7 jul 2011 kl. 16.50 skrev Iñaki Baz Castillo: > 2011/7/7 Brez Borland <brez...@gmail.com>: >> Why would Proxy B want to _validate_ the certificate of Proxy A if it have >> not done so when Proxy A established a connection? Proxy B might want to >> _verify_ that Proxy A presented the same certificate when Proxy B falls >> back. > > Even if proxy-A has presented a valid certificate during the INVITE > sent to proxy-B (a certificate that includes the domain in the INVITE > From) it could occur that the Via sent-by of the INVITE points to > other domain or other server. Shouldn't in that case proxy-B require > certificate validation when contacting the "new" proxy-A? > > Also, in the case Via sent-by is an IP, should proxy-B remember that > "this IP has sent me a valid certificate so now that I must contact it > for response fallback mechanism I will not require validating again > its cert"?
Remember that we haven't began starting a discussion of ACK... If the contact is SIPS:o...@edvina.net and there's no record route... I really, really need to write this all down somewhere just to remember. /O _______________________________________________ Sip-implementors mailing list Sip-implementors@lists.cs.columbia.edu https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
