> -----Original Message----- > From: Elwell, John [mailto:john.elw...@siemens.com] > Sent: Thursday, March 05, 2009 12:15 PM > > Should we specify something that would make life easier for > proxies/B2BUAs to detect compliance with this, e.g., a magic string at > the start of the call-ID, rather than simply the absence of "@"?
At one point I was thinking of just making it either be an "invalid" host: Call-ID: randomstuffheregibber...@invalid Or a fixed-length hex-ascii type thing (like Session-ID). But then someone pointed out to me that some devices already don't put their IP/host in it, so there's no reason to go make them change their implementation, nor replace their call-id until they do. The thing is I think that a proxy/b2bua which cares about this for security properties, would need/want to scan the whole call-id for something which looks like a host/IP anyway, to make a dynamic decision. So having a magic string won't help them. And B2BUA's which change it for non-security reasons will change it no matter what, because it's not the privacy property they care about. -hadriel _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implement...@cs.columbia.edu for questions on current sip Use sipp...@ietf.org for new developments on the application of sip
