On Mar 13, 2008, at 7:08 PM, Paul Kyzivat wrote: > > > Dean Willis wrote: > >> How about: >> From: +12142821376 <sip:[EMAIL PROTECTED]> > > Are we now assuming that 4474 vouches for the correctness of the > display name?
No, we're not. We're assuming that since we can't verify the contents of the display name, that having such information signed by RFC 4474 would be a Bad Thing. In other words, we are trying to limit the content of the RFC-4474 signed fields to include only things that the authentication service can verify. It should not sign and assert as true that which it cannot verify. So when we have a call from the PSTN, the Identity header MUST NOT assert anything about the PSTN-provided information. But here's the problem with Adam's idea.: > Various exceptions to such policies might arise for cases like > anonymity; if the AoR asserted in the From field uses a form like 'sip:[EMAIL > PROTECTED]' > , then the 'example.com' proxy should authenticate that the user is > a valid user in the domain and insert the signature over the From > header field as usual. Note that this check is performed on the addr- > spec in the From header field (e.g., the URI of the sender, like 'sip:[EMAIL > PROTECTED]') > ; it does not convert the display- name portion of the From header > field (e.g., 'Alice Atlanta'). Authentication services MAY check and > validate the display-name as well, and compare it to a list of > acceptable display-names that may be used by the sender; if the > display-name does not meet policy constraints, the authentication > service MUST return a 403 response code. If I'm reading it correctly, that gives us some flexibility with the display-name. > In any case, callerid includes name as well as number, so we > probably need to reserve the display name for carrying the calling > name, not the calling number. Interesting question. I think the phone number is part of the display name: From: Dean Willis +12142821376 <sip:[EMAIL PROTECTED]> -- Dean _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
