Iñaki Baz Castillo wrote:
> But if the algorithm for constructing temp gruus would be known then
> it would become a vulnerability :(
Security by obscurity is never a great choice.
Crypto techniques can largely avoid the vulnerability.
I thought this was discussed in the RFC. (But I'm too lazy to check
right now.)
Thanks,
Paul
_______________________________________________
Sip-implementors mailing list
Sip-implementors@lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
