Hi, TLS is also not a transport protocoll. SIPS does not care about the transport protocoll, it simply requires an encryption off the SIP message. 3261 suggests TLS and IPsec.
Gerhard -----Ursprungliche Nachricht----- Von: Ranjit Avasarala [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 06. November 2003 07:06 An: 'Gruber Gerhard'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Betreff: RE: [Sip-implementors] Fw: sips URL on non-TLS transport Hi But IP Sec is at IP level. It is not a transport protocol. -----Original Message----- From: Gruber Gerhard [mailto:[EMAIL PROTECTED] Sent: Thursday, November 06, 2003 11:26 AM To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: AW: [Sip-implementors] Fw: sips URL on non-TLS transport Hi, SIPS requires a secure transport, but not necessarily TLS. TLS is one possibility, and IPsec is another. An entity that receives a request with a SIPS URL over an unsecured transport should response with a 403 forbidden. Gerhard. -----Ursprungliche Nachricht----- Von: Ranjit Avasarala [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 06. November 2003 05:48 An: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Betreff: RE: [Sip-implementors] Fw: sips URL on non-TLS transport Hi First of all sips: cannot come on non-TLS transport, be'se sips: implies TLS. But reverse is not true, I,e all requests coming on TLS need not be sips: Ranjit -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, November 06, 2003 10:10 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [Sip-implementors] Fw: sips URL on non-TLS transport Reposting as there were no responses to this mail. ================ Hi, What is the expected behaviour from an entity that receives a request with a sips URL in the Request-URI but coming on a non-TLS transport. Is this a legal scenario ? If not, is there a specific response code to handle this kind of error. Also, if it is not an error, what would be the appropriate Contact to insert in the response - sip or sips. The caller probably didn't support TLS but used a sips URL in the initial request so as to ensure secure communication. But if we assume this and insert a sips URL in the Contact, then the endpoint will be forced to use TLS for subsequent messages in the dialog (per Sec 8.1.2). Any pointers are welcome. Thanks in advance, Subhash Nayak Hughes Software Systems http://www.hssworld.com _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
