[VOIPSEC] VoIP and Fraud

[Carsten Schiefner]

Michael, all -

Michael Todd wrote:
> I think that endpoint authentication is a big problem by definition in 
> the IP Telephony world right now. End users do not want to authenticate 
> to make a call. The average user has a lifetime's expectation set for 
> what telephony use should "feel like." Authentication before calling 
> isn't one of these expectations. Authentication in computer use is 
> expected as the technology is relatively new to end users. Expectations 
> have been set for authentication requirements. Due to this, many 
> vendors, such as Cisco have completely disregarded endpoint 
> authentication, especially at the infrastructure or switch level.

hasn't that expectation in telephony changed already slightly with the 
introduction of mobile telephony: authenticating oneself with a PIN to 
the SIM card in the phone?

I have no pointer at hand right now, but I heard people speaking about 
extending that very principle to VoIP.

Best,

	-C.