On Apr 9, 2008, at 11:53 AM, Michael Thomas wrote: >> RFC 4474 is a cross-domain authenticator. >> >> Use case: >> >> sip:[EMAIL PROTECTED] calls his voice mail provider's message >> retrieval box, sip:messages.example.net >> >> Since example.net trusts example.com's RFC 4474 assertions, the >> voicemail box at messages.example.net does not authenticate JoeBobs' >> request. Instead, it accepts on trust that example.com authenticated >> him, and plays out JoeBob's messages. >> >> This is AFAIK a valid use case for RFC 4474. >> > > It's a _valid_ use case, but is it a _real_ use case? That is, is > there > anybody out there using cross realm credentials in that way? Even > cellular isn't handled in that way because my sim is still with my > home provider even if I've roamed...
They don't now (or at least should not) because they don't have the tools for it. But if we give people a tool that appears to work for this purpose, we should expect them to use it for this purpose. ( I am curious what existing PSTN voice mail systems would do if someone else called my voicemail and spoofed my caller ID). Ben. _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
