Bob Penfield wrote:
----- Original Message ----- From: "Paul Kyzivat" <[EMAIL PROTECTED]>
<snip>
A way that is conformant with 3261 is to use the ability to embed a sip header in a sip URI. This is something like:
Contact: <sip:[EMAIL PROTECTED]:proxy.example.com%3E>
RFC 3261 actually discourages this sort of thing. Section 19.1.5 says:
An implementation SHOULD NOT honor any requested Route header field values in order to not be used as an unwitting agent in malicious attacks.
Hmm. Had forgotten that. And I don't think I am the only one. A usage like this is included in the latest torture tests (draft-ietf-sipping-torture-tests-04, section 3.3.1.4) indicating that it should succeed. (There it is used in a REGISTER.)
Whether legal or not, if you were to depend on common endpoints supporting this I suspect you would be disappointed.
Paul _______________________________________________ Sip-implementors mailing list [email protected] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
