Yes, but it does so at the expense of weakening RFC 4474 when it is
used without DTLS.
I believe Jon has said that he wishes to be able to use signaling
identity without DTLS and considers the presentation of IP addresses
in the identity signature to be essential. Since you want to change
RFC 4474 to allow MITM editing of IP address information (thereby
weakening RFC 4474 protections in Jon's scenario), he doesn't like
your idea,
I'm saying if you use identity-media, then you MUST use DTLS-SRTP (or
at least the handshake part if you don't need actual encryptio, or a
NULL encryption).
That way it doesn't weaken anything. Also, nothing prevents anybody
from using classic 4474 if you want to prevent nasty SBCs from mucking
around with SDP: I can see enterprises doingbso between them.
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [email protected] for questions on current sip
Use [email protected] for new developments on the application of sip
