Are the applications working together to implement some service?
If so, then it would be reasonable for the clients to authenticate
themselves
against one of the elements, for example a proxy server that sits on the
"edge"
of the application's domain, and for subsequent nodes to implicitly trust
that
the subscriber has been authenticated.
-------------
Client --> | A B C |
-------------
In the diagram above, node A might be responsible for authenticating the
clients.
Nodes B and C would implicitly trust the client.
According to one model of network security, we might say that nodes A, B,
and C
form a trust domain and that the client joins the trust domain by
authenticating itself
with node A. Of course, this requires that nodes A, B and C to trust each
other. It
also leaves nodes B and C vulnerable if node A gets compromised.
Hope that helps.
--
Gary Cote
www.awardsolutions.com
_______________________________________________
Sip-implementors mailing list
[email protected]
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
