Dean Willis wrote:
Paul Kyzivat wrote:
So you mean both a sip and sips contact would be registered over the
same (tls) flow. As Francois said, he proposed this long ago and it
was rejected for a bunch of reasons. The only benefit I can see to
this is as a way to indicate a policy regarding whether sip requests
are/aren't desired over this flow. Things will work just fine without
that policy (the UAS can simply reject them if it wishes). It
complicates a lot of things so I prefer to stick with what was already
decided about this.
No, this DOESN'T work fine, as the privacy of the UAS's AOR-to-Contact
binding is compromised by sending the request from the UAC, even if the
UAS rejects the request.
The above is discussing *registrations*, which implies the presence of a
registrar. In most cases, the UAC is not the registrar and does not have
access to the location service used by the registrar. The UAC sends
requests to the AOR. Those requests are serviced by something that does
have access to the location service.
The UAC sending a request to the AOR does not compromise the UAS's
Contact binding. That can be compromised in two ways:
- if the "home proxy" translates the AOR to the contact and then
forwards the request over in insecure link. If its a sips contact
we have already banned that.
- if the "home proxy" responds with a 3xx containing the registered
contact of the UAS. If the request had been unsecured then the
contact may indeed be compromised. (Note that doing this is
considered a *feature* in a number of scenarios. For instance if
the UAC has "guessed" at a sip AOR, and is then told it must use
a sips AOR to contact this UAS.) This is a policy issue of whether
the home proxy *should* disclose the contact addresses, and if so,
with what constraints.
If the sender KNEW that the UAS only accepted SIPS, this compromise
would not occur.
How would the sender know that? I might be trying to call you by
guessing your sip address from your email address.
Paul
And if the sender is given only a SIPS URI for an AOR, the sender MUST
assume that the UAS accepts only SIPS requests and MUST NOT send a
request to that AOR using SIP. Otherwise, the privacy of the UAS's
AOR-to-Contact binding might be compromised (and in security, one can
assume that if it might be compromised, it probably has been-- It's
tainted).
--
Dean
_______________________________________________
Sip mailing list https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
