work. Many of the techniques described above are most effective when combined with a white or black list, which itself requires a strong form of identity.
虽然身份验证或可验证身份本身并不是反垃圾邮件的一种形式,但它是使其他反垃圾邮件机制发挥作用的关键部分。当与白名单或黑名单相结合时,上述许多技术最为有效,而白名单或黑名单本身就需要强有力的身份证明。
In email, two types of authenticated identity have been developed - sender checks and signature-based solutions.
在电子邮件中,已经开发了两种类型的身份验证—发件人检查和基于签名的解决方案。
In email, DNS resource records have been defined that will allow a domain that receives a message to verify that the sender is a valid Message Transfer Agent (MTA) for the sending domain [18] [19] [20] [21]. They don't prevent spam by themselves, but may help in preventing spoofed emails. As has been mentioned several times, a form of strong authenticated identity is key in making many other anti-spam techniques work.
在电子邮件中,已定义DNS资源记录,允许接收邮件的域验证发件人是否是发送域的有效邮件传输代理(MTA)[18][19][20][21]。它们本身并不能防止垃圾邮件,但可能有助于防止被欺骗的电子邮件。正如已经多次提到的,一种形式的强身份验证是许多其他反垃圾邮件技术发挥作用的关键。
Are these techniques useful for SIP? They can be used for SIP but are not necessary. In SIP, TLS with mutual authentication can be used inter-domain. A provider receiving a message can then reject any message coming from a domain that does not match the asserted identity of the sender of the message. Such a policy only works in the "trapezoid" model of SIP, whereby there are only two domains in any call - the sending domain, which is where the originator resides, and the receiving domain. These techniques are discussed in Section 26.3.2.2 of RFC 3261 [2]. In forwarding situations, the assumption no longer holds and these techniques no longer work. However, the authenticated identity mechanism for SIP, discussed in Section 5, does work in more complex network configurations and provides fairly strong assertion of identity.
这些技术对SIP有用吗?它们可以用于SIP,但不是必需的。在SIP中,可以在域间使用具有相互认证的TLS。然后,接收消息的提供者可以拒绝来自与消息发送者的断言标识不匹配的域的任何消息。这样的策略只适用于SIP的“梯形”模型,即在任何呼叫中只有两个域-发送域(发起者所在的域)和接收域。RFC 3261[2]第26.3.2.2节讨论了这些技术。在转发情况下,假设不再成立,这些技术也不再有效。然而,第5节中讨论的SIP的身份验证机制确实适用于更复杂的网络配置,并提供相当强的身份断言。
Domain Keys Identified Mail (DKIM) Signatures [23] (and several non-standard techniques that preceded it) provide strong identity assertions by allowing the sending domain to sign an email, and then providing mechanisms by which the receiving MTA or Mail User Agent (MUA) can validate the signature.
域密钥标识邮件(DKIM)签名[23](以及之前的几种非标准技术)通过允许发送域对电子邮件进行签名,然后提供接收MTA或邮件用户代理(MUA)可以验证签名的机制,提供了强大的身份断言。
Unfortunately, when used with blacklists, this kind of authenticated identity is only as useful as the fraction of the emails that utilize it. This is partly true for white lists as well; if any unauthenticated email is accepted for an address on a white list, a spammer can spoof that address. However, a white list can be effective with limited deployment of DKIM if all the people on the white list are those whose domains are utilizing the mechanism, and the users on that white list aren't zombies.
不幸的是,当与黑名单一起使用时,这种经过身份验证的身份仅与使用它的电子邮件的一小部分一样有用。白名单也是如此;如果白名单上的某个地址接受了任何未经验证的电子邮件,则垃圾邮件发送者可以伪造该地址。但是,如果白名单上的所有人都是其域正在使用该机制的人,并且白名单上的用户不是僵尸,那么白名单可以有效地限制DKIM的部署。
This kind of identity mechanism is also applicable to SIP, and is in fact, exactly what is defined by SIP's authenticated identity mechanism [17].
