________________________________________ From: [email protected] [[email protected]] On Behalf Of Mossman, Paul (Paul) [[email protected]]
No changes to the phone and resource-lists.xml configuration file generation would be required. No Operation-side changes would be required either. This is what we should deliver for 4.2.1. Any objections or suggestions? _______________________________________________ To what degree do we want to enforce this? Of course, sipXconfig can limit what is written to resource-lists.xml, and that controls what information RLS passes around, which will stop ignorant users. Do we want to enforce that a user may only subscribe to his own resource list? Currently, the RLS enforces that the subscriber must have credentials for the domain, but does not enforce that the credentials match the resource list. (Since that level of protection of dialog events was not a requirement.) Do we want to enforce that an unauthorized subscriber cannot subscribe directly to a user's dialog events? What are we trying to stop? Dale _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
