On Jul 13, 2008, at 12:00 PM, Hadriel Kaplan wrote:
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Adam
Roach
The way to get identity through B2BUAs is to have them *be* back-to-
back
USER AGENTS. They demonstrate to a 4474 signer (which may be
colocated
with the B2BUA) that they are authentic agents of the signer's
domain,
authorized to assert the identity in the "From" header field, and all
the 4474 goo can be added just fine.
That would work if and only if the B2BUA owned a cert of the same
domain as the From they changed it to. That is actually not the
case in practice, even when the From is an E.164. It would also not
work if the From was not an E.164, since they can't go changing sip:[EMAIL PROTECTED]
to sip:[EMAIL PROTECTED], for example.
no, but garden.eden.com could could sign an identity header with a
From: of [EMAIL PROTECTED]
Would a recipient trust it? Why would you trust anything that was
mangled by a B2BUA in the first place? If you trust the operator of
the B2BUA, then trusting the re-signed identity seems just as
reasonable. The good news is that this lets people who DON'T trust the
operator of the re-signing B2BUA know that the call has been mangled.
--
Dean
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
