[LINK] News email blunder
Sun, 29 Oct 2000 11:33:14 +1030
Eric Scheid wrote:
> Checksums on the phone numbers would get rid of 98% of the typo's,
> although that doesn't eliminate dialling the number of the wrong person
> (vs dialling a wrong number for the right person).
> A checksum as simple as that used for ISBNs would be enough. Telcos won't
> like it though.
And for good reason. The essential problem is that not
all numbers are subscriber identifiers, some identify
circuits and others identify intelligient services. As
a trivial expression of the issues, what should the network
do when the subscriber dials 0001 -- rejecting the call for
the wrong checksum doesn't seem right, routing the call to
000 may also be incorrect, maybe the user had intended to
dial 0111 and had a common keyboard bounce typo.
It's better to let higher-level protocols handle identification.
The fax standards do this, and the modern fax machines that I have
used display the identification of the other fax machine whilst
sending the fax. Similarly, PPP has recently had an identification
option added to allow the debugging of misdials.
The real problem is sending confidential information over an
unauthenticated channel in the first place. Simple link
identification doesn't implement end-to-end authenication,
non-redupudiation and privacy, which is what is required for
the transfer of medical test results.
Glen Turner Network Engineer
(08) 8303 3936 Australian Academic and Research Network
The revolution will not be televised, it will be digitised