这种身份机制也适用于SIP,事实上,这正是SIP的认证身份机制所定义的[17]。
Other signature-based approaches for email include S/MIME[24] and OpenPGP[25].
其他基于签名的电子邮件方法包括S/MIME[24]和OpenPGP[25]。
One of the key parts of many of the solutions described above is the ability to securely identify the sender of a SIP message. SIP provides a secure solution for this problem, called SIP Identity [17], and it is important to discuss it here.
上述许多解决方案的关键部分之一是能够安全地识别SIP消息的发送者。SIP为这个问题提供了一个安全的解决方案,称为SIP标识[17],在这里讨论它很重要。
The solution starts by having each domain authenticate its own users. SIP provides HTTP digest authentication as part of the core SIP specification, and all clients and servers are required to support it. Indeed, digest is widely deployed for SIP. However, digest alone has many known vulnerabilities, most notably offline dictionary attacks. These vulnerabilities are all resolved by having each client maintain a persistent TLS connection to the server. The client verifies the server identity using TLS, and then authenticates itself to the server using a digest exchange over TLS. This technique, which is also documented in RFC 3261, is very secure but not widely deployed yet. In the long term, this approach will be necessary for the security properties needed to prevent SIP spam.
解决方案首先让每个域对其自己的用户进行身份验证。SIP提供HTTP摘要身份验证作为核心SIP规范的一部分,所有客户端和服务器都需要支持它。事实上,digest广泛用于SIP。然而,digest本身就存在许多已知的漏洞,最明显的是离线字典攻击。通过让每个客户端保持与服务器的持久TLS连接,可以解决所有这些漏洞。客户机使用TLS验证服务器标识,然后使用TLS上的摘要交换向服务器进行身份验证。这项技术也记录在RFC3261中,非常安全,但尚未广泛部署。从长远来看,这种方法对于防止SIP垃圾邮件所需的安全属性是必要的。
Once a domain has authenticated the identity of a user, when it relays a message from that user to another domain, the sending domain can assert the identity of the sender, and include a signature to validate that assertion. This is done using the SIP identity mechanism [17].
一旦一个域验证了一个用户的身份,当它将一条消息从该用户转发到另一个域时,发送域可以断言发送者的身份,并包含一个签名来验证该断言。这是使用SIP标识机制完成的[17]。
A weaker form of identity assertion is possible using the P-Asserted-Identity header field [5], but this technique requires mutual trust among all domains. Unfortunately, this becomes exponentially harder to provide as the number of interconnected domains grows. As that happens, the value of the identity assertion becomes equal to the trustworthiness of the least trustworthy domain. Since spam is a consequence of the receiving domain not being able to trust the sending domains to disallow the hosts in the sending to send spam, the P-Asserted-Identity technique becomes ineffective at exactly the same levels of interconnectedness that introduce spam.
使用P-Asserted-identity报头字段[5]可以实现较弱形式的身份断言,但这种技术需要所有域之间的相互信任。不幸的是,随着互联域数量的增加,这一点变得越来越难以提供。此时,标识断言的值等于最不可信域的可信度。由于垃圾邮件是由于接收域无法信任发送域,从而不允许发送域中的主机发送垃圾邮件造成的,因此P-Asserted-Identity技术在引入垃圾邮件的相同互连级别上变得无效。
Consider the following example to help illustrate this fact. A malicious domain -- let us call them spam.example.com, would like to send SIP INVITE requests with false P-Asserted-Identity, indicating users outside of its own domain. spam.example.com finds a regional SIP provider in a small country who, due to its small size and disinterest in spam, accepts any P-Asserted-Identity from its customers without verification. This provider, in turn, connects to a larger, interconnect provider. They do ask each of their customers
考虑下面的例子来帮助说明这个事实。一个恶意域(我们称之为spam.example.com)想要发送带有虚假P-Asserted-Identity的SIP INVITE请求,表示其自己域之外的用户。spam.example.com在一个小国找到一家区域SIP提供商,由于其规模小且对垃圾邮件不感兴趣,该提供商未经验证就接受其客户的任何P-Asserted-Identity。此提供程序依次连接到更大的互连提供程序。他们确实会问每一位顾客
to verify P-Asserted-Identity but have no easy way of enforcing it. This provider, in turn, connects to everyone else. As a consequence, the spam.example.com domain is able to inject calls with a spoofed caller ID. This request can be directed to any recipient reachable through the network (presumably everyone due to the large size of the root provider). There is no way for a recipient to know that this particular P-Asserted-Identity came from this bad spam.example.com domain. As the example shows, even though the central provider's policy is good, the overall effectiveness of P-Asserted-Identity is still only as good as the policies of the weakest link in the chain.
