Changing the subject name... Agreed, but really only for cases where ICE would result in use of a relay correct? In all other cases, the CONNECT path would establish the "way in" to the UAS through the NAT for the subsequent INVITE to come in directly would it not?
Relay is only required for a percentage of connections. It's also my hope that with the BEHAVE work, NAT vendors will over time make their NATs more friendly to SIP-like services. Ultimately, what I'm hoping is that the use of relays becomes less necessary rather than more necessary. While I'm sure that despite IPv6, NATS will be around forever, I do believe in the basic design tenet that underlies the Internet architecture, the principle of e2e. That principle in this instance I believe should nudge us into trying to design for direct UAC to UAS signaling when possible. I'm all for this tunneling mechanism, it may be a happy medium, but my architectural sense is that once the two endpoints have found each other, the best way to really insure e2e security is to have them signal each other directly. Thanks, FM On Wed, 2007-06-20 at 09:07 -0500, Vijay K. Gurbani wrote: > Frank W. Miller wrote: > > On Tue, 2007-06-19 at 22:00 -0500, Dean Willis wrote: > > > >>Ah, sipsec? > > > > I think the sipsec draft is quite reasonable. > > > > It wasn't completely clear to me from Figures 2 and 3 whether the > > session signaling, i.e. post-CONNECT, was traversing the proxies or not? > > I would prefer to see the CONNECT transaction somehow enable the UAC and > > UAS to signal directly between each other without proxies from then on. > > Is that what is intended or is the subsequent signaling still passing > > through the intermediate proxies? > > Frank: In certain cases -- peers behind NAT, for instance -- you will > have to keep the proxies in the path. > > Thanks, > > - vijay _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
