Here's an example:
1) alice at example.com calls bob at example.net
2) The example.com AS authenticates Alice using a mechanism such as
proxy-authenticate, then adds an appropriate Identity and
Identity-Info header field.
3) Bob's B2BUA verifies the Identity header field
4) Bob's B2BUA checks the Identity value value against Bob's whitelist
and chooses to allow the call.
5) But Bob is out, so the B2BUA wants to forward the call to Bob's
mobile phone. But Bob's administrative policy requires recording the
call.
Since Bob's administrative policy requires recording the call, Bob's
b2bua steers the media through a recorder. This requires either
"editing the SDP" or termination of media on the SBC. in either case,
it is not reasonable to send the existing Identity header on to Bob,
since it's going to be broken.
6) Bob's B2BUA elides the previous Identity and Identity-Info and adds
a new Reasserted-Identity and Reasserted-Identity-Info header field
to the new request, adds a flag saying that the identity being
re-asserted was learned from a verified Identity header, then sends it.
7) Bob's mobile sees the new request, knows that it trusts Bob's B2BUA
as a re-asserter, then checks its whitelist policy and finds that it
is willing to accept calls from alice at example.com as long as the
assertion strength is either a direct Identity or a re-asserted
Identity based on verified Identity.