验证P-Asserted-Identity,但没有简单的强制方法。这个提供者反过来连接到其他所有人。因此,spam.example.com域能够使用伪造的呼叫者ID注入呼叫。此请求可以定向到通过网络可访问的任何收件人(可能是由于根提供程序的大容量,每个人都可以)。收件人无法知道此特定的P-Asserted-Identity来自此bad spam.example.com域。如示例所示,即使中央提供者的策略是好的,P-Asserted-Identity的总体有效性仍然与链中最薄弱环节的策略一样好。
SIP also defines the usage of TLS between domains, using mutual authentication, as part of the base specification. This technique provides a way for one domain to securely determine that it is talking to a server that is a valid representative of another domain.
作为基本规范的一部分,SIP还使用相互认证定义域之间TLS的使用。此技术为一个域提供了一种方法,可以安全地确定它正在与另一个域的有效代表服务器通信。
Unfortunately, there is no magic bullet for preventing SIP spam, just as there is none for email spam. However, the combination of several techniques can provide a framework for dealing with spam in SIP. This section provides recommendations for network designers in order to help mitigate the risk of spam.
不幸的是,没有防止SIP垃圾邮件的灵丹妙药,就像没有防止电子邮件垃圾邮件的灵丹妙药一样。然而,多种技术的结合可以提供一个在SIP中处理垃圾邮件的框架。本节为网络设计师提供建议,以帮助降低垃圾邮件的风险。
There are four core recommendations that can be made:
可以提出四项核心建议:
Strong Identity: Firstly, in almost all of the solutions discussed above, there is a dependency on the ability to authenticate the sender of a SIP message inter-domain. Consent, reputation systems, computational puzzles, and payments at risk, amongst others, all work best when applied only to new requests, and successful completion of an introduction results in the placement of a user on a white list. However, usage of white lists depends on strong identity assertions. Consequently, any network that interconnects with others should make use of strong SIP identity as described in RFC 4474. P-Asserted-Identity is not strong enough.
强身份:首先,在上面讨论的几乎所有解决方案中,都依赖于在域间对SIP消息的发送者进行身份验证的能力。同意、信誉系统、计算难题和风险支付等,当仅应用于新请求时,所有这些都能发挥最佳效果,成功完成介绍会导致用户被列入白名单。然而,白名单的使用依赖于强身份断言。因此,任何与其他网络互连的网络都应该使用RFC 4474中描述的强SIP标识。P-Identity不够强大。
White Lists: Secondly, with a strong identity system in place, networks are recommended to make use of white lists. These are ideally built off existing buddy lists, if present. If not, separate white lists can be managed for spam. Placement on these lists can be manual or based on the successful completion of one or more introduction mechanisms.
白名单:第二,有了强有力的身份识别系统,建议网络使用白名单。理想情况下,这些是根据现有好友列表(如果存在)构建的。如果没有,则可以针对垃圾邮件管理单独的白名单。这些列表上的位置可以是手动的,也可以基于一个或多个引入机制的成功完成。
Solve the Introduction Problem: This in turn leads to the final recommendation to be made. Network designers should make use of one or more mechanisms meant to solve the introduction problem.
解决介绍问题:这反过来又会导致提出最终建议。网络设计者应该使用一种或多种机制来解决引入问题。
Indeed, it is possible to use more than one and combine the results through some kind of weight. A user that successfully completes the introduction mechanism can be automatically added to the white list. Of course, that can only be done usefully if their identity is verified by SIP Identity. The set of mechanisms for solving the introduction problem, as described in this document, are based on some (but not all) of the techniques known and used at the time of writing. Providers of SIP services should keep tabs on solutions in email as they evolve, and utilize the best of what those techniques have to offer.
事实上,可以使用多个,并通过某种权重组合结果。成功完成介绍机制的用户可以自动添加到白名单中。当然,只有通过SIP身份验证他们的身份,才能有效地实现这一点。如本文档所述,解决介绍问题的一套机制是基于撰写本文时已知和使用的一些(但不是全部)技术。SIP服务提供商应在电子邮件解决方案发展过程中密切关注这些解决方案,并充分利用这些技术所能提供的优势。
Don't Wait Until It's Too Late: But perhaps most importantly, providers should not ignore the spam problem until it happens! As soon as a provider inter-connects with other providers, or allows SIP messages from the open Internet, that provider must consider how they will deal with spam.
不要等到为时已晚:但也许最重要的是,提供商不应该忽视垃圾邮件问题,直到它发生!一旦提供者与其他提供者互连,或者允许来自开放Internet的SIP消息,则提供者必须考虑他们将如何处理垃圾邮件。
Though the above framework serves as a good foundation on which to deal with spam in SIP, there are gaps, some of which can be addressed by additional work that has yet to be undertaken.
虽然上面的框架是处理SIP中垃圾邮件的一个很好的基础,但是存在一些空白,其中一些可以通过额外的工作来解决。
One of the difficulties with the strong identity techniques is that a receiver of a SIP request without an authenticated identity cannot know whether the request lacked such an identity because the originating domain didn't support it, or because a man-in-the-middle removed it. As a result, transition mechanisms should be put in place to allow these to be differentiated. Without it, the value of the identity mechanism is much reduced.
强身份技术的一个困难是,没有经过身份验证的SIP请求的接收者无法知道该请求是否缺少这样的身份,是因为发起域不支持该身份,还是因为中间的人删除了该身份。因此,应建立过渡机制,使这些机制得以区分。没有它,身份机制的价值就会大大降低。
This document is entirely devoted to issues relating to spam in SIP and references a variety of security mechanisms in support of that goal.
本文档完全致力于SIP中与垃圾邮件相关的问题,并参考了支持该目标的各种安全机制。
The authors would like to thank Rohan Mahy for providing information on Habeas, Baruch Sterman for providing costs on VoIP termination services, and Gonzalo Camarillo and Vijay Gurbani for their reviews. Useful comments and feedback were provided by Nils Ohlmeir, Tony Finch, Randy Gellens, Lisa Dusseault, Sam Hartman, Chris Newman, Tim Polk, Donald Eastlake, and Yakov Shafranovich. Jon Peterson wrote some of the text in this document and has contributed to the work as it has moved along.
作者要感谢Rohan Mahy提供的人身保护信息,Baruch Sterman提供的VoIP终止服务成本,以及Gonzalo Camarillo和Vijay Gurbani的评论。Nils Ohlmeir、Tony Finch、Randy Gellens、Lisa Dusseault、Sam Hartman、Chris Newman、Tim Polk、Donald Eastlake和Yakov Shafranovich提供了有用的评论和反馈。乔恩·彼得森(Jon Peterson)在这份文件中写了一些文字,并在工作进展过程中做出了贡献。
[1] Campbell, B., Mahy, R., and C. Jennings, "The Message Session Relay Protocol (MSRP)", RFC 4975, September 2007.
[1] Campbell,B.,Mahy,R.,和C.Jennings,“消息会话中继协议(MSRP)”,RFC 4975,2007年9月。
[2] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002.
[2] Rosenberg,J.,Schulzrinne,H.,Camarillo,G.,Johnston,A.,Peterson,J.,Sparks,R.,Handley,M.,和E.Schooler,“SIP:会话启动协议”,RFC 3261,2002年6月。
[3] Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C., and D. Gurle, "Session Initiation Protocol (SIP) Extension for Instant Messaging", RFC 3428, December 2002.
