[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sip] Signing P-Asserted-Identity
- To: Adam Roach <adam at nostrum.com>, Michael Thomas <mat at cisco.com>
- Subject: Re: [Sip] Signing P-Asserted-Identity
- From: Hadriel Kaplan <HKaplan at acmepacket.com>
- Date: Sun, 13 Jul 2008 13:00:28 -0400
- Accept-language: en-US
- Acceptlanguage: en-US
- Cc: "sip at ietf.org" <sip at ietf.org>, "Elwell, John" <john.elwell at siemens.com>, Paul Kyzivat <pkyzivat at cisco.com>, "DRAGE, Keith \(Keith\)" <drage at alcatel-lucent.com>, Dan Wing <dwing at cisco.com>
- Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
- Delivered-to: sip at core3.amsl.com
- In-reply-to: <4877ACE8.5060206@nostrum.com>
- List-help: <mailto:sip-request@ietf.org?subject=help>
- List-id: Session Initiation Protocol <sip.ietf.org>
- List-post: <mailto:sip@ietf.org>
- List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
- List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
- References: <E6C2E8958BA59A4FB960963D475F7AC30EEDF3C361@mail.acmepacket.com> <4873B3C5.4020202@cisco.com> <E6C2E8958BA59A4FB960963D475F7AC30EEDF3CD21@mail.acmepacket.com> <4873C037.5050203@cisco.com> <E6C2E8958BA59A4FB960963D475F7AC30EEDFAA52E@mail.acmepacket.com> <4873ECF2.5030908@nostrum.com> <102a01c8e150$3e05a610$c2f0200a@cisco.com> <48742BC9.2090701@nostrum.com> <051701c8e1d8$de07fc70$c2f0200a@cisco.com> <4874E1A9.1030106@nostrum.com> <029401c8e209$70e52e70$eaa36b80@cisco.com> <48752F47.8060905@nostrum.com> <048901c8e20d$1dddda70$eaa36b80@cisco.com> <48753393.5090307@nostrum.com> <48753605.5010604@cisco.com> <487536D9.900@nostrum.com> <48753B83.40205@cisco.com> <5D1A7985295922448D5550C94DE291800210D663@DEEXC1U01.de.lucent.com> <0D5F89FAC29E2C41B98A6A762007F5D0E3B735@GBNTHT12009MSX.gb002.siemens.net> <4877812B.1090802@nostrum.com> <48778FB9.4070206@cisco.com> <0D5F89FAC29E2C41B98A6A762007F5D0E3BC54@GBNTHT12009MSX.gb002.siemens.net> <4877AAEA.5040906@cisco.com> <4877ACE8.5060206@nostrum.com>
- Sender: sip-bounces at ietf.org
- Thread-index: Acjjh8Lc2IDZyfPiTTew93u4nTXRfgBgDqQQ
- Thread-topic: [Sip] Signing P-Asserted-Identity
> -----Original Message-----
> From: sip-bounces at ietf.org [mailto:sip-bounces at ietf.org] On Behalf Of Adam
> Roach
>
> The way to get identity through B2BUAs is to have them *be* back-to-back
> USER AGENTS. They demonstrate to a 4474 signer (which may be colocated
> with the B2BUA) that they are authentic agents of the signer's domain,
> authorized to assert the identity in the "From" header field, and all
> the 4474 goo can be added just fine.
That would work if and only if the B2BUA owned a cert of the same domain as the From they changed it to. That is actually not the case in practice, even when the From is an E.164. It would also not work if the From was not an E.164, since they can't go changing sip:adam at nostrum.com to sip:adam at garden.eden.com, for example.
-hadriel
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip