3 maj 2011 kl. 14.49 skrev Iñaki Baz Castillo: > Hi, RFC 4474 defines the Identity mechanism in which a proxy asserts > the identity of a request originator by appending a Indentity and > Identity-Info header. > In the other side, RFC 5922 defines client-to-server and > server-to-client authentication by using TLS certificates (optionally > in both ways). > > IMHO they are two ways of doing the same (or very similar). Why there > are two mechanisms for this? Which one to choose when building a new > SIP scenario? Which is more used? > > Thanks for any comment.
SiP identity is used by a proxy that hosts a domain to verify a SIP identity within that domain, basically telling the other part that "I am sure that [email protected] is authorized to use this URI within my domain". Within the domain, a registrar may use MD5 or TLS for the client to request authorization for an AOR. When setting up the connection to the other domain's proxy, server certificates may be used. Separate server identity with the function where the server assures a specific URI within the server's domain. /O _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
