> -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Victor Pascual Ávila > Sent: 31 March 2009 11:07 > To: Jonathan Rosenberg > Cc: SIP List > Subject: [Sip] Media vs Signaling identity (was Re: francois' > comments andwhy RFC4474 not used in the field) > > On Tue, Mar 31, 2009 at 4:12 AM, Jonathan Rosenberg > <[email protected]> wrote: > > inline: > > > > Jiri Kuthan wrote: > > > > > >>> From an end user perspective, I would assert that the > most important > >>> thing is probably the media. If the callerID says, "this > is bob", what is > >>> important to the user, is that when I pick up the phone > and start talking, > >>> it will be Bob who hears me, and Bob that I hear. > >>> > >>> Consider this litmus test: > >>> > >>> If the signaling actually came from Mary (perhaps as a > third party), but > >>> the media goes/comes to/from Bob, who should appear on > the caller ID? I say > >>> - Bob. > >> > >> There is a timing aspect in favor of placing identity in > signaling -- > >> I would like to know whose call is ringing before I answer > (if I do). > > > > You can still have that. Just don't ring the phone until > early media has > > been exchanged and verified. Indeed if you were doing an > ICE-style thing per > > Dan's draft, you'd get that for free. > > Are we restricting the identity assertion to telephony-like sessions? > > IMHO, identity assertion should also work for the following scenarios > (among others): > > -rfc3725, figure 1, message 1 (INVITE no SDP): Upon receipt of the > initial INVITE (note there's no session description at all), "A" > decides to authorize or reject the call based on the delivered > identifier. > > -rfc3428, figure 1, message 2 (F2): "user2" decides to answer or > ignore the message based on the delivered identifier. > > -rfc3515, example 4.1, message 1 (F1): "agent B" decides to accept or > reject the refer based on the delivered identifier > > -Any other application based on white/black lists (where the identity > verification must happen before accepting a request). > > > While "signaling identity" seems to be a common denominator, I'm not > sure about the role of "media identity" in the above listed scenarios. > Any clarification will be appreciated. [JRE] These too are valid situations where the identity needs to be authenticated. Where media is involved, however, there is an additional problem of authenticating the media, and if the media is bound to the signalling, a solution for authenticating the signalling would also authenticate the media. So we either need a solution for authenticating both signalling and media together (e.g., by authenticating the signalling, the media too gets authenticated) or we need separate mechanisms. Clearly the former would be preferable.
John > > Cheers, > -- > Victor Pascual Ávila > _______________________________________________ > Sip mailing list https://www.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use [email protected] for questions on current sip > Use [email protected] for new developments on the application of sip > _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
