On Apr 3, 2009, at 11:22 AM, Francois Audet wrote:
-----Original Message-----
From: Dean Willis [mailto:[email protected]]
Sent: Thursday, April 02, 2009 21:02
To: Audet, Francois (SC100:3055)
Cc: Dwight, Timothy M (Tim); Cullen Jennings; [email protected];
DRAGE, Keith (Keith)
Subject: Re: [Sip] francois' comments and why RFC4474 not
used in the field
And what draft-wing-sip-identity-media does is show how and
4474-like
mechanism that doesn't protect the IP address can be used in
conjunction with DTLS-SRTP, to provide an adequate level of
security.
So, I'll repeat the question from a previous email: what's
wrong with
draft-wing-sip-identity-media???
If I understand the argument, extending the d-w-s-i-m
approach to non- DTLS media legitimizes the obfuscation of
the one media identifier we do have -- the IP address. Some
people seem to find this unacceptable.
No, that's not what I'm saying.
I'm saying draft-wing-sip-identity-media WITH DTLS-SRTP.
^^^^
What's wrong with that approach?
Unless I'm missing something, it does seem to achieve end-to-end
media and identity security.
Yes, but it does so at the expense of weakening RFC 4474 when it is
used without DTLS.
I believe Jon has said that he wishes to be able to use signaling
identity without DTLS and considers the presentation of IP addresses
in the identity signature to be essential. Since you want to change
RFC 4474 to allow MITM editing of IP address information (thereby
weakening RFC 4474 protections in Jon's scenario), he doesn't like
your idea,
--
Dean
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [email protected] for questions on current sip
Use [email protected] for new developments on the application of sip
