Rosen, Brian wrote:
[Rama] That is a given that B2BUA can be made to sit in the middle and exert control and there are folks who are currently doing it. I am not sure why is that going to break end-2-end security. Are you presuming that without B2BUA there would have been authentication schemes and B2BUA may not.
[brian]Yes, users wish to authenticate that they are talking to their intended recipient, and a B2BUA will break such authentication, at least one that works the way you suggest.
Brian,
As with all things having to do with B2BUAs, whether it breaks authentication depends on lots of things. In particular, here it depends on your definition of "middle".
Middle could be "close" to one or the other of the endpoints, or it could be far from both. If a B2BUA is owned or operated on behalf of the user of one of the endpoints then it can potentially handle authentication just fine.
Paul
_______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
