On Jul 14, 2008, at 2:11 PM, Adam Roach wrote:
On 7/14/08 11:24 AM, Dean Willis wrote:
On Jul 13, 2008, at 1:05 PM, Hadriel Kaplan wrote:
-----Original Message-----
From: Dean Willis [mailto:[EMAIL PROTECTED]
no, but garden.eden.com could could sign an identity header with a
From: of [EMAIL PROTECTED]
Not according to 4474. The cert domain and From domain must match.
But that part COULD be changed, if one adequately described other
acceptance rules. One could potentially also "compound @" so we
have an @nostrum defined in the context of @eden. Something like a
signed uunet route.
Of you could express it cryptographically. Well-Known-Root signs
@eden; @eden signs @nostrum. Recipient can examine the cert and
determine whether they trust the chain.
Yes, that's pretty much what I meant by "adequately described
acceptance rules".
The question is how do you decide whether to trust @eden to sign
@nostrum? There is no delegation tree like in ENUM, so it has to be
done based on a trust relationship (possibly a contract) between you
and @eden. That's what we'd have to describe to extend RFC 4474
transitively.
--
Dean
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
