Hadriel Kaplan wrote: >
> Eric (I think) and I are not talking about having no dtls-srtp > fingerprint - that's an SDP attribute. We're talking about not > having the rfc4474 signature signing that fingerprint attribute. > Even without the rfc4474 signature, an attacker has to be able to > modify that SDP fingerprint attribute to succeed, and thus be in the > signaling path. The rfc4474 signature just prevents anyone between > the signer and verifier from being able to do so. Ok, I missed this. I really thought DTLS-SRTP required an RFC 4474 Identity header. That's why I asked the question several times, both in person (with EKR) and on the list. -- Dean _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
