I am saying that there solutions that have those properties that would be satisfactory from my perspective, yes, but certainly not that a solution must exhibit these properties. Obviously something like using TURN and having the originating administrative domain sign the IP/port generated by the intermediary is also fine with me, for example.
Jon Peterson NeuStar, Inc. On 4/11/09 5:46 AM, "Elwell, John" <[email protected]> wrote: > Jon, > > So a consequence of what you are saying is that to verify who you are > negotiating DTLS-SRTP security with you need one signature, covering the > certificate fingerprint and sufficient other stuff to prevent replay, and to > verify which intermediary told you the IP address and port to send media to > you need a second signature. Correct? > > John _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
