inline. Paul Kyzivat wrote:
As others have suggested, you almost certainly need to find a way to authenticate the address before presenting it to the PSTN.A word of caution here.
One solution to that and your other problems, would be to use the P-Asserted-Identity header for this purpose. (draft-ietf-sip-asserted-identity-02.txt). In addition to providing a way to solve the authentication problem, it permits you to have multiple asserted identities. So your caller could have both a sip: address and a tel: address. Presumably the gateway would use the tel: address, while a sip UAS might prefer to present the sip: address to the callee.
While Paul is correct, this does not mean that the CALLER places the P-Asserted-ID header into the request. That would be a serious security hole. It must be inserted by an entity that is trusted by the operator of the gateway, and furhtermore, must be generated by an element which can legitmately claim to know that indeed, [EMAIL PROTECTED] does indeed possess the phone number +46 76 22 883. Generally, this is an extremely difficult assertion to reliably prove!
-Jonathan R.
--
Jonathan D. Rosenberg, Ph.D. 72 Eagle Rock Ave.
Chief Scientist First Floor
dynamicsoft East Hanover, NJ 07936
[EMAIL PROTECTED] FAX: (973) 952-5050
http://www.jdrosen.net PHONE: (973) 952-5000
http://www.dynamicsoft.com
_______________________________________________
Sip-implementors mailing list
[EMAIL PROTECTED]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
