> -----Original Message----- > From: Raphael Coeffic [mailto:[email protected]] > Sent: Monday, March 09, 2009 7:42 AM > > That's a good point. Requiring the user to be registered and only > accepting requests from the registered contacts provide a fair-enough > level of security concerning the attack debated. But I am still hoping > that we could find a solution not requiring this kind of measures, which > I would call "user-restricting".
How is it "user-restricting" to require a UA to generate a REGISTER request? Most humans don't generate the REGISTER request by hand - typically software does it for them. :) I mean at that point you can also just say "digest authentication is user-restricting". -hadriel _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
