According some general privacy considerations, from an authentication service's point of view, an anonymous may be a known user in his domain that he has authenticated, but he's keeping its identity private. Nothing strange.
Francesco la Torre IIT-National Council Research Security Session Pisa, Italy Il giorno mar, 19/02/2008 alle 10.37 -0500, Paul Kyzivat ha scritto: > Why would you want sip-identity for an anonymous From address? > > IMO it is perfectly fine to provide an address with no identity. > > Paul > > Mayumi Munakata wrote: > > All; > > > > I have just submitted a new version of ua-privacy draft. > > http://www.ietf.org/internet-drafts/draft-ietf-sip-ua-privacy-01.txt > > > > Thanks to John Elwell for his comprehensive review, > > we managed to make a lot of editorial corrections > > and some technical. > > > > One profound open issue we have is on how to get an > > anonymous URI for a From header. While we can use a > > temp-gruu for a Contact header, there is no mechanism > > to obtain a functional anonymous URI for the From > > header or any other headers that houses URIs. > > > > RFC3323 recommends to use "[EMAIL PROTECTED]" > > for an anonymous URI in a From header. However, this > > impedes the use of SIP-Identity, as SIP-Identity > > mandates the domain portion of the "From" URI and > > that of "Identity-Info" to match. > > > > One of the expired draft written by Jonathan, attempted > > to use the GRUU to get this functional yet anonymous URI > > to address this issue. > > http://ietfreport.isoc.org/idref/draft-rosenberg-sip-identity-privacy/ > > > > I can see few ways forward. > > > > 1. Suggest the use of [EMAIL PROTECTED]'s domain name}, which > > verifier then can verify the signature's validity as > > domain portion of the URI and that of Identity-Info matches. > > >> If SIP-Identity is used, the domain is given away anyhow > > in the Identity-Info, so what is the point of hiding the > > domain in the From header? > > > > 2. Make a note that SIP-Identity will not function when > > [EMAIL PROTECTED] is used. > > >> Describe the caveat that verifier is likely to fail the > > request or suggest that Authentication Service does not > > add Identity-Info/signature. > > > > 3. Extend GRUU to support mechanism that Rosenberg suggested. > > > > Does anybody has any preferences or any other suggestions? > > > > Regards, > > Mayumi > > > > _______________________________________________ > > Sip mailing list http://www.ietf.org/mailman/listinfo/sip > > This list is for NEW development of the core SIP Protocol > > Use [EMAIL PROTECTED] for questions on current sip > > Use [EMAIL PROTECTED] for new developments on the application of sip > > > _______________________________________________ > Sip mailing list http://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use [EMAIL PROTECTED] for questions on current sip > Use [EMAIL PROTECTED] for new developments on the application of sip _______________________________________________ Sip mailing list http://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
