What's missing from this, Francois, is how the proxy knows to set up
the RR with tls in the first place.
i.e. when it retargets how does it _know_ it's retargetting to
something over tls vs tcp.
I disagree that implementation specific configuration is a good
enough answer.
I'm happy with the answer "you set this information in DNS" when you
have DNS.
What I'm not seeing is how you set this when you don't have DNS.
RjS
On Jun 4, 2007, at 1:46 PM, Francois Audet wrote:
-----Original Message-----
From: Bob Penfield [mailto:[EMAIL PROTECTED]
Sent: Monday, June 04, 2007 11:10
To: Audet, Francois (SC100:3055); Robert Sparks; Dean Willis
Cc: SIP IETF
Subject: Re: [Sip] Ready for WGLC on SIPS draft? Any last
thoughts ontransport=tls?
I have seen cases where transport=tls appears in the
Record-Route where one hop between proxies uses TLS. For example:
UAC--<TCP>-->Proxy1---<TLS>--->Proxy2--<TCP>--->Proxy3---<TCP>--
>UAS
This is done using a SIP URI (not SIPS).
I have not been able to keep up with this discussion, but the
question I have is: without transport=tls, how would you
express the desire/need to do TLS for a SIP URI in a
Record-Route or Route header? I am talking about a case where
the proxy (Proxy2 above) supports TCP and TLS, but the
selection of transport is made for the initial INVITE, and
that same transport needs to be used for in-dialog requests?
I'd say you use no transport parameter in the Record-Route and you
do what 3261 recommends, which is to reuse the same TCP connection
(TLS on this case) for in-dialog requests.
Also, I'd like to point out that since Record-Route is by definition
hop by hop, in that case sips would mean exactly the same as
transport=tls.
_______________________________________________
Sip mailing list https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
