In section 3 (Motivation) it states:
"In order for SDES and MIKEY to provide this
security property, they require distribution of certificates to
the endpoints that are signed by well known certificate
authorities."
Why is this? For MIKEY, the certificate could be self-signed, and by
including the certificate in the MIKEY message within the SDP body, the
RFC 4474 signature will protect it in the same way as for DTLS-SRTP.
John
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