[3] Campbell,B.,Rosenberg,J.,Schulzrinne,H.,Huitema,C.,和D.Gurle,“即时消息的会话启动协议(SIP)扩展”,RFC 34282002年12月。
[4] Roach, A., "Session Initiation Protocol (SIP)-Specific Event Notification", RFC 3265, June 2002.
[4] Roach,A.,“会话启动协议(SIP)-特定事件通知”,RFC3265,2002年6月。
[5] Jennings, C., Peterson, J., and M. Watson, "Private Extensions to the Session Initiation Protocol (SIP) for Asserted Identity within Trusted Networks", RFC 3325, November 2002.
[5] Jennings,C.,Peterson,J.,和M.Watson,“在可信网络中用于断言身份的会话启动协议(SIP)的私有扩展”,RFC 33252002年11月。
[6] Rosenberg, J., "A Presence Event Package for the Session Initiation Protocol (SIP)", RFC 3856, August 2004.
[6] Rosenberg,J.,“会话启动协议(SIP)的状态事件包”,RFC3856,2004年8月。
[7] Rosenberg, J., "A Watcher Information Event Template-Package for the Session Initiation Protocol (SIP)", RFC 3857, August 2004.
[7] Rosenberg,J.,“会话启动协议(SIP)的观察者信息事件模板包”,RFC3857,2004年8月。
[8] Rosenberg, J., "An Extensible Markup Language (XML) Based Format for Watcher Information", RFC 3858, August 2004.
[8] Rosenberg,J.,“基于可扩展标记语言(XML)的观察者信息格式”,RFC3858,2004年8月。
[9] Faltstrom, P. and M. Mealling, "The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM)", RFC 3761, April 2004.
[9] Faltstrom,P.和M.Mealling,“E.164到统一资源标识符(URI)动态委托发现系统(DDDS)应用程序(ENUM)”,RFC 3761,2004年4月。
[10] Rosenberg, J., "The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)", RFC 4825, May 2007.
[10] Rosenberg,J.,“可扩展标记语言(XML)配置访问协议(XCAP)”,RFC4825,2007年5月。
[11] Rosenberg, J., "Presence Authorization Rules", RFC 5025, October 2007.
[11] Rosenberg,J.,“在场授权规则”,RFC 5025,2007年10月。
[12] Rosenberg, J., "A Framework for Consent-Based Communications in the Session Initiation Protocol (SIP)", Work in Progress, October 2007.
[12] Rosenberg,J.,“会话启动协议(SIP)中基于同意的通信框架”,正在进行的工作,2007年10月。
[13] Camarillo, G., "A Document Format for Requesting Consent", Work in Progress, October 2007.
[13] Camarillo,G.“请求同意的文件格式”,正在进行的工作,2007年10月。
[14] Rosenberg, J., "A Framework for Application Interaction in the Session Initiation Protocol (SIP)", Work in Progress, October 2005.
[14] Rosenberg,J.,“会话启动协议(SIP)中的应用程序交互框架”,正在进行的工作,2005年10月。
[15] Burger, E. and M. Dolly, "A Session Initiation Protocol (SIP) Event Package for Key Press Stimulus (KPML)", RFC 4730, November 2006.
[15] Burger,E.和M.Dolly,“按键刺激(KPML)的会话启动协议(SIP)事件包”,RFC 4730,2006年11月。
[16] Rosenberg, J., "Applying Loose Routing to Session Initiation Protocol (SIP) User Agents (UA)", Work in Progress, June 2007.
[16] Rosenberg,J.,“将松散路由应用于会话启动协议(SIP)用户代理(UA)”,正在进行的工作,2007年6月。
[17] Peterson, J. and C. Jennings, "Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP)", RFC 4474, August 2006.
[17] Peterson,J.和C.Jennings,“会话启动协议(SIP)中身份验证管理的增强”,RFC 4474,2006年8月。
[18] Allman, E. and H. Katz, "SMTP Service Extension for Indicating the Responsible Submitter of an E-Mail Message", RFC 4405, April 2006.
