> > But if some service provider in the middle needs to drop the > > call to <some spiffy codec> which isn't supported by Alice's > > SP nor by Bob's SP -- what would that service provider do? > > Not deploy that spiffy new codec, even though it would save > > them thousands of dollars a day in satellite bandwidth fees? > > Well, no. You just can't do end-to-end media security in this > case.
Ok. Then in that case a way to downgrade to RTP -- which we need in any event -- would be needed. > I don't understdand at all the claim that if transcoding is > allowed, there would be any point in doing media security, or > even Secure identity for that matter. I'm just saying if transcoding > or media mucking-around is allowed, then just stick with P-AI. So that the victim (user2) can distinguish between a service provider doing transcoding for the legimate user1 versus the identity spoofing of user3 (diagram taken from http://tools.ietf.org/html/draft-elwell-sip-e2e-identity-important-03): user3/UA3 | +------+------+ | enterprise3 | +------+------+ | +----------+ +----+-----+ +----------+ +---+ SBC SBC +---+ SBC SBC +---+ SBC SBC +---+ | +----------+ +----------+ +----------+ | | ITSP-A ITSP-B ITSP-C | | | +------+------+ +------+------+ | enterprise1 | | enterprise2 | +------+------+ +------+------+ | | user1/UA1 user2/UA2 -d _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
