[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)

To: Adam Roach <adam at nostrum.com>
Subject: Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
From: Dean Willis <dean.willis at softarmor.com>
Date: Fri, 1 Aug 2008 11:12:56 +0100
Cc: SIP IETF <sip at ietf.org>, Adam Uzelac <Adam.Uzelac at globalcrossing.com>
Delivered-to: ietfarch-sip-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
In-reply-to: <4892E0AA.7010300@nostrum.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <0D5F89FAC29E2C41B98A6A762007F5D0F266CD@GBNTHT12009MSX.gb002.siemens.net> <02829328-7B0E-41AB-B325-01246363D09C@cisco.com> <4DAE5E60BA49D8419D7C8832503F5FFC072817AF26@EVS10.ams.gblxint.com> <FE11649F-C3C2-494F-8C40-569E83E91B80@softarmor.com> <0D5F89FAC29E2C41B98A6A762007F5D0F26D3A@GBNTHT12009MSX.gb002.siemens.net> <4DAE5E60BA49D8419D7C8832503F5FFC072817B5A6@EVS10.ams.gblxint.com> <06BFFD03-B8FC-47FC-8659-43BF4B60A3B6@softarmor.com> <4891BAA4.7040305@nostrum.com> <8151E805-AEF1-4889-8F71-EF33659661A6@softarmor.com> <4892E0AA.7010300@nostrum.com>
Sender: sip-bounces at ietf.org


On Aug 1, 2008, at 11:08 AM, Adam Roach wrote:

On 8/1/08 11:05 AM, Dean Willis wrote:
Here's the problem... if I trust a B2BUA, it doesn't necessarilymean that I'll trust everything it trusts. If Bob's UA is going tomake an informed choice, we need it to be able to examine a chainof custody for the identity, at the very least.
Is the stack of "verified by" parameters in history-Info adequate,or do you want to be able to check each transitive crypto operation?
If the latter, we'd have to do something like add each pre-editmessage as a sipfrag body onto the current message. That could makefor some rather large SIP requests. Maybe a diff format could makeit better, but it is still going to get chunky.
How many editing boxes do you expect in the middle here?

I have no idea. For media steering, four might be a typical case --originating, transit entry, transit exit, and terminating SBCs. Worstcase? Who knows . . .


--
Dean
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
  - From: Adam Roach

References:
- [Sip] Thoughts on SIP Identity issues
  - From: Elwell, John
- Re: [Sip] Thoughts on SIP Identity issues
  - From: Cullen Jennings
- Re: [Sip] Thoughts on SIP Identity issues
  - From: Uzelac, Adam
- Re: [Sip] Thoughts on SIP Identity issues
  - From: Dean Willis
- Re: [Sip] Thoughts on SIP Identity issues
  - From: Elwell, John
- Re: [Sip] Thoughts on SIP Identity issues
  - From: Uzelac, Adam
- [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
  - From: Dean Willis
- Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
  - From: Adam Roach
- Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
  - From: Dean Willis
- Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
  - From: Adam Roach

Prev by Date: Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
Next by Date: Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
Previous by thread: Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
Next by thread: Re: [Sip] Alternative SIP Identity Approach (was re: Thoughts on SIP Identity)
Index(es):
- Date
- Thread