2011/7/7 Brez Borland <brez...@gmail.com>: > Why would Proxy B want to _validate_ the certificate of Proxy A if it have > not done so when Proxy A established a connection? Proxy B might want to > _verify_ that Proxy A presented the same certificate when Proxy B falls > back.
Even if proxy-A has presented a valid certificate during the INVITE sent to proxy-B (a certificate that includes the domain in the INVITE From) it could occur that the Via sent-by of the INVITE points to other domain or other server. Shouldn't in that case proxy-B require certificate validation when contacting the "new" proxy-A? Also, in the case Via sent-by is an IP, should proxy-B remember that "this IP has sent me a valid certificate so now that I must contact it for response fallback mechanism I will not require validating again its cert"? -- Iñaki Baz Castillo <i...@aliax.net> _______________________________________________ Sip-implementors mailing list Sip-implementors@lists.cs.columbia.edu https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
