Hi, But as per RFC3261, 12.1.2 mentioned as bellow: <Quote> If the request has a Request-URI or a topmost Route header field value with a SIPS URI, the Contact header field MUST contain a SIPS URI. </Quote>
Then it's mean that the Caller must support TLS if it want to access a SIPS resource. (When downstream proxy forward request from Callee side to caller side, becuase the contact is SIPS, so it have to use TLS.) So I think what your suggestion of using proxy as a intermediate is not work. Am I miss something? Regards, Lavis ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, November 06, 2003 4:54 PM Subject: RE: [Sip-implementors] Fw: sips URL on non-TLS transport > TLS is hop by hop. If your next hop (outbound) proxy does not require you to send using TLS, then you can insert a route-header in the request pointing to that proxy and have a sips request-URI. The proxy then needs to forward that request using TLS (if there are no other route headers). > > If your next hop requires TLS (its address is sips), but you don't support TLS, then you shouldn't send the request with a sips URI, you may try with a sip URI though. > > /Hisham > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of ext > > [EMAIL PROTECTED] > > Sent: Thursday, November 06, 2003 6:40 AM > > To: [EMAIL PROTECTED] > > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] > > Subject: [Sip-implementors] Fw: sips URL on non-TLS transport > > > > > > > > > > > > > > Reposting as there were no responses to this mail. > > > > ================ > > Hi, > > What is the expected behaviour from an entity that > > receives a request with a sips URL in the Request-URI > > but coming on a non-TLS transport. Is this a legal > > scenario ? If not, is there a specific response code > > to handle this kind of error. > > Also, if it is not an error, what would be the > > appropriate Contact to insert in the response - sip > > or sips. The caller probably didn't support TLS but > > used a sips URL in the initial request so as to > > ensure secure communication. But if we assume this > > and insert a sips URL in the Contact, then the > > endpoint will be forced to use TLS for subsequent > > messages in the dialog (per Sec 8.1.2). > > > > Any pointers are welcome. > > > > Thanks in advance, > > Subhash Nayak > > Hughes Software Systems > > http://www.hssworld.com > > > > > > > > _______________________________________________ > > Sip-implementors mailing list > > [EMAIL PROTECTED] > > http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors > > > > _______________________________________________ > Sip-implementors mailing list > [EMAIL PROTECTED] > http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
