[VOIPSEC] spam and enum
Dan Wing
dwing at fuggles.com
Thu Aug 31 16:42:34 CDT 2006
> No but why call it end to end when you don't really do end to
> end anyway? Why call it SIP identity when the UA's involved don't
> actually identify themselves to each other.
"SIP Edge Identity" could perhaps be a more accurate title.
> Why have the
> baggage of reverse authentication when perhaps for your intended
> purpose you don't need it.
If by 'reverse authentication' you mean the identity of the called
party, SIP-Identity doesn't provide the identity of the called party --
rather, it only identifies someone sending a request (such as an
Invite). That is usually only the calling party. One way to get
sip-identity to identify the called party is for the called party to
send a request, and have that request signed by their sip-identity
agent. draft-ietf-sip-connected-identity-01.txt suggests doing that.
> Why don't you just use TLS and then you get a secure
> signalling channel too.
The existence of NATs, firewalls, and SBCs precludes opening a TCP
connection directly with each other.
-d
More information about the Voipsec
mailing list