[18] Allman,E.和H.Katz,“用于指示电子邮件负责提交者的SMTP服务扩展”,RFC 4405,2006年4月。
[19] Lyon, J. and M. Wong, "Sender ID: Authenticating E-Mail", RFC 4406, April 2006.
[19] Lyon,J.和M.Wong,“发件人ID:验证电子邮件”,RFC 4406,2006年4月。
[20] Lyon, J., "Purported Responsible Address in E-Mail Messages", RFC 4407, April 2006.
[20] 里昂,J.,“电子邮件中声称的责任地址”,RFC 4407,2006年4月。
[21] Wong, M. and W. Schlitt, "Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1", RFC 4408, April 2006.
[21] Wong,M.和W.Schlitt,“授权在电子邮件中使用域的发件人策略框架(SPF),第1版”,RFC 4408,2006年4月。
[22] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.1", RFC 4346, April 2006.
[22] Dierks,T.和E.Rescorla,“传输层安全(TLS)协议版本1.1”,RFC 4346,2006年4月。
[23] Allman, E., Callas, J., Delany, M., Libbey, M., Fenton, J., and M. Thomas, "DomainKeys Identified Mail (DKIM) Signatures", RFC 4871, May 2007.
[23] Allman,E.,Callas,J.,Delany,M.,Libbey,M.,Fenton,J.,和M.Thomas,“域密钥识别邮件(DKIM)签名”,RFC 48712007年5月。
[24] Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification", RFC 3851, July 2004.
[24] Ramsdell,B.,“安全/多用途Internet邮件扩展(S/MIME)版本3.1消息规范”,RFC 3851,2004年7月。
[25] Elkins, M., Del Torto, D., Levien, R., and T. Roessler, "MIME Security with OpenPGP", RFC 3156, August 2001.
[25] Elkins,M.,Del Torto,D.,Levien,R.,和T.Roessler,“OpenPGP的MIME安全性”,RFC 3156,2001年8月。
[26] Abadi, M., Burrows, M., Manasse, M., and T. Wobber, "Moderately Hard, Memory Bound Functions, NDSS 2003", February 2003.
[26] Abadi,M.,Burrows,M.,Manasse,M.,和T.Wobber,“中等硬度,内存限制函数,NDSS 2003”,2003年2月。
[27] Abadi, M., Burrows, M., Birrell, A., Dabek, F., and T. Wobber, "Bankable Postage for Network Services, Proceedings of the 8th Asian Computing Science Conference, Mumbai, India", December 2003.
[27] Abadi,M.,Burrows,M.,Birrell,A.,Dabek,F.,和T.Wobber,“网络服务的银行邮资,第八届亚洲计算科学会议记录,印度孟买”,2003年12月。
[28] Clayton, R. and B. Laurie, "Proof of Work Proves not to Work, Third Annual Workshop on Economics and Information Security", May 2004.
[28] Clayton,R.和B.Laurie,“工作证明证明不起作用,第三届经济学和信息安全年度研讨会”,2004年5月。
Authors' Addresses
作者地址
Jonathan Rosenberg Cisco Edison, NJ US
Jonathan Rosenberg Cisco Edison,美国新泽西州
EMail: jdrosen@cisco.com URI: http://www.jdrosen.net
EMail: jdrosen@cisco.com URI: http://www.jdrosen.net
Cullen Jennings Cisco 170 West Tasman Dr. San Jose, CA 95134 US
美国加利福尼亚州圣何塞市西塔斯曼博士,邮编95134
Phone: +1 408 421-9990 EMail: fluffy@cisco.com
Phone: +1 408 421-9990 EMail: fluffy@cisco.com
Full Copyright Statement
完整版权声明
Copyright (C) The IETF Trust (2008).
版权所有(C)IETF信托基金(2008年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息以“原样”为基础提供,贡献者、他/她所代表或赞助的组织(如有)、互联网协会、IETF信托基金和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.