On Mar 30, 2009, at 10:46 AM, Francois Audet wrote:
No, that's not at all the main reason. RFC4474 is already
not end-to-end. It's signed by a middlebox in the
originating domain, and verified by a middlebox in the
terminating domain. There is ample opportunity to change the
SDP at either of those domains to perform lawful intercept.
End-to-end means from end domain to end domain. So 4474 is
end-to-end.
RFC 4474 can also be used user-agent to user-agent, phone to phone.
So again, perhaps what we need is a non end-to-end secure identity.
Perhaps something that requires a broker/service provider.
How is this not P-Asserted-Identity? What real property does such an
identity assertion have that PAID lacks?
--
Dean
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [email protected] for questions on current sip
Use [email protected] for new developments on the application of sip
