On Thu, Jul 7, 2011 at 9:56 AM, Sam Hartman <[email protected]> wrote: >>>>>> "Gabriel" == Gabriel López <[email protected]> writes: > Gabriel> Have you analysed how this process (I count 18 messages for 4 > realms > Gabriel> without routing and attribute request exchanges) could affect > specific > Gabriel> services like SIP? > > So, currently ABFAB does not target SIP. > In general I'd expect you to use the same SIP registration server > regardless of your current location. > > However if we did target SIP and you did happen to use a registration > server far away from your IDP, it would mean that you'd need 18 messages > and introduce some delay for your first registration. In most sip > deployments beyond that, the number of messages would be the same as it > is with some central authentication server after that because the > registration would be cached.
Also, presumably the trust path routes won't change/flap anywhere near as often as IP routes, right? So it should be safe to cache these paths for quite a while. Also, validation of cached paths could be done asynchronously, in the background. Nico -- _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
