Hi In the current p2psip-base-26, section 7.3.1, 7.3.2, 7.3.3, 7.3.4 and 13.5.1, all refers to "the hash function for the overlay". For example, In the USER-MATCH policy, a given value MUST be written (or overwritten) if and only if the signer's certificate has a user name which hashes (using the hash function for the overlay) to the Resource-ID for the resource. Recall that the certificate may, depending on the overlay configuration, be self-signed. However, there is no such hash function defined in the configuration XML, except the <self-signed-permitted> tag's "digest" attribute. The <self-signed-permitted> tag does not exist for enrolled overlay configuration. While the RELOAD signature dynamically specifies the hash function in used, we need an explicit hash function contract for other usage like computing the Resource-ID from the SIP AoR. I propose moving the "digest" attribute out of <self-signed-permitted> tag and into the top level <configuration> tag, alongside "instance-name", etc., or adding a new attribute to that effect. Thanks --Michael
_______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
