At Mon, 14 Apr 2008 09:28:10 -0400, Paul Kyzivat wrote: > > > > Eric Rescorla wrote: > [snip] > > > And this has what to do with RFC 4474 or DTLS-SRTP? This is a pure > > routing issue: the GW needs to know what proxy to contact for phone > > number X. That configuration could (or could not) contain an > > indicator of whether 4916 is expected and what certificate should > > be used. > > There's a difference between knowing a place to send the request so that > it will eventually reach the right destination, and knowing the ultimate > destination. There could be a *lot* of GWs, that typically are pretty > dumb, and depend on some other routing element (e.g. proxy) to get the > request to the right place.
Yep. This is a fundamental issue of integrity for SIP call routing. > You seem to be saying that the GW needs to know a lot more than that to > secure the call. Far from ideal. Is that right, or am I missing something? I agree it's far from ideal. There are two possible solutions to this sort of problem: - Some sort of authenticated history mechanism that gives the gateway confidence that the call was routed correctly - Enough UI to tell the user who *actually* answered the call. Unfortunately, the second isn't available here because of the lame PSTN UI. -Ekr _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
