This is related to a point that someone [My apologies for not remember
who] raised at the Chicago meeting:
What problem will sipsec solve that existing (and not well deployed)
security measures do not solve?
Given that current transitive-trust models of security are
well-deployed, my inclination is that it is important to provide
guidence to on the strengths and weaknesses of transitive-trust models
(in the hope that we can dissuade people from making false assumptions
about the systems they are deploying). I'm less convinced that it's
important to move forward with a brand new security measure, unless we
have good reason to believe that it will be more effective than existing
mechanisms.
- Matt Lepinski :->
Dean Willis wrote:
On Aug 14, 2007, at 12:02 AM, Cullen Jennings wrote:
I will note that we do have security mechanism to provide
confidentially over the bodies (but not headers) for attacks from
proxies we do not have a trust relationship with - and this is one
of the aspects used in determining if certain semantics might be
better in a body or header.
And you've got working examples of this security mechanism in
deployed networks?
--
Dean
_______________________________________________
Sip mailing list https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
_______________________________________________
Sip mailing list https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
