[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sip] SIPS question: How to prevent plaintext requests from being delivered to a UA

It will be coming soon as its in discussion with other folks privately.
BTW, we still have a lot of time before Chicago. And I don't work 100%
time on the IETF proposal writing.

My proposal is depicted in the cipher-suite draft roughly in the 00
version. I have shown so many times on the list that we need
cipher-suite indication, where our security adivisor doesn't seem to be
in the agreement. That version was not talking about the broken features
etc, which had been earlier discussed before San Diego a lot on the
list. 

And in the next version, I will be talking about the broken features
with respect to 3261. Your proposed patches are not the reference point
for it. And it is catching brokenness of SIPS as the focal point.

I was keeping silent, as I only wanted this to be progress as
BCP/INFORMATIONAL document and then proceed with my proposal. And
recently it was brought to my notice that is being pursed as STANDARD
track document, where I have disconnect and so I am putting more time on
this effort. 

Thx
Samir

>-----Original Message-----
>From: Audet, Francois (SC100:3055) 
>Sent: Monday, April 23, 2007 12:41 PM
>To: Cullen Jennings
>Cc: SIP
>Subject: RE: [Sip] SIPS question: How to prevent plaintext 
>requests from being delivered to a UA
>
>Below.
>
>> -----Original Message-----
>> From: Cullen Jennings [mailto:fluffy at cisco.com]
>> Sent: Sunday, April 22, 2007 20:52
>> To: Srivastava, Samir (SC100:8826)
>> Cc: SIP; Audet, Francois (SC100:3055)
>> Subject: Re: [Sip] SIPS question: How to prevent plaintext requests 
>> from being delivered to a UA
>> 
>> 
>> On Apr 18, 2007, at 11:39 AM, Samir Srivastava wrote:
>> 
>> >
>> >
>> >>
>> >> good and thus one more reason to junk sips.  we can just
>> say that a
>> >> proxy should use tls if it supports it.
>> >>
>> >
>> > I am sure that Cullen must be listening this.
>> >
>> > Thx
>> > Samir
>> >
>> >
>> 
>> Uh - I'm sort of reading it but I got to admit I'm not sure I am 
>> getting any information that is new. I'm sure Francois will 
>summarize 
>> something that I can actually understand sooner or later.
>> 
>> Cullen <with my individual hat on>
>
>I'm not getting it either.
>
>I think the summary is that Samir wants the group to stop its 
>work on draft-ietf-sip-sips, and reverse it's already made 
>decision, in order to consider a proposal from him that he 
>hasn't submitted yet, involving indicating Cypher-suites 
>explicitly and deprecating SIPS altogether.
>
>
>_______________________________________________
>Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
>This list is for NEW development of the core SIP Protocol Use 
>sip-implementors at cs.columbia.edu for questions on current sip 
>Use sipping at ietf.org for new developments on the application of sip
>


